0.9.47 development

README.md

@@ -62,161 +62,7 @@ Use this issue to request new profiles: https://github.com/netblue30/firejail/is
 `````
 
 `````
-# Current development version: 0.9.45
-`````
-
-`````
-## Desktop integration
-
-All --fix functionality is done by default in firecfg, --fix option was removed. Clicking on a program
-in desktop manager menu should start the program automatically in a sandbox if a profile
-is available in /etc/firejail. We cover about 300 different applications in this moment on all major desktop managers.
-
-Symlinks for the common file managers are installed in /usr/local/bin by firecfg. 
-File managers are usually started by default at login time, and will be sandboxed.
-Clicking on a file in the file manager will start the corresponding program in the same sandbox as the file manager.
-For example, clicking on a video file will start a sandboxed VLC running the video.
-We support in this moment XFCE, LXDE, MATE, Cinnamon and KDE.
-
-## AppImage
-
-Added AppImage type 2 support, and support for passing command line arguments to appimages.
-`````
-
-`````
-## X11 sandboxing support
-In this release we add support for Xvfb (X virtual framebuffer), an in-memory X display server.
-Xvfb allows the user to run graphical applications without a display (e.g., browser tests on a CI server)
-while also having the ability to take screenshots.
-
-
-  --x11=xvfb
-  Start Xvfb X11 server and attach the sandbox to this server.
-  Xvfb, short for X virtual framebuffer, performs all graphical
-  operations in memory without showing any screen output. Xvfb is
-  mainly used for remote access and software testing on headless
-  servers.
+# Current development version: 0.9.47
 
-  On Debian platforms Xvfb is installed with the command sudo apt-
-  get install xvfb. This feature is not available when running as
-  root.
+Upcoming release 0.9.46 was moved on 0.9.46-bugfixes branch: https://github.com/netblue30/firejail/tree/0.9.46-bugfixes
 
-  Example: remote VNC access
-
-  On the server we start a sandbox using Xvfb and openbox window
-  manager. The default size of Xvfb screen is 800x600 - it can be
-  changed in /etc/firejail/firejail.config (xvfb-screen). Some
-  sort of networking (--net) is required in order to isolate the
-  abstract sockets used by other X servers.
-
-  $ firejail --net=none --x11=xvfb openbox
-
-  *** Attaching to Xvfb display 792 ***
-
-  Reading profile /etc/firejail/openbox.profile
-  Reading profile /etc/firejail/disable-common.inc
-  Reading profile /etc/firejail/disable-common.local
-  Parent pid 5400, child pid 5401
-
-  On the server we also start a VNC server and attach it to the
-  display handled by our Xvfb server (792).
-
-  $ x11vnc -display :792
-
-  On the client machine we start a VNC viewer and use it to con‐
-  nect to our server:
-
-  $ vncviewer
-
-
-## New command line options
-`````
- --private-opt=file,directory
- Build a new /opt in a temporary filesystem, and copy the files
- and directories in the list. If no listed file is found, /opt
- directory will be empty. All modifications are discarded when
- the sandbox is closed.
-
- Example:
- $ firejail --private-opt=firefox /opt/firefox/firefox
-
- --private-srv=file,directory
- Build a new /srv in a temporary filesystem, and copy the files
- and directories in the list. If no listed file is found, /srv
- directory will be empty. All modifications are discarded when
- the sandbox is closed.
-
- Example:
- # firejail --private-srv=www /etc/init.d/apache2 start
-
- --machine-id
- Spoof id number in /etc/machine-id file - a new random id is
- generated inside the sandbox.
-
- Example:
- $ firejail --machine-id
-
- --allow-private-blacklist
- Allow blacklisting files in private home directory. By default
- these blacklists are disabled.
-
- Example:
- $ firejail --allow-private-blacklist --private=~/priv-dir
- --blacklist=~/.mozilla
-
- --hosts-file=file
- Use file as /etc/hosts.
-
- Example:
- $ firejail --hosts-file=~/myhosts firefox
-
- --writable-var-log
- Use the real /var/log directory, not a clone. By default, a
- tmpfs is mounted on top of /var/log directory, and a skeleton
- filesystem is created based on the original /var/log.
-
- Example:
- $ sudo firejail --writable-var-log
-
- --git-install
- Download, compile and install mainline git version of Firejail
- from the official repository on GitHub. The software is
- installed in /usr/local/bin, and takes precedence over the (old)
- version installed in /usr/bin. If for any reason the new version
- doesn't work, the user can uninstall it using --git-uninstall
- command and revert to the old version.
-
- Prerequisites: git and compile support are required for this com‐
- mand to work. On Debian/Ubuntu systems this support is installed
- using "sudo apt-get install build-essential git".
-
- Example:
-
- $ firejail --git-install
-
- --git-uninstall
- Remove the Firejail version previously installed in
- /usr/local/bin using --git-install command.
-
- Example:
-
- $ firejail --git-uninstall
-
-
- --nowhitelist=dirname_or_filename
- Disable whitelist for this directory or file.
-
-`````
-## New Profiles
-xiphos, Tor Browser Bundle, display (imagemagik), Wire, mumble, zoom, Guayadeque, qemu, keypass2,
-amarok, ark, atool, bleachbit, brasero, dolphin, dragon, elinks, enchant, exiftool, file-roller, gedit,
-gjs, gnome-books, gnome-clocks, gnome-documents, gnome-maps, gnome-music, gnome-photos, gnome-weather,
-goobox, gpa, gpg, gpg-agent, highlight, img2txt, k3b, kate, lynx, mediainfo, nautilus, odt2txt, pdftotext,
-simple-scan, skanlite, ssh-agent, tracker, transmission-cli, transmission-show, w3m, xfburn, xpra, wget,
-xed, pluma, Cryptocat, Bless, Gnome 2048, Gnome Calculator, Gnome Contacts, JD-GUI, Lollypop, MultiMC5,
-PDFSam, Pithos, Xonotic, wireshark, keepassx2, QupZilla, FossaMail, Uzbl browser, xmms, iridium browser,
-Kino, Thunar, Geeqie, Engrampa, Scribus, mousepad, gpicview, keepassxc, cvlc, MediathekView, baloo_file,
-Nylas, dino, BibleTime, viewnior, Kodi, viking, youtube-dl, meld, Arduino, Akregator, KCalc, KTorrent,
-Orage Globaltime, Orage Clendar, xfce4-notes, xfce4-dict, Ristretto, PCManFM, Dia, FontForge, Geany, Hugin,
-mate-calc, mate-dictionary, mate-color-select, caja, galculator, Nemo, gnome-font-viewer, gucharmap,
-knotes, clipit, leafpad, lximage-qt, lxmusic, qlipper, Xvfb, Xephyr, Blender, 2048-qt 

configure

@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for firejail 0.9.46~rc1.
+# Generated by GNU Autoconf 2.69 for firejail 0.9.47.
 #
 # Report bugs to <[email protected]>.
 #
@@ -580,8 +580,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='firejail'
 PACKAGE_TARNAME='firejail'
-PACKAGE_VERSION='0.9.46~rc1'
-PACKAGE_STRING='firejail 0.9.46~rc1'
+PACKAGE_VERSION='0.9.47'
+PACKAGE_STRING='firejail 0.9.47'
 PACKAGE_BUGREPORT='[email protected]'
 PACKAGE_URL='http:https://firejail.wordpress.com'
 
@@ -1265,7 +1265,7 @@ if test "$ac_init_help" = "long"; then
  # Omit some internal or obsolete options to make the list less imposing.
  # This message is too long to be a string in the A/UX 3.1 sh.
  cat <<_ACEOF
-\`configure' configures firejail 0.9.46~rc1 to adapt to many kinds of systems.
+\`configure' configures firejail 0.9.47 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1326,7 +1326,7 @@ fi
 
 if test -n "$ac_init_help"; then
  case $ac_init_help in
- short | recursive ) echo "Configuration of firejail 0.9.46~rc1:";;
+ short | recursive ) echo "Configuration of firejail 0.9.47:";;
  esac
  cat <<\_ACEOF
 
@@ -1434,7 +1434,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
  cat <<\_ACEOF
-firejail configure 0.9.46~rc1
+firejail configure 0.9.47
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1736,7 +1736,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by firejail $as_me 0.9.46~rc1, which was
+It was created by firejail $as_me 0.9.47, which was
 generated by GNU Autoconf 2.69. Invocation command line was
 
  $ $0 $@
@@ -4355,7 +4355,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by firejail $as_me 0.9.46~rc1, which was
+This file was extended by firejail $as_me 0.9.47, which was
 generated by GNU Autoconf 2.69. Invocation command line was
 
  CONFIG_FILES = $CONFIG_FILES
@@ -4409,7 +4409,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-firejail config.status 0.9.46~rc1
+firejail config.status 0.9.47
 configured by $0, generated by GNU Autoconf 2.69,
  with options \\"\$ac_cs_config\\"
 

configure.ac

@@ -1,5 +1,5 @@
 AC_PREREQ([2.68])
-AC_INIT(firejail, 0.9.46~rc1, [email protected], , http:https://firejail.wordpress.com)
+AC_INIT(firejail, 0.9.47, [email protected], , http:https://firejail.wordpress.com)
 AC_CONFIG_SRCDIR([src/firejail/main.c])
 #AC_CONFIG_HEADERS([config.h])