From patchwork Tue Jul 18 12:05:45 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?q?Ludovic_Court=C3=A8s?= <ludo@gnu.org>
X-Patchwork-Id: 51773
Return-Path: <guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org>
X-Original-To: patchwork@mira.cbaines.net
Delivered-To: patchwork@mira.cbaines.net
Received: by mira.cbaines.net (Postfix, from userid 113)
	id 9386B27BBE9; Tue, 18 Jul 2023 13:06:19 +0100 (BST)
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net
X-Spam-Level: 
X-Spam-Status: No, score=-3.7 required=5.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,
	URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	by mira.cbaines.net (Postfix) with ESMTPS id 74A8C27BBE2
	for <patchwork@mira.cbaines.net>; Tue, 18 Jul 2023 13:06:17 +0100 (BST)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <guix-patches-bounces@gnu.org>)
	id 1qLjSw-0007DR-Lp; Tue, 18 Jul 2023 08:06:06 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1qLjSt-0007CF-1x
 for guix-patches@gnu.org; Tue, 18 Jul 2023 08:06:03 -0400
Received: from debbugs.gnu.org ([2001:470:142:5::43])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
 id 1qLjSs-0001i4-Pd
 for guix-patches@gnu.org; Tue, 18 Jul 2023 08:06:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
 (envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1qLjSs-0001p4-L5
 for guix-patches@gnu.org; Tue, 18 Jul 2023 08:06:02 -0400
Subject: bug#64199: [PATCH] gnu: Add firejail.
Resent-From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
Original-Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
Resent-To: guix-patches@gnu.org
Resent-Date: Tue, 18 Jul 2023 12:06:02 +0000
Resent-Message-ID: <handler.64199.D64199.16896819606993.done@debbugs.gnu.org>
Resent-Sender: help-debbugs@gnu.org
X-GNU-PR-Message: cc-closed 64199
X-GNU-PR-Package: guix-patches
X-GNU-PR-Keywords: patch
To: kiasoc5 <kiasoc5@disroot.org>
Cc: Tobias Geerinckx-Rice <me@tobias.gr>, 64199-done@debbugs.gnu.org,
 Leo Famulari <leo@famulari.name>
Mail-Followup-To: 64199@debbugs.gnu.org, ludo@gnu.org, kiasoc5@disroot.org
Received: via spool by 64199-done@debbugs.gnu.org id=D64199.16896819606993
 (code D ref 64199); Tue, 18 Jul 2023 12:06:02 +0000
Received: (at 64199-done) by debbugs.gnu.org; 18 Jul 2023 12:06:00 +0000
Received: from localhost ([127.0.0.1]:51838 helo=debbugs.gnu.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
 id 1qLjSp-0001oj-NC
 for submit@debbugs.gnu.org; Tue, 18 Jul 2023 08:06:00 -0400
Received: from eggs.gnu.org ([2001:470:142:3::10]:51492)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1qLjSm-0001oU-3c
 for 64199-done@debbugs.gnu.org; Tue, 18 Jul 2023 08:05:57 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@gnu.org>)
 id 1qLjSf-0001hC-OE; Tue, 18 Jul 2023 08:05:50 -0400
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnu.org;
 s=fencepost-gnu-org; h=MIME-Version:In-Reply-To:Date:References:Subject:To:
 From; bh=3PxP8fa4akHHBCApjIK4PSQqB+xpWVxMVcOXDOQwI4c=; b=OjXGYocLyd/Jfm/ytLRS
 mdiZzfjl4zXvIGrd6upRhOl/QLH8DGypLQmcO0c9E0pclSarwy6aRlGfJpw8bczbVkbd+3pQyEH5F
 mjEDCfxIMR3YahFNcl7r+eVwvqBvRJqQBRyNixOyoihI53CuGiCbbFYcZQBofNqLuw6M7YB3VnDt5
 MRmZDJuDmL00mejmjD3Uyh8jXpXc/sUv+m+BC2wedd4XyceBxzhFkgfjvd9PrNvHlOxdXUMOkbocI
 Tdv4vsFzusZ6W7yDsIElzkLFbIMyz3DATP1DNegzCXBhKuWyoRbdfKdofPknOBJ19sSNpvaJIb/Vh
 Pe+B0TPCOkIiWQ==;
Received: from [193.50.110.205] (helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <ludo@gnu.org>)
 id 1qLjSf-0004vV-Bf; Tue, 18 Jul 2023 08:05:49 -0400
From: Ludovic =?utf-8?q?Court=C3=A8s?= <ludo@gnu.org>
References: 
 <9d5b11ec067f815f252235b8d67050a865b98727.1687308888.git.kiasoc5@disroot.org>
 <a7ce136908a578cee31a9add7bf99cfcd548d836.1687309254.git.kiasoc5@disroot.org>
Date: Tue, 18 Jul 2023 14:05:45 +0200
In-Reply-To: 
 <a7ce136908a578cee31a9add7bf99cfcd548d836.1687309254.git.kiasoc5@disroot.org>
 (kiasoc5@disroot.org's message of "Tue, 20 Jun 2023 21:00:54 -0400")
Message-ID: <87wmyxjug6.fsf_-_@gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
MIME-Version: 1.0
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
X-BeenThere: guix-patches@gnu.org
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-patches>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
 <mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org
X-getmail-retrieved-from-mailbox: Patches

kiasoc5 <kiasoc5@disroot.org> skribis:

> Forgot to add apparmor use-module.
>
> * gnu/packages/linux.scm (firejail): New variable.

Hi! Applied with the changes below (‘gpl2+’ because source code headers
carry the “or any later version” wording).

Thanks,
Ludo’.

diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index 18c69d8a61..39503de6ff 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -10172,9 +10172,9 @@ (define-public firejail
     (version "0.9.72")
     (source (origin
               (method url-fetch)
-              (uri (string-append "https://github.com/netblue30/firejail/releases/download/" version
-                                  "/firejail-" version
-                                  ".tar.xz" ))
+              (uri (string-append
+                    "https://github.com/netblue30/firejail/releases/download/" version
+                    "/firejail-" version ".tar.xz" ))
               (sha256
                (base32
                 "1x77xy1mwfgjrcsymdda82bjnqgl7z2yymcb10mzd1zwik27gqc2"))))
@@ -10191,9 +10191,16 @@ (define-public firejail
      (list apparmor xdg-dbus-proxy))
     (synopsis "Linux namespaces sandbox program")
     (description
-     "Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces, seccomp-bpf and Linux capabilities.  The software includes sandbox profiles for a number of common Linux programs.  Firejail should be added to the list of setuid programs in the system configuration to work properly.")
+     "Firejail is a SUID sandbox program that reduces the risk of security
+breaches by restricting the running environment of untrusted applications
+using Linux namespaces, seccomp-bpf and Linux capabilities.  The software
+includes sandbox profiles for a number of common Linux programs.  Firejail
+should be added to the list of setuid programs in the system configuration to
+work properly.")
     (home-page "https://github.com/netblue30/firejail")
-    (license license:gpl2)))
+    (supported-systems
+     (filter (cut string-suffix? "-linux" <>) %supported-systems))
+    (license license:gpl2+)))
 
 (define-public edac-utils
   (package