RELNOTES and some more testing

2026-05-15 06:06:02 -06:00 · 2026-02-25 15:14:15 -05:00 · 2026-02-25 15:14:15 -05:00 · 01b741aa80
commit 01b741aa80
parent 35949963ff
4 changed files with 77 additions and 2 deletions
--- a/3
+++ b/3
@ -1020,6 +1020,9 @@ pianoslum (https://github.com/pianoslum)
 pierretom (https://github.com/pierretom)
 	- bugfix: fix French translation for ${PICTURES} macro (#6942)
 	- bugfix: add missing macros in profile.template (#6948)
+	- added --debug-syscall-groups command (88a75a6 etc.)
+	- compile time: include architecture-specific syscall headers (#7000)
+	- reorganize & update syscall groups  (#7024 etc.)
 pirate486743186 (https://github.com/pirate486743186)
 	- KMail profile
 	- mpsyt profile
--- a/17
+++ b/17
@ -5,28 +5,43 @@ firejail (0.9.79) baseline; urgency=low
    for --profile=filename (#6896)
  * security: updated the list of terminal emulators that can be used for
    sandbox escape (cbf4308)
+  * feature: --debug-syscall-groups command (88a75a6 etc.)
+  * feature: hide/unhide PID 1 inside the sandbox, command and profile
+    option (#7046)
+  * feature: --keep-hostname command and profile option (#7048)
+  * feature: adding apparmor profiles for --nettrace command (c133313)
+  * feature: add support for the new XDG-compliant Firefox config
+    directory (#7040) 
  * compile time: compile fix for --enable-only-syscfg-profiles ./config
    option (d1a58de)
  * compile time: removed ./configure --disable-man option (a655b7d)
  * compile time: removed ./configure --disable-usertmpfs option (b214d08)
-  * modif: include new generated syscall headers (#7000)
+  * compile time: include architecture-specific headers (#7000)
  * modif: reorganize & update syscall groups (#7024 etc.)
  * modif: make Xephyr default for --x11 option - currently Xpra is not
    available in Debian/Ubuntu and derivatives (cbb7a38)
  * bugfix: /home/user is mounted with noexec when --private is used (#6921)
  * bugfix: Void Linux/musl libc compile fixes (e602396, 0949685)
+  * bugfix: added link-local addresses to 'nolocal' firewall configs (#7054)
+  * bugfix: map sandbox hostname to ipv6 in /etc/hosts (#7077)
  * docs: man: non-ASCII hyphens - copy pasting commands fails on command
    line (#5903)
+  * docs: various other fixes and changes
  * ci: gitlab: install missing git-buildpackage dependency (#7017)
  * ci: gcov testing scripts update
+  * ci: update various automated tests
+  * ci: update and fixes for  make test-compile
  * profiles: yt-dlp: support deno JavaScript engine to fix YouTube (#6999)
  * profiles: yt-dlp: support browser cookies for authenticated downloads
    (#7030)
  * profiles: add deno paths (#7032, 2ba2f2d)
  * profiles: vesktop: fix screen sharing (#7043, b59005c)
+  * profiles: disable by default several systemd tools (ca934a2)
+  * profiles: fix allowing netcat in playonlinux and ssh profiles (#7059)
  * new profiles: fragments (#7023, 97871d7, f712b9a)
  * new profiles: srb2 (#6996, 9882aa0)
  * new profiles: zen, zen-bin, zen-browser (#7029, 09e376d, fa6bfd7)
+  * cleanup various files (including RELNOTES) after release 0.9.78
 -- netblue30 <netblue30@yahoo.com>  Sat, 3 Jan 2026 11:00:00 -0500

 firejail (0.9.78) baseline; urgency=low
--- a/test/apps/apps.sh
+++ b/test/apps/apps.sh
@ -36,7 +36,7 @@ echo "TESTING: pid 1 functionality (test/apps/pid1.exp)"

 # X11 apps
 x11apps=(firefox qbittorrent firefox-xephyr galculator libreoffice firefox-xorg \
-		 lowriter gimp inkscape emacs okular kdiff3 gpicview audacity \
+		 lowriter gimp inkscape firefox-neteth emacs okular kdiff3 gpicview audacity \
 		 pauvcontrol mpv dosbox gnome-screenshot \
 		 xterm x11-none xterm-xorg xterm-xephyr xterm-xpra firefox-xpra)

--- a/test/apps/firefox-neteth.exp
+++ b/test/apps/firefox-neteth.exp
@ -0,0 +1,57 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2026 Firejail Authors
+# License GPL v2
+
+set timeout 10
+spawn $env(SHELL)
+match_max 100000
+
+send -- "firejail --private --ignore=dns --net=enp5s0 firefox --no-remote www.debian.org\r"
+expect {
+    timeout {puts "TESTING ERROR 0\n";exit}
+    "Reading profile /etc/firejail/firefox.profile"
+}
+expect {
+    timeout {puts "TESTING ERROR 0.1\n";exit}
+    "Interface"
+}
+expect {
+    timeout {puts "TESTING ERROR 0.2\n";exit}
+    "eth0-"
+}
+expect {
+    timeout {puts "TESTING ERROR 0.3\n";exit}
+    "Default gateway"
+}
+expect {
+    timeout {puts "TESTING ERROR 1\n";exit}
+    -re "Child process initialized in \[0-9\]+.\[0-9\]+ ms"
+}
+sleep 5
+
+spawn $env(SHELL)
+send -- "firejail --list\r"
+expect {
+    timeout {puts "TESTING ERROR 2\n";exit}
+    "firejail"
+}
+expect {
+    timeout {puts "TESTING ERROR 3\n";exit}
+    "firefox"
+}
+after 100
+
+spawn $env(SHELL)
+send -- "firemon --seccomp\r"
+expect {
+    timeout {puts "TESTING ERROR 4\n";exit}
+    "firefox"
+}
+expect {
+    timeout {puts "TESTING ERROR 5\n";exit}
+    "Seccomp:	2"
+}
+sleep 1
+
+puts "\nall done\n"