From eecbcd355e97f84ffb4a771d30ece16fa4b12f96 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Wed, 13 Apr 2016 09:48:54 -0400
Subject: [PATCH] profile fixes

---
 Makefile.in                 |  1 +
 README                      | 28 +++++++++++++++-------------
 README.md                   |  2 +-
 RELNOTES                    |  1 +
 etc/disable-devel.inc       |  2 +-
 platform/debian/conffiles   |  1 +
 src/firejail/fs.c           |  2 +-
 test/doubledash.exp         |  2 +-
 test/extract_command.exp    |  2 +-
 test/seccomp-dualfilter.exp |  4 ++--
 test/sound.exp              | 10 +++++-----
 test/wine.exp               |  2 +-
 12 files changed, 31 insertions(+), 26 deletions(-)

diff --git a/Makefile.in b/Makefile.in
index 701e2856f..d4a2a0eb0 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -160,6 +160,7 @@ realinstall:
 	install -c -m 0644 .etc/dillo.profile $(DESTDIR)/$(sysconfdir)/firejail/.
 	install -c -m 0644 .etc/cmus.profile $(DESTDIR)/$(sysconfdir)/firejail/.
 	install -c -m 0644 .etc/dnsmasq.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+	install -c -m 0644 .etc/palemoon.profile $(DESTDIR)/$(sysconfdir)/firejail/.
 	sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;"
 	sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/firejail.config ]; then install -c -m 0644 etc/firejail.config $(DESTDIR)/$(sysconfdir)/firejail/.; fi;"
 	rm -fr .etc
diff --git a/README b/README
index 46c9aefd2..380122b41 100644
--- a/README
+++ b/README
@@ -18,6 +18,21 @@ License: GPL v2
 Firejail Authors:
 
 netblue30 (netblue30@yahoo.com)
+Fred-Barclay (https://github.com/Fred-Barclay)
+	- added Vivaldi, Atril profiles
+	- added PaleMoon profile
+avoidr (https://github.com/avoidr)
+	- whitelist fix
+	- recently-used.xbel fix
+	- added parole profile
+	- blacklist ncat, manpage fixes,
+	- hostname support in profile file
+	- Google Chrome profile rework
+	- added cmus profile
+	- man page fixes
+	- add net iface support in profile files
+	- paths fix
+	- lots of profile fixes
 Petter Reinholdtsen (pere@hungry.com)
 	- Opera profile patch
 n1trux (https://github.com/n1trux)
@@ -30,8 +45,6 @@ Benjamin Kampmann (https://github.com/ligthyear)
 	- Forward exit code from child process
 dshmgh (https://github.com/dshmgh)
 	- overlayfs fix for systems with /home mounted on a separate partition
-Fred-Barclay (https://github.com/Fred-Barclay)
-	- added Vivaldi, Atril profiles
 yumkam (https://github.com/yumkam)
 	- add compile-time option to restrict --net= to root only
 	- man page fixes
@@ -95,17 +108,6 @@ Peter Hogg (https://github.com/pigmonkey)
 	- rtorrent profile
 rogshdo (https://github.com/rogshdo)
 	- BitlBee profile
-avoidr (https://github.com/avoidr)
-	- whitelist fix
-	- recently-used.xbel fix
-	- added parole profile
-	- blacklist ncat, manpage fixes,
-	- hostname support in profile file
-	- Google Chrome profile rework
-	- added cmus profile
-	- man page fixes
-	- add net iface support in profile files
-	- paths fix
 Bruno Nova (https://github.com/brunonova)
 	- whitelist fix
 	- bash arguments fix
diff --git a/README.md b/README.md
index c7adf3056..963adc437 100644
--- a/README.md
+++ b/README.md
@@ -281,5 +281,5 @@ $ man firejail-profile
 
 ## New security profiles
 lxterminal, Epiphany, cherrytree, Polari, Vivaldi, Atril, qutebrowser, SlimJet, Battle for Wesnoth, Hedgewars, qTox,
-OpenSSH client, OpenBox window manager, Dillo, cmus, dnsmasq.
+OpenSSH client, OpenBox window manager, Dillo, cmus, dnsmasq, PaleMoon
 
diff --git a/RELNOTES b/RELNOTES
index 2760d3f2a..1ae904083 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -18,6 +18,7 @@ firejail (0.9.40-rc1) baseline; urgency=low
   * new profiles: lxterminal, Epiphany, cherrytree, Polari, Vivaldi, Atril
   * new profiles: qutebrowser, SlimJet, Battle for Wesnoth, Hedgewars
   * new profiles: qTox, OpenSSH client, OpenBox, Dillo, cmus, dnsmasq
+  * new profiles: PaleMoon
   * build rpm packages using "make rpms"
   * bugfixes
  -- netblue30 <netblue30@yahoo.com>  Sun, 3 Apr 2016 08:00:00 -0500
diff --git a/etc/disable-devel.inc b/etc/disable-devel.inc
index ff7fb7f21..fa77ed8d1 100644
--- a/etc/disable-devel.inc
+++ b/etc/disable-devel.inc
@@ -40,7 +40,7 @@ blacklist /usr/bin/python2*
 blacklist /usr/lib/python2*
 blacklist /usr/local/lib/python2*
 blacklist /usr/include/python2*
-blacklist /usr/share/python2* #If this exists (not on my machine).
+blacklist /usr/share/python2*
 
 # Python 3
 blacklist /usr/bin/python3*
diff --git a/platform/debian/conffiles b/platform/debian/conffiles
index ec6928074..c16323a92 100644
--- a/platform/debian/conffiles
+++ b/platform/debian/conffiles
@@ -80,3 +80,4 @@
 /etc/firejail/dillo.profile
 /etc/firejail/cmus.profile
 /etc/firejail/dnsmasq.profile
+/etc/firejail/palemoon.profile
diff --git a/src/firejail/fs.c b/src/firejail/fs.c
index b3fafa0c2..7ee76d096 100644
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -501,7 +501,7 @@ void fs_blacklist(void) {
 		char *new_name = expand_home(ptr, homedir);
 		ptr = new_name;
 
-		// expand path macro - look for the file in /usr/local/bin, /bin, /usr/bin, /sbin and  /usr/sbin directories
+		// expand path macro - look for the file in /usr/local/bin,  /usr/local/sbin, /bin, /usr/bin, /sbin and  /usr/sbin directories
 		if (ptr) {
 			if (strncmp(ptr, "${PATH}", 7) == 0) {
 				char *fname = ptr + 7;
diff --git a/test/doubledash.exp b/test/doubledash.exp
index 3c8a42471..668468980 100755
--- a/test/doubledash.exp
+++ b/test/doubledash.exp
@@ -15,7 +15,7 @@ expect {
 }
 expect {
 	timeout {puts "TESTING ERROR 3\n";exit}
-	"parent is shutting down"
+	"Parent is shutting down"
 }
 sleep 1
 
diff --git a/test/extract_command.exp b/test/extract_command.exp
index cbc36afd4..99c1cc134 100755
--- a/test/extract_command.exp
+++ b/test/extract_command.exp
@@ -15,7 +15,7 @@ expect {
 }
 expect {
 	timeout {puts "TESTING ERROR 2\n";exit}
-	"parent is shutting down, bye"
+	"Parent is shutting down, bye"
 }
 sleep 1
 
diff --git a/test/seccomp-dualfilter.exp b/test/seccomp-dualfilter.exp
index b497be5ea..afdf8a53a 100755
--- a/test/seccomp-dualfilter.exp
+++ b/test/seccomp-dualfilter.exp
@@ -16,7 +16,7 @@ expect {
 expect {
 	timeout {puts "TESTING ERROR 2\n";exit}
 	"after mount" {puts "TESTING ERROR 2.1\n";exit}
-	"parent is shutting down"
+	"Parent is shutting down"
 }
 sleep 1
 
@@ -32,7 +32,7 @@ expect {
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
 	"after mount" {puts "TESTING ERROR 5.1\n";exit}
-	"parent is shutting down"
+	"Parent is shutting down"
 }
 
 puts "\nall done\n"
diff --git a/test/sound.exp b/test/sound.exp
index 7df50bf16..078f8b416 100755
--- a/test/sound.exp
+++ b/test/sound.exp
@@ -11,7 +11,7 @@ expect {
 }
 expect {
 	timeout {puts "TESTING ERROR 2\n";exit}
-	"parent is shutting down"
+	"Parent is shutting down"
 }
 sleep 2
 
@@ -27,7 +27,7 @@ expect {
 }
 expect {
 	timeout {puts "TESTING ERROR 5\n";exit}
-	"parent is shutting down"
+	"Parent is shutting down"
 }
 sleep 2
 
@@ -39,7 +39,7 @@ expect {
 }
 expect {
 	timeout {puts "TESTING ERROR 12\n";exit}
-	"parent is shutting down"
+	"Parent is shutting down"
 }
 sleep 2
 
@@ -55,7 +55,7 @@ expect {
 }
 expect {
 	timeout {puts "TESTING ERROR 15\n";exit}
-	"parent is shutting down"
+	"Parent is shutting down"
 }
 sleep 2
 
@@ -71,7 +71,7 @@ expect {
 }
 expect {
 	timeout {puts "TESTING ERROR 25\n";exit}
-	"parent is shutting down"
+	"Parent is shutting down"
 }
 sleep 2
 
diff --git a/test/wine.exp b/test/wine.exp
index d87c1f205..f5b7d12b4 100755
--- a/test/wine.exp
+++ b/test/wine.exp
@@ -23,7 +23,7 @@ expect {
 }
 expect {
 	timeout {puts "TESTING ERROR 4\n";exit}
-	"parent is shutting down, bye..."
+	"Parent is shutting down, bye..."
 }
 
 puts "\nall done\n"