upgrade to firejail 0.9.34

5 files changed, 50 insertions, 89 deletions

diff --git a/pcr/firejail/001-disable-secret.inc-more-security.patch b/pcr/firejail/001-disable-secret.inc-more-security.patch
deleted file mode 100644
index da84ffb68..000000000
--- a/pcr/firejail/001-disable-secret.inc-more-security.patch
+++ /dev/null
@@ -1,10 +0,0 @@
-*** disable-secret.inc	2015-09-24 07:10:07.000000000 -0400
---- disable-secret.inc.patched	2015-10-23 19:35:33.106100952 -0400
-***************
-*** 6,8 ****
---- 6,10 ----
-  blacklist ${HOME}/kde/share/apps/kwallet
-  blacklist ${HOME}/.gnupg
-  blacklist ${HOME}/.local/share/recently-used.xbel
-+ blacklist ${HOME}/*.kdb
-+ blacklist ${HOME}/*.key
diff --git a/pcr/firejail/002-disable-common.inc-more-security.patch b/pcr/firejail/002-disable-common.inc-more-security.patch
deleted file mode 100644
index 91dd71dd0..000000000
--- a/pcr/firejail/002-disable-common.inc-more-security.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-*** disable-common.inc	2015-09-27 13:04:49.000000000 -0400
---- disable-common.inc.patched	2015-10-23 19:35:44.996798469 -0400
-***************
-*** 4,9 ****
---- 4,10 ----
-  blacklist ${HOME}/.mozilla
-  blacklist ${HOME}/.icedove
-  blacklist ${HOME}/.thunderbird
-+ blacklist ${HOME}/.sylpheed-2.0
-  blacklist ${HOME}/.config/midori
-  blacklist ${HOME}/.config/opera
-  blacklist ${HOME}/.config/chromium
-***************
-*** 13,20 ****
---- 14,31 ----
-  blacklist ${HOME}/.local/share/systemd
-  
-  # Instant Messaging
-+ blacklist ${HOME}/.config/hexchat
-+ blacklist ${HOME}/.mcabber
-  blacklist ${HOME}/.purple
-  blacklist ${HOME}/.config/psi+
-+ blacklist ${HOME}/.retroshare
-+ blacklist ${HOME}/.weechat
-+ blacklist ${HOME}/.config/xchat
-+ 
-+ # Cryptocoins
-+ blacklist ${HOME}/.*coin
-+ blacklist ${HOME}/.electrum*
-+ blacklist ${HOME}/wallet.dat
-  
-  # VNC
-  blacklist ${HOME}/.remmina
diff --git a/pcr/firejail/PKGBUILD b/pcr/firejail/PKGBUILD
index 5412aa187..23178c74a 100644
--- a/pcr/firejail/PKGBUILD
+++ b/pcr/firejail/PKGBUILD
@@ -2,7 +2,7 @@
 # Contributor (Arch): ajs124 < aur AT ajs124 DOT de > 
 
 pkgname=firejail
-pkgver=0.9.32
+pkgver=0.9.34
 pkgrel=1
 pkgdesc="Linux namespaces sandbox program"
 arch=('i686' 'x86_64' 'armv7h')
@@ -11,39 +11,27 @@ url=https://l3net.wordpress.com/projects/firejail/
 source=("https://downloads.sourceforge.net/project/$pkgname/$pkgname/$pkgname-$pkgver.tar.bz2"
 'PKGBUILD'
 'PKGBUILD.sig'
-'001-disable-secret.inc-more-security.patch'
-'002-disable-common.inc-more-security.patch'
 "$pkgname.install")
 install=("$pkgname.install")
 validpgpkeys=('CB6E213A349B8DF9E96B622AC3F4FFCF3EAE8697') # PKGBUILD Maintainer's key
-sha512sums=('02beec4771a0bb3ae75890162e2f5bbee6dbbf51dc972e31a2e133251127f4c6666f53b5f5100ad6133a20ad4e8d128a42a8899d0079820aa76c97b830fe07c3'
-            'SKIP'
-            'SKIP'
-            '1321ffb099489c1b6748e6a27c196d36cdfb7f125114c8eed8ecf5c777b2ceba5b9bb205113d7dbdee5ca287f7277d0b5b20b9f3061cf8cf3e961c0831b83e48'
-            'ea248b9de6ae51e6e307d61cff44ac2b9298c66a7376268e65640e536e9e847e8a9b115d0855b8654334fba76a1673340829c8628128ec91e7ad09820a4863bf'
-            'f8fe99ddb8130419281ca387578c49473c7c91908e1f151a1bbc3d45663f0a4b7a6fa346aa5ec94617c05c16a82b1de439981c71261bc59bd05767f2d408c12f')
-whirlpoolsums=('c87471107017d1b20dbaa97bcf4bdf9abc30cba4177d6db1738861cba38612d96b1cb4e9a0d3df0aaea869c745168de45332e0224a9c5e3b7453b457f7ad9b74'
+sha512sums=('456751a987c89b020c7152ab9b3aabd69b573c64daff84ca8d36acd74ebe0d268bc2be879d02ab95842d8afb1b1e47b3917650593c24bf74cb287a821b67df00'
 'SKIP'
 'SKIP'
-'422626df14c9669f5f36e7092467d0a9ca4b1bf90d7227416481c5f979283f038144acbae28cfb1c60b2c0887191771c9f9beb0d0663f8542e51061198aff052'
-'71ad60139c7a7f3b987c8d472cef293996126c13c04a358bad29ba4f8d02d60050862acf881bb8448943c1170001dd1dcc611006d38b9ec50e1e04ac98602aff'
-'fb08f184d8d052aedf6145107388082d3ca2c6157308730df4c318fee46bbec294b801c3dd6bb07f39e924b617b1d643ad1736408b174e8f645eabf460c7b6f2')
+'6d855868069dffdb416f31376cc1069d330e792f34970524dc83d67b14416f57cef68955a980fe2ec102590ae91757fb45f45f4d18e5320a385a1bbca2f39192')
 
 prepare() {
 	cd "${srcdir}/${pkgname}-${pkgver}"
-	sed -i '\|bash -c "if \[ ! -f /etc/firejail/login\.users | s|bash -c ".*"$|install -c -m 0644 etc/login.users $(DESTDIR)/etc/firejail/\.|' Makefile.in ## Fix "backup entry file not in package" warning.
 
-        ## Add additional blacklists to harden firejail ##
-	patch ${srcdir}/${pkgname}-${pkgver}/etc/disable-secret.inc $srcdir/001-disable-secret.inc-more-security.patch
-	patch ${srcdir}/${pkgname}-${pkgver}/etc/disable-common.inc $srcdir/002-disable-common.inc-more-security.patch
-
-	## Remove non-libre program profiles. ##
+	## Begin Removal of non-libre program profiles. ##
 	rm ${srcdir}/${pkgname}-${pkgver}/etc/chromium-browser.profile
 	sed -i 's|install -c -m 0644 etc/chromium-browser.profile $(DESTDIR)/$(sysconfdir)/firejail/.||'  ${srcdir}/${pkgname}-${pkgver}/Makefile.in
 
 	rm ${srcdir}/${pkgname}-${pkgver}/etc/chromium.profile
 	sed -i 's|install -c -m 0644 etc/chromium.profile $(DESTDIR)/$(sysconfdir)/firejail/.||'  ${srcdir}/${pkgname}-${pkgver}/Makefile.in
 
+	rm ${srcdir}/${pkgname}-${pkgver}/etc/google-chrome.profile
+	sed -i 's|install -c -m 0644 etc/google-chrome.profile $(DESTDIR)/$(sysconfdir)/firejail/.||'  ${srcdir}/${pkgname}-${pkgver}/Makefile.in
+
 	rm ${srcdir}/${pkgname}-${pkgver}/etc/dropbox.profile
 	sed -i 's|install -c -m 0644 etc/dropbox.profile $(DESTDIR)/$(sysconfdir)/firejail/.||'  ${srcdir}/${pkgname}-${pkgver}/Makefile.in
 	
@@ -52,6 +40,14 @@ prepare() {
 
 	rm ${srcdir}/${pkgname}-${pkgver}/etc/spotify.profile
 	sed -i 's|install -c -m 0644 etc/spotify.profile $(DESTDIR)/$(sysconfdir)/firejail/.||'  ${srcdir}/${pkgname}-${pkgver}/Makefile.in
+
+	rm ${srcdir}/${pkgname}-${pkgver}/etc/steam.profile
+	sed -i 's|install -c -m 0644 etc/steam.profile $(DESTDIR)/$(sysconfdir)/firejail/.||'  ${srcdir}/${pkgname}-${pkgver}/Makefile.in
+
+	rm ${srcdir}/${pkgname}-${pkgver}/etc/skype.profile
+	sed -i 's|install -c -m 0644 etc/skype.profile $(DESTDIR)/$(sysconfdir)/firejail/.||'  ${srcdir}/${pkgname}-${pkgver}/Makefile.in
+        ### End Removing of non-free files ###
+
 }
 
 build() {
diff --git a/pcr/firejail/PKGBUILD.sig b/pcr/firejail/PKGBUILD.sig
index 05403c598..970bf9e32 100644
--- a/pcr/firejail/PKGBUILD.sig
+++ b/pcr/firejail/PKGBUILD.sig
diff --git a/pcr/firejail/firejail.install b/pcr/firejail/firejail.install
index f39164692..208f654a9 100644
--- a/pcr/firejail/firejail.install
+++ b/pcr/firejail/firejail.install
@@ -1,12 +1,13 @@
 pre_upgrade() {
-echo "Checking 26 firejail profiles for user modification, backing up as needed..."
+echo "Checking 33 firejail profiles for user modification, backing up as needed..."
 	FilesToCheck=(
 '/etc/firejail/audacious.profile'
 '/etc/firejail/clementine.profile'
+'/etc/firejail/conkeror.profile'
 '/etc/firejail/deadbeef.profile'
 '/etc/firejail/deluge.profile'
 '/etc/firejail/disable-common.inc'
-'/etc/firejail/disable-history.inc'
+'/etc/firejail/disable-devel.inc'
 '/etc/firejail/disable-mgmt.inc'
 '/etc/firejail/disable-secret.inc'
 '/etc/firejail/empathy.profile'
@@ -31,40 +32,43 @@ echo "Checking 26 firejail profiles for user modification, backing up as needed.
 '/etc/firejail/transmission-gtk.profile'
 '/etc/firejail/transmission-qt.profile'
 '/etc/firejail/vlc.profile'
+'/etc/firejail/wine.profile'
 '/etc/firejail/xchat.profile')
 
 OriginalFileHashes=(
-'fcd9b1c17f7c67e28c3d7d9baef5e04d1fa3c1e652cb7377ff955c56a7434a51b13d2ed86fdf1365eaed595cfa9a7ee5983d240f16f34db43e830ea976160f36'
-'96217eab44531f9a4d5f062d0a3d5e55e413df5e55e7b617ff1b42b66830663b72a4356752cac0966bd38075891a7be518fe7b83fe8d2b6f309006112aed8684'
-'b20818d85f450f367f8e97cf3fc62848aa9365fc73dc63098a0d671120149425889ab14ad938664a2ea18dfe0f836e182af2c1333eab352a0adfb93c94c09798'
-'ebea3e357bd9c0174aaa8c0a52f2ef2458c96dd60072c654181425243ffcb929f81b1931bb2ab7896eb55fa90c28d1aacaf90f662c5b63a90509e2262631ec02'
-'71ad60139c7a7f3b987c8d472cef293996126c13c04a358bad29ba4f8d02d60050862acf881bb8448943c1170001dd1dcc611006d38b9ec50e1e04ac98602aff'
-'2e412845bf7db285aef97b8c48b73a6fb59377ba21cbd5ac51650a5acb57eae6658ff149516c73e477012e89067fb81c5585ad4e7b430d424f020118cd5b6824'
+'475365b623b1f879005476ca6ea5d6e6c17f1cfaeb81bade5d99256e86eb52592abb07fefd7b25dd02ac11fcc83f9b31ba7e5bb0124225b19f44d559d5aceb9e'
+'7c57c690f0e38b2095cff19d7460c4f833efa979a303d579d16ee306184ff3c9ea94b4e2ec926958354c42cb5c47ee53674d81ae6f8adcd1279c9e905c622d1f'
+'6bf30e18a4e6cf02fcb3021378a7e8fe7edc1afe4b2012fbc567003d2f2446f7c0a4fc15b4c2a04c038d65393a9add1fc1fbcdecd7011c8fc496e6af5eee155e'
+'d1e95c53bc19da0e644b4ebe5bd20fa5e9cc7862f2e07110d7ce4f9a45ddb679b38edfb9ff26c1ad6b0e49d359d15334995475004b2c5a1e1aeac40278bb4b2d'
+'953009d2f096c909fbb597d61981ab620d8214e538da57f172773fedaf1b1dba959fcd21104da1a4bfb2723d366a8e35699ba7166614888d8c33c757c23dc460'
+'74a3cdca9da6ee82467b7c7e077d7aabd3440b4bef54cac8c9548724468e22b7cec11c4a50360d7e6db18a53f99be5bb39ca023722a4e266039ae491b68a9793'
+'08a24b721f29a21aff677152079607b95cb523cb379a04c909c80bacd5cad12ebc1f7f8ce40bf84598d6d7df5cbe1638789534259dcac27ca956546365a2e18b'
 'c36cb56d0ca440307fea86ed41d697603f48a0273dd313aad3ddc5886a31f43425c24546cda6227b55d11ab2f46352b3f2591239d08694f2442e4b30525ac3b9'
-'422626df14c9669f5f36e7092467d0a9ca4b1bf90d7227416481c5f979283f038144acbae28cfb1c60b2c0887191771c9f9beb0d0663f8542e51061198aff052'
-'deb91a0f2a00209997e5bd66bd3a34bd77eb722ac3750fcc2c4779a0ae224a35e99800f9a7f0d31b41f01e7c797da8556e84404f6a7285606f336be21eb590d7'
-'b8880a5c9ad0f608ba76587b72b56326a331f1bae5520b9b663ed2c6ba62a36bf122155520fd1018c8bb84618843a9a02ae8d14e2c9aa128b58685136fe53e31'
-'52b7d856f826988f610524b9432252f36d4202fddab14476f06c2a0d6ce1c5109a66a329d6ae16bd00c9bbf81cd33c4c3dcd9c708a84adc5c986f5612d14a1b2'
-'d09a25dab801bbde8aa5d3a5fc24586dddd460a687da49037cd14902dcd572eb7b1dec2c2cb6921047891294ff4bd0dc882de7aa64db10b15c7f44133e03e9f9'
-'e0a5824a53d2464955d47760bedbebfd6ca93e3618ed9f2e2434dcefebd357a98362e600bf4507012b1e6ab343609bad52372c90b3162eb9d85637d433c19b83'
-'84ba92338aa5ca8c01be84a274fcb71f8fa4bb950b938f6b9fd32297ded2739f6aef4733e6cb787dc366a9a7f04119767d48e56d86f0d2fcb10c28bf58faf86b'
-'39a736617d8663a4cbd865ba5bb2c4f3896a2f969b637a62fb3f4da2a18c6d7611a93add84bc02174aaa96e7c2412d36a5485b2d444a0cc51e6320212ec4418d'
+'8a07bb966834e91d8dacfb29399655a3e5e48b752fe04b30ba79125b60f82b40a25cf8047b2e7a2882d1c67494f5b42a0243377ae55ee7dbb66fb2dfe8b4d1e8'
+'1aed5fd7a711f68e1d1522be8caee86c8f0df2799b3d5e59abea96fa4c3424d5df393b549c15eff3ffe849a9ba3a2a96f1eb41ea9a4ef003a2344df15e107f8f'
+'93f40b47b08eee43e02db3915ac8e1275114f754dc6b24707ad07d2007c4c9abd8a09984e4ce78fda25100908f863a4cba5d6256d227816af717510145366ed5'
+'c4810f982f370f480f116eefe33bccd5f91a60f615a809b8c5e66db6c6e557f42cea07e66ddd41badad39a4e0a39cafc4fee82ad8aa61fe4fb6c6b2a3d812491'
+'d635adcc12bdc92e9fae2ab7084c4506aa4f4687881478820f2c979de7d822d7ccb45bb6eee19923e498c163ceb7bf62e73d5ab362aa9c96b5d1df94e57c2124'
+'fb475c80095f4e5c2fda5d540af4c0499fb07fa080f0c76634458d611de202249789f7d5586ab8b7dede9c0fd8c8fe0c9dc26c3b7f537d696ff0c2f13230b188'
+'fb6c319412a8f5c45361354508d08a020df1798cb00fa3295be0df9eebd0dd7efe59189106402a6b8761afd11dff8bc438f7ac1c7de981a5bcebd0027e428ccc'
+'3b3e54a9fc1e60da4082660b2f179a7667f79da1094325eb6979bf08a3f5a7dc2e54c28041363e7555f5b2eb4590810c20ec9e5914a6c1c4323a86727a01f8c9'
 '81db63b03b1f950b1e7810fab38ce4fe5776f11e3036848da6298d9002b5c4683028d4fdd630db118d428fd91e5118872b5b2ccff9c82d02a966765efdb9dc17'
 '9a8c4d7ce893340da2d9cc8237cecf8bca2865e5552747c480a1f803072960b7aa571b2693600076ea8800b86e1d0945d8a535fffcdbe9569b3820a477b155d2'
 '8ded98eec8c11af8defef583227ea833beca534e5f2be48b52ec75152afddf14d78ba47442237e84eda8bb1b8361b1afecd63576f8ef6b18d50fb8c6559e8638'
 '672fa8b25ed28a07efb41fad6415c9fa96ce4bf4f4a1a6412595afb309ef6c1e67033ee256f997c32e9abe25bd6a100160ff12f2235c9be289c223547d03ca95'
-'ccd607fc22ea583fcd2e69a9d3524bf6e3c7839464d17cac6d26be1917a5d1b2bbc7623930af4e3faa3ccf890caa86a4940271958f206e2f1b66a0af4b49b3ee'
-'9e100bb2f51d5ef8d04325a83e80c54fbcd85a082c35d3f5aa7eabc79028cfd90d3a1537768e5b7f93468d2ddbbf15ca421784820ceb6d718915e5a5fe584c6c'
-'9f5990e680f85343615fe26f032b8ffcff9cc34772fc546b66d728788a097c91751c91cf56c27c678226a1737c59d1da95970ca88ee58477bdb3d9263336ce28'
-'96d1dd388e08ed702e4a7580dad5f759b9d969dc12cc9a1f50431d7a73302b4c1ce1cde5855ae045d3aaba81b733edd7120066ce298c12822706344e590f11e2'
-'03393bb3fa555ee9d402770faaece0ec8c974631995d0ea08548a6d849d2c8f09d7df10b1350dae1449cfd6df37cf4013d715cdd2bca865878d8c135f73737d6'
+'92d90375a560f3d6c94b3cf6c2d0de06d8e76d8d40eb80ebaf85de844b323c0ec283bc9bca753b2bf301587dda5237883ccd6062f9d5e3c2e8dc7dc33476ce6a'
+'6a2869827fb38740ef81b93c88880f55a3fb186a82ff6e0dc4142d1fd620d3eb53f8fb36e95482afea6b7865a9cf9d2a7dea172a90792ca37a24f0af6ed39b69'
+'e18d294d10a103f1da5d27a12ee867c84920dcd081f7c4daa4e46f6722962a993c3c62295daaed4c19b928d336dda56d4f2ae75dd1c3d5c5f35f878ce76060f0'
+'2278e3d1ec06e20c2aa7bcced46a5c01bf55f94d6e286f6433bf44177c912709e8d5e0a4c553b2a3af67dfdca6061e95eadfb648f4c606f0bd819b5fef1af03f'
+'b8d8a9620a28b67752788c2af2fc0a63f479ea7424dadd9047a000f7782ae4e268ab42861c4f26707236df0c061f1e768f7d6fb580e027af10b9679a1bfb8eec'
 '0fa8393eaa3c0e5514e44e42ed9f8085c2aa8ddfa799e4cdd19d1004c81692dc1baa8963aa75dfbb7e268c80636711a90110f365e2f3d0769d7fdf0b6aaac65e'
-'ca60021399e8b1a0e7c3a121a3e77eaaa8063e52e152a32a9c4cb350019c24f1d14adabd6d69259dc8aa206e4ecae3a303237cf4ba02260a21419012f9b9d7eb'
-'53902e78dd36bc7b106ee45c9937340651579976ae129882155df3714910f93ed04b76277fe1c777deabede779b41b3d5feb9f222c4109dfa611e3a11900a58d'
-'660943c1f153e0cb81aa1c1f424f40c68662ae8123acb3592ab8fbd7003dbfa189352c972e78f33c23e8ae239a65a41cd4f6b46798b130860deab832fbe06247'
-'446b8b45a66f0373ad333987f453b6fe02e6c78c9055eec525f17b6990940d645c6e69071836f3483afbb8d9ec00754ad05223a474c05d981a3334c940f2ae02'
-'d6a8e3472a2c7f6877c2237745b4bda3aaa4af83b5d60a04d678bb06258ac318790a14140abd0ad4c8525dd15024b695f631fcb827cff1370f06335cbcd938de'
-'2a473ef99793552a2f25cfe7acdac3af28575dd734a9d38699ca29cd68857b2121db1af1d582f03c10286c2e441708db7012db33fec84ef3a5c2936418665380')
+'9a3a9f1c59810b82c3a331d3e360f77934712126b70184df5ba2aec52adb28f1ca7d6e5c61ffc6950435468cfb5d529b896462897497341c435068febad472b7'
+'983f048d3627fbd22be0694f5a4dde1ff874e60206563addb0e2c52506229c36438e48ff8475fb27a388b33f3f93fc52a440e1b604e00610c799c8499cb55593'
+'06c5591cd4e167f71e72f061ed1efaea0ab138acb562c6f5a7fb9340239e2465d22fd5ac992684444707f14c051d026cabd81f4408117d2d2f22bc089dcbfcb4'
+'400bfb6f3ee38c73d584cb2e66e37464b6ce75f50a1edaec688405e46e943a62161ae63ba9e0a534887b4ce9ce25c95ca222d2f24111d9f40f455f3412694280'
+'c84cc10ee40620846fc0e852e78277afcd96251857f955973036b416f57e6c2c72a8631e1377d4bcea6409129ba909895f1437a81b71a93523463686fc0daba8'
+'597e7e5779766a4baf606c78218b9c0f9cd87a80ff9e00d5cb7506bc75a2ad79b0c6a65c12362c14afe113a7e6cda7f9808c809eaa601badc61a7aceb54ce16f'
+'70eaadc12a480cce08ba46a393b3c158821eacc445806714e128f99f50a92aaae769e7cee73f4bf3451846fce0395936c71bcd110929a1ada8bd06f579e67ff6')
 
 ## Uses above arrays to check if file's original hash matches, if not the file was edited, so we save a backup and notify the user.
 
@@ -130,6 +134,10 @@ OriginalFileHashes=(
 
 [[ "$(openssl dgst -r -whirlpool ${FilesToCheck[30]} | awk '{print $1}')" = ${OriginalFileHashes[30]} ]] || { cat "${FilesToCheck[30]}" > "${FilesToCheck[30]}.pacsave" ;  echo "Backup saved: ${FilesToCheck[30]}.pacsave"; }
 
+[[ "$(openssl dgst -r -whirlpool ${FilesToCheck[31]} | awk '{print $1}')" = ${OriginalFileHashes[31]} ]] || { cat "${FilesToCheck[31]}" > "${FilesToCheck[31]}.pacsave" ;  echo "Backup saved: ${FilesToCheck[31]}.pacsave"; }
+
+[[ "$(openssl dgst -r -whirlpool ${FilesToCheck[32]} | awk '{print $1}')" = ${OriginalFileHashes[32]} ]] || { cat "${FilesToCheck[32]}" > "${FilesToCheck[32]}.pacsave" ;  echo "Backup saved: ${FilesToCheck[32]}.pacsave"; }
+
 echo "Done!"
 
 }
\ No newline at end of file