summaryrefslogtreecommitdiffstats
path: root/package/firejail
diff options
context:
space:
mode:
Diffstat (limited to 'package/firejail')
-rw-r--r--package/firejail/Config.in19
-rw-r--r--package/firejail/firejail.hash3
-rw-r--r--package/firejail/firejail.mk28
3 files changed, 50 insertions, 0 deletions
diff --git a/package/firejail/Config.in b/package/firejail/Config.in
new file mode 100644
index 0000000000..8c5338ea90
--- /dev/null
+++ b/package/firejail/Config.in
@@ -0,0 +1,19 @@
+config BR2_PACKAGE_FIREJAIL
+ bool "firejail"
+ depends on BR2_USE_MMU # fork()
+ depends on BR2_TOOLCHAIN_HAS_THREADS
+ # uClibc: error: ‘EM_ARM’ undeclared
+ depends on !BR2_TOOLCHAIN_USES_UCLIBC
+ help
+ Firejail is a SUID program that reduces the risk of security
+ breaches by restricting the running environment of untrusted
+ applications using Linux namespaces and seccomp-bpf. It
+ allows a process and all its descendants to have their own
+ private view of the globally shared kernel resources, such
+ as the network stack, process table, mount table.
+
+ https://firejail.wordpress.com/
+
+comment "firejail needs a glibc or musl toolchain w/ threads"
+ depends on BR2_USE_MMU
+ depends on !BR2_TOOLCHAIN_USES_UCLIBC || !BR2_TOOLCHAIN_HAS_THREADS
diff --git a/package/firejail/firejail.hash b/package/firejail/firejail.hash
new file mode 100644
index 0000000000..0cb86b45a4
--- /dev/null
+++ b/package/firejail/firejail.hash
@@ -0,0 +1,3 @@
+# From https://sourceforge.net/projects/firejail/files/firejail/
+md5 7e6dca7202b1d70105b39646755cc620 firejail-0.9.44.8.tar.xz
+sha1 019423df0aee84d474f9fcd1f6a871a2fe8aa9a5 firejail-0.9.44.8.tar.xz
diff --git a/package/firejail/firejail.mk b/package/firejail/firejail.mk
new file mode 100644
index 0000000000..c1fab29f28
--- /dev/null
+++ b/package/firejail/firejail.mk
@@ -0,0 +1,28 @@
+################################################################################
+#
+# firejail
+#
+################################################################################
+
+FIREJAIL_VERSION = 0.9.44.8
+FIREJAIL_SITE = http://download.sourceforge.net/firejail
+FIREJAIL_SOURCE = firejail-$(FIREJAIL_VERSION).tar.xz
+FIREJAIL_LICENSE = GPLv2+
+FIREJAIL_LICENSE_FILES = COPYING
+
+FIREJAIL_CONF_OPTS = \
+ --enable-bind \
+ --enable-file-transfer \
+ --enable-network \
+ --enable-seccomp \
+ --enable-userns
+
+ifeq ($(BR2_PACKAGE_BUSYBOX),y)
+FIREJAIL_CONF_OPTS += --enable-busybox-workaround
+endif
+
+define FIREJAIL_PERMISSIONS
+ /usr/bin/firejail f 4755 0 0 - - - - -
+endef
+
+$(eval $(autotools-package))
OpenPOWER on IntegriCloud