diff options
Diffstat (limited to 'pcr/firejail')
-rw-r--r-- | pcr/firejail/001-addmoresecurity-firefox.patch | 34 | ||||
-rw-r--r-- | pcr/firejail/PKGBUILD | 26 | ||||
-rw-r--r-- | pcr/firejail/PKGBUILD.sig | bin | 543 -> 543 bytes |
3 files changed, 49 insertions, 11 deletions
diff --git a/pcr/firejail/001-addmoresecurity-firefox.patch b/pcr/firejail/001-addmoresecurity-firefox.patch new file mode 100644 index 000000000..0b8d764be --- /dev/null +++ b/pcr/firejail/001-addmoresecurity-firefox.patch @@ -0,0 +1,34 @@ +*** firefox.profile 2015-07-02 06:53:18.000000000 -0400 +--- firefox-patched.profile 2015-08-21 22:14:06.891765532 -0400 +*************** +*** 2,9 **** + include /etc/firejail/disable-mgmt.inc + include /etc/firejail/disable-secret.inc + include /etc/firejail/disable-common.inc .mozilla + caps.drop all + seccomp + netfilter +! noroot +! +--- 2,21 ---- + include /etc/firejail/disable-mgmt.inc + include /etc/firejail/disable-secret.inc + include /etc/firejail/disable-common.inc .mozilla ++ blacklist ${HOME}/.bash_history ++ blacklist ${HOME}/.ssh ++ blacklist ${HOME}/.sylpheed-2.0 ++ blacklist ${HOME}/.gnupg ++ blacklist ${HOME}/.mcabber ++ blacklist ${HOME}/.weechat ++ blacklist ${HOME}/.purple ++ blacklist ${HOME}/*.kdb ++ blacklist ${HOME}/*.dat ++ blacklist ${HOME}/*.key ++ blacklist ${HOME}/.electrum* ++ blacklist ${HOME}/.config/ ++ blacklist ${HOME}/.zsh_history + caps.drop all + seccomp + netfilter +! noroot +\ No newline at end of file diff --git a/pcr/firejail/PKGBUILD b/pcr/firejail/PKGBUILD index 00503d8ad..6475537ff 100644 --- a/pcr/firejail/PKGBUILD +++ b/pcr/firejail/PKGBUILD @@ -3,30 +3,34 @@ pkgname=firejail pkgver=0.9.28 -pkgrel=1 +pkgrel=2 pkgdesc="Linux namespaces sandbox program" -arch=(i686 x86_64) +arch=('i686' 'x86_64') license=(GPL2) url=https://l3net.wordpress.com/projects/firejail/ backup=(etc/firejail/login.users) -source=("https://downloads.sourceforge.net/project/$pkgname/$pkgname/$pkgname-$pkgver-rc1.tar.bz2" +source=("https://downloads.sourceforge.net/project/$pkgname/$pkgname/$pkgname-$pkgver.tar.bz2" 'PKGBUILD' -'PKGBUILD.sig') +'PKGBUILD.sig' +'001-addmoresecurity-firefox.patch') validpgpkeys=('CB6E213A349B8DF9E96B622AC3F4FFCF3EAE8697') # PKGBUILD Maintainer's key -sha512sums=('11343f51e1985483896a65dc21c4d9f82fe863649b817bab3cf748a198f67687114966558abb6029e0055984ce59262022f33a9bf74ba27ed2425592b32e5432' +sha512sums=('a0c6715cbaf1043f2ea92b33da5884b6ed0993b3e5d03a3edd181b6663a696a2a60a44e0ad39fc9fcfd50d79eb5acb2f0f33452467bf50912f558ec23ebfc125' + 'SKIP' + 'SKIP' + '09b42aa186b02fe59682e6c98c41a486a616b2e36f3a9daad2d778e7e30d0f89f2e29724d52981aa9b203c80412312b6dbe6748c1edd36accf95752d90cc4231') +whirlpoolsums=('84792b384d4e578347a859354d5639be24c3b370c3c6c07d245bbd35b7d6adcac8f5f382e92dec55a3a53cc68ea00fb7071be01aa390b37df5e0768f00efd90e' 'SKIP' -'SKIP') -whirlpoolsums=('02f9c641e91b4959383f3d61e03cc467a85f5bd7bdec52b137c061cec144573f7f3ecab47fa390aac6f497423fdac3adfd992e2851b32f9435c0e746fba730ca' 'SKIP' -'SKIP') +'a79506048c95d5dc6a3e3676075cf931c6c83c5a028e303e211efa9c5926aa186eab21770cdbbfde3419b401c88ab4816f6e7d9d42feb09c5d2d0c29a4c07c94') prepare() { - cd "${srcdir}/${pkgname}-${pkgver}-rc1" + cd "${srcdir}/${pkgname}-${pkgver}" sed -i '\|bash -c "if \[ ! -f /etc/firejail/login\.users | s|bash -c ".*"$|install -c -m 0644 etc/login.users $(DESTDIR)/etc/firejail/\.|' Makefile.in ## Fix "backup entry file not in packag" warning. + patch ${srcdir}/${pkgname}-${pkgver}/etc/firefox.profile $srcdir/001-addmoresecurity-firefox.patch ## Add additional blacklists to FireFox profile for more security } build() { - cd "${srcdir}/${pkgname}-${pkgver}-rc1" + cd "${srcdir}/${pkgname}-${pkgver}" # fix build export CFLAGS=${CFLAGS/-fsanitize=undefined/} ./configure --prefix=/usr @@ -34,6 +38,6 @@ build() { } package() { - cd "${srcdir}/${pkgname}-${pkgver}-rc1" + cd "${srcdir}/${pkgname}-${pkgver}" make DESTDIR="${pkgdir}" install }
\ No newline at end of file diff --git a/pcr/firejail/PKGBUILD.sig b/pcr/firejail/PKGBUILD.sig Binary files differindex 3704c880c..701949cb7 100644 --- a/pcr/firejail/PKGBUILD.sig +++ b/pcr/firejail/PKGBUILD.sig |