github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-15 14:16:14 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 6

generate seccomp filters at install time

Browse source
This commit is contained in:
netblue30 2023-07-07 19:34:55 -04:00
parent 9e206b7f2c
commit 2b34747db5
2 changed files with 8 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

20
Makefile
View file

@ -37,7 +37,7 @@ SYNTAX_FILES := $(SYNTAX_FILES_IN:.in=)
ALL_ITEMS = $(APPS) $(SBOX_APPS) $(SBOX_APPS_NON_DUMPABLE) $(MYLIBS)
.PHONY: all
all: all_items mydirs filters $(CONTRIB_TARGET)
all: all_items mydirs $(CONTRIB_TARGET)
config.mk config.sh:
@printf 'error: run ./configure to generate %s\n' "$@" >&2
@ -53,28 +53,19 @@ mydirs: $(MYDIRS)
$(MYDIRS):
$(MAKE) -C $@
.PHONY: filters
filters: $(SECCOMP_FILTERS) $(SBOX_APPS_NON_DUMPABLE)
seccomp: src/fseccomp/fseccomp src/fsec-optimize/fsec-optimize
define build_filters
src/fseccomp/fseccomp default seccomp
src/fsec-optimize/fsec-optimize seccomp
seccomp.debug: src/fseccomp/fseccomp src/fsec-optimize/fsec-optimize
src/fseccomp/fseccomp default seccomp.debug allow-debuggers
src/fsec-optimize/fsec-optimize seccomp.debug
seccomp.32: src/fseccomp/fseccomp src/fsec-optimize/fsec-optimize
src/fseccomp/fseccomp secondary 32 seccomp.32
src/fsec-optimize/fsec-optimize seccomp.32
seccomp.block_secondary: src/fseccomp/fseccomp
src/fseccomp/fseccomp secondary block seccomp.block_secondary
seccomp.mdwx: src/fseccomp/fseccomp
src/fseccomp/fseccomp memory-deny-write-execute seccomp.mdwx
seccomp.mdwx.32: src/fseccomp/fseccomp
src/fseccomp/fseccomp memory-deny-write-execute.32 seccomp.mdwx.32
endef
# Makes all targets in contrib/
.PHONY: contrib
@ -187,6 +178,7 @@ endif
# libraries and plugins
install -m 0755 -d $(DESTDIR)$(libdir)/firejail
install -m 0755 -t $(DESTDIR)$(libdir)/firejail src/firecfg/firejail-welcome.sh
$(call build_filters)
install -m 0644 -t $(DESTDIR)$(libdir)/firejail $(MYLIBS) $(SECCOMP_FILTERS)
install -m 0755 -t $(DESTDIR)$(libdir)/firejail $(SBOX_APPS)
install -m 0755 -t $(DESTDIR)$(libdir)/firejail src/profstats/profstats

2
RELNOTES
View file

@ -20,6 +20,8 @@ firejail (0.9.73) baseline; urgency=low
#5618)
* bugfix: fix --hostname and --hosts-file commands
* bugfix: arp.c: ensure positive timeout on select(2) (#5806)
* bugfix: makefiles fixes: seccomp filters and man pages are build every
time when running make
* build: auto-generate syntax files (#5627)
* build: mark all phony targets as such (#5637)
* build: mkdeb.sh: pass all arguments to ./configure (#5654)