Package: firejail / 0.9.58.2-2

Metadata

Package Version Patches format
firejail 0.9.58.2-2 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
disable internet tests.patch | (download)

test/environment/dns.exp | 20 0 + 20 - 0 !
test/sysutils/sysutils.sh | 3 1 + 2 - 0 !
test/utils/trace.exp | 43 0 + 43 - 0 !
test/utils/utils.sh | 3 1 + 2 - 0 !
4 files changed, 2 insertions(+), 67 deletions(-)

 disable tests that attempt to access the internet
config hardening.patch | (download)

etc/firejail.config | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 change global default settings
 - restrict networking feature; new network namespace can be used to
   circumvent packet filter of default namespace (see #916920).
 - disable cgroup by default; can be used to move processes into
   less restricted cgroups.
Bug-Debian: https://bugs.debian.org/916920


apparmor include.patch | (download)

Makefile.in | 2 0 + 2 - 0 !
etc/firejail-default | 2 1 + 1 - 0 !
src/man/firejail.txt | 2 1 + 1 - 0 !
3 files changed, 2 insertions(+), 4 deletions(-)

 don't install local apparmor override file
 It will be created by dh_apparmor instead with a name matching the
 profile name (firejail-default).
Bug: https://github.com/netblue30/firejail/issues/2388


seccomp join.patch | (download)

src/firejail/firejail.h | 16 8 + 8 - 0 !
src/firejail/fs_lib.c | 1 1 + 0 - 0 !
src/firejail/preproc.c | 2 2 + 0 - 0 !
src/firejail/sandbox.c | 8 5 + 3 - 0 !
4 files changed, 16 insertions(+), 11 deletions(-)

 [patch] mount runtime seccomp files read-only (#2602)
Bug: https://github.com/netblue30/firejail/issues/2718
Bug-Debian: https://bugs.debian.org/929732
truncation.patch | (download)

src/firejail/shutdown.c | 11 5 + 6 - 0 !
1 file changed, 5 insertions(+), 6 deletions(-)

 [patch] shutdown option: give sandbox time to terminate
Bug: https://github.com/netblue30/firejail/issues/2401
Bug-Debian: https://bugs.debian.org/929733