summaryrefslogtreecommitdiff
path: root/pcr/firejail
diff options
context:
space:
mode:
Diffstat (limited to 'pcr/firejail')
-rw-r--r--pcr/firejail/001-addmoresecurity-firefox.patch34
-rw-r--r--pcr/firejail/PKGBUILD26
-rw-r--r--pcr/firejail/PKGBUILD.sigbin543 -> 543 bytes
3 files changed, 49 insertions, 11 deletions
diff --git a/pcr/firejail/001-addmoresecurity-firefox.patch b/pcr/firejail/001-addmoresecurity-firefox.patch
new file mode 100644
index 000000000..0b8d764be
--- /dev/null
+++ b/pcr/firejail/001-addmoresecurity-firefox.patch
@@ -0,0 +1,34 @@
+*** firefox.profile 2015-07-02 06:53:18.000000000 -0400
+--- firefox-patched.profile 2015-08-21 22:14:06.891765532 -0400
+***************
+*** 2,9 ****
+ include /etc/firejail/disable-mgmt.inc
+ include /etc/firejail/disable-secret.inc
+ include /etc/firejail/disable-common.inc .mozilla
+ caps.drop all
+ seccomp
+ netfilter
+! noroot
+!
+--- 2,21 ----
+ include /etc/firejail/disable-mgmt.inc
+ include /etc/firejail/disable-secret.inc
+ include /etc/firejail/disable-common.inc .mozilla
++ blacklist ${HOME}/.bash_history
++ blacklist ${HOME}/.ssh
++ blacklist ${HOME}/.sylpheed-2.0
++ blacklist ${HOME}/.gnupg
++ blacklist ${HOME}/.mcabber
++ blacklist ${HOME}/.weechat
++ blacklist ${HOME}/.purple
++ blacklist ${HOME}/*.kdb
++ blacklist ${HOME}/*.dat
++ blacklist ${HOME}/*.key
++ blacklist ${HOME}/.electrum*
++ blacklist ${HOME}/.config/
++ blacklist ${HOME}/.zsh_history
+ caps.drop all
+ seccomp
+ netfilter
+! noroot
+\ No newline at end of file
diff --git a/pcr/firejail/PKGBUILD b/pcr/firejail/PKGBUILD
index 00503d8ad..6475537ff 100644
--- a/pcr/firejail/PKGBUILD
+++ b/pcr/firejail/PKGBUILD
@@ -3,30 +3,34 @@
pkgname=firejail
pkgver=0.9.28
-pkgrel=1
+pkgrel=2
pkgdesc="Linux namespaces sandbox program"
-arch=(i686 x86_64)
+arch=('i686' 'x86_64')
license=(GPL2)
url=https://l3net.wordpress.com/projects/firejail/
backup=(etc/firejail/login.users)
-source=("https://downloads.sourceforge.net/project/$pkgname/$pkgname/$pkgname-$pkgver-rc1.tar.bz2"
+source=("https://downloads.sourceforge.net/project/$pkgname/$pkgname/$pkgname-$pkgver.tar.bz2"
'PKGBUILD'
-'PKGBUILD.sig')
+'PKGBUILD.sig'
+'001-addmoresecurity-firefox.patch')
validpgpkeys=('CB6E213A349B8DF9E96B622AC3F4FFCF3EAE8697') # PKGBUILD Maintainer's key
-sha512sums=('11343f51e1985483896a65dc21c4d9f82fe863649b817bab3cf748a198f67687114966558abb6029e0055984ce59262022f33a9bf74ba27ed2425592b32e5432'
+sha512sums=('a0c6715cbaf1043f2ea92b33da5884b6ed0993b3e5d03a3edd181b6663a696a2a60a44e0ad39fc9fcfd50d79eb5acb2f0f33452467bf50912f558ec23ebfc125'
+ 'SKIP'
+ 'SKIP'
+ '09b42aa186b02fe59682e6c98c41a486a616b2e36f3a9daad2d778e7e30d0f89f2e29724d52981aa9b203c80412312b6dbe6748c1edd36accf95752d90cc4231')
+whirlpoolsums=('84792b384d4e578347a859354d5639be24c3b370c3c6c07d245bbd35b7d6adcac8f5f382e92dec55a3a53cc68ea00fb7071be01aa390b37df5e0768f00efd90e'
'SKIP'
-'SKIP')
-whirlpoolsums=('02f9c641e91b4959383f3d61e03cc467a85f5bd7bdec52b137c061cec144573f7f3ecab47fa390aac6f497423fdac3adfd992e2851b32f9435c0e746fba730ca'
'SKIP'
-'SKIP')
+'a79506048c95d5dc6a3e3676075cf931c6c83c5a028e303e211efa9c5926aa186eab21770cdbbfde3419b401c88ab4816f6e7d9d42feb09c5d2d0c29a4c07c94')
prepare() {
- cd "${srcdir}/${pkgname}-${pkgver}-rc1"
+ cd "${srcdir}/${pkgname}-${pkgver}"
sed -i '\|bash -c "if \[ ! -f /etc/firejail/login\.users | s|bash -c ".*"$|install -c -m 0644 etc/login.users $(DESTDIR)/etc/firejail/\.|' Makefile.in ## Fix "backup entry file not in packag" warning.
+ patch ${srcdir}/${pkgname}-${pkgver}/etc/firefox.profile $srcdir/001-addmoresecurity-firefox.patch ## Add additional blacklists to FireFox profile for more security
}
build() {
- cd "${srcdir}/${pkgname}-${pkgver}-rc1"
+ cd "${srcdir}/${pkgname}-${pkgver}"
# fix build
export CFLAGS=${CFLAGS/-fsanitize=undefined/}
./configure --prefix=/usr
@@ -34,6 +38,6 @@ build() {
}
package() {
- cd "${srcdir}/${pkgname}-${pkgver}-rc1"
+ cd "${srcdir}/${pkgname}-${pkgver}"
make DESTDIR="${pkgdir}" install
} \ No newline at end of file
diff --git a/pcr/firejail/PKGBUILD.sig b/pcr/firejail/PKGBUILD.sig
index 3704c880c..701949cb7 100644
--- a/pcr/firejail/PKGBUILD.sig
+++ b/pcr/firejail/PKGBUILD.sig
Binary files differ