GNU bug report logs -
#64199
[PATCH] gnu: Add firejail.
Previous Next
Reported by: kiasoc5 <kiasoc5 <at> disroot.org>
Date: Wed, 21 Jun 2023 00:59:02 UTC
Severity: normal
Tags: patch
Done: Ludovic Courtès <ludo <at> gnu.org>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 64199 in the body.
You can then email your comments to 64199 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
leo <at> famulari.name, me <at> tobias.gr, guix-patches <at> gnu.org:
bug#64199; Package
guix-patches.
(Wed, 21 Jun 2023 00:59:02 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
kiasoc5 <kiasoc5 <at> disroot.org>:
New bug report received and forwarded. Copy sent to
leo <at> famulari.name, me <at> tobias.gr, guix-patches <at> gnu.org.
(Wed, 21 Jun 2023 00:59:02 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
Firejail compiles ok, but I'm currently unable to test this on Guix system, so I don't know if any other patching is required to make it work as expected.
* gnu/packages/linux.scm (firejail): New variable.
---
gnu/packages/linux.scm | 29 +++++++++++++++++++++++++++++
1 file changed, 29 insertions(+)
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 52fb883467..fe22412fbc 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -10135,6 +10135,35 @@ (define-public kconfig-hardened-check
This tool supports checking Kconfig options and kernel cmdline parameters.")
(license license:gpl3)))
+(define-public firejail
+ (package
+ (name "firejail")
+ (version "0.9.72")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/netblue30/firejail/releases/download/" version
+ "/firejail-" version
+ ".tar.xz" ))
+ (sha256
+ (base32
+ "1x77xy1mwfgjrcsymdda82bjnqgl7z2yymcb10mzd1zwik27gqc2"))))
+ (arguments
+ (list #:phases
+ #~(modify-phases %standard-phases
+ (replace 'check
+ (lambda* (#:key tests? #:allow-other-keys)
+ (when tests?
+ (with-directory-excursion "test"
+ (invoke "make"))))))))
+ (build-system gnu-build-system)
+ (inputs
+ (list apparmor xdg-dbus-proxy))
+ (synopsis "Linux namespaces sandbox program")
+ (description
+ "Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces, seccomp-bpf and Linux capabilities. The software includes sandbox profiles for a number of common Linux programs. Firejail should be added to the list of setuid programs in the system configuration to work properly.")
+ (home-page "https://github.com/netblue30/firejail")
+ (license license:gpl2)))
+
(define-public edac-utils
(package
(name "edac-utils")
base-commit: 1a0ff5cd83d3257efcab64740a1322de51fbc4a1
--
2.41.0
Information forwarded
to
leo <at> famulari.name, me <at> tobias.gr, guix-patches <at> gnu.org:
bug#64199; Package
guix-patches.
(Wed, 21 Jun 2023 01:02:02 GMT)
Full text and
rfc822 format available.
Message #8 received at 64199 <at> debbugs.gnu.org (full text, mbox):
Forgot to add apparmor use-module.
* gnu/packages/linux.scm (firejail): New variable.
---
gnu/packages/linux.scm | 30 ++++++++++++++++++++++++++++++
1 file changed, 30 insertions(+)
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 52fb883467..e7576475bc 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -95,6 +95,7 @@ (define-module (gnu packages linux)
#:use-module (gnu packages acl)
#:use-module (gnu packages admin)
#:use-module (gnu packages algebra)
+ #:use-module (gnu packages apparmor)
#:use-module (gnu packages audio)
#:use-module (gnu packages autotools)
#:use-module (gnu packages avahi)
@@ -10135,6 +10136,35 @@ (define-public kconfig-hardened-check
This tool supports checking Kconfig options and kernel cmdline parameters.")
(license license:gpl3)))
+(define-public firejail
+ (package
+ (name "firejail")
+ (version "0.9.72")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "https://github.com/netblue30/firejail/releases/download/" version
+ "/firejail-" version
+ ".tar.xz" ))
+ (sha256
+ (base32
+ "1x77xy1mwfgjrcsymdda82bjnqgl7z2yymcb10mzd1zwik27gqc2"))))
+ (arguments
+ (list #:phases
+ #~(modify-phases %standard-phases
+ (replace 'check
+ (lambda* (#:key tests? #:allow-other-keys)
+ (when tests?
+ (with-directory-excursion "test"
+ (invoke "make"))))))))
+ (build-system gnu-build-system)
+ (inputs
+ (list apparmor xdg-dbus-proxy))
+ (synopsis "Linux namespaces sandbox program")
+ (description
+ "Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces, seccomp-bpf and Linux capabilities. The software includes sandbox profiles for a number of common Linux programs. Firejail should be added to the list of setuid programs in the system configuration to work properly.")
+ (home-page "https://github.com/netblue30/firejail")
+ (license license:gpl2)))
+
(define-public edac-utils
(package
(name "edac-utils")
base-commit: 1a0ff5cd83d3257efcab64740a1322de51fbc4a1
--
2.41.0
Reply sent
to
Ludovic Courtès <ludo <at> gnu.org>:
You have taken responsibility.
(Tue, 18 Jul 2023 12:06:02 GMT)
Full text and
rfc822 format available.
Notification sent
to
kiasoc5 <kiasoc5 <at> disroot.org>:
bug acknowledged by developer.
(Tue, 18 Jul 2023 12:06:02 GMT)
Full text and
rfc822 format available.
Message #13 received at 64199-done <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
kiasoc5 <kiasoc5 <at> disroot.org> skribis:
> Forgot to add apparmor use-module.
>
> * gnu/packages/linux.scm (firejail): New variable.
Hi! Applied with the changes below (‘gpl2+’ because source code headers
carry the “or any later version” wording).
Thanks,
Ludo’.
[Message part 2 (text/x-patch, inline)]
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 18c69d8a61..39503de6ff 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -10172,9 +10172,9 @@ (define-public firejail
(version "0.9.72")
(source (origin
(method url-fetch)
- (uri (string-append "https://github.com/netblue30/firejail/releases/download/" version
- "/firejail-" version
- ".tar.xz" ))
+ (uri (string-append
+ "https://github.com/netblue30/firejail/releases/download/" version
+ "/firejail-" version ".tar.xz" ))
(sha256
(base32
"1x77xy1mwfgjrcsymdda82bjnqgl7z2yymcb10mzd1zwik27gqc2"))))
@@ -10191,9 +10191,16 @@ (define-public firejail
(list apparmor xdg-dbus-proxy))
(synopsis "Linux namespaces sandbox program")
(description
- "Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces, seccomp-bpf and Linux capabilities. The software includes sandbox profiles for a number of common Linux programs. Firejail should be added to the list of setuid programs in the system configuration to work properly.")
+ "Firejail is a SUID sandbox program that reduces the risk of security
+breaches by restricting the running environment of untrusted applications
+using Linux namespaces, seccomp-bpf and Linux capabilities. The software
+includes sandbox profiles for a number of common Linux programs. Firejail
+should be added to the list of setuid programs in the system configuration to
+work properly.")
(home-page "https://github.com/netblue30/firejail")
- (license license:gpl2)))
+ (supported-systems
+ (filter (cut string-suffix? "-linux" <>) %supported-systems))
+ (license license:gpl2+)))
(define-public edac-utils
(package
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Wed, 16 Aug 2023 11:24:16 GMT)
Full text and
rfc822 format available.
This bug report was last modified 1 year and 303 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.