Firejail Release Notes

Version 0.9.16-rc1, Tuesday, October 28 2004

  • Software configuration support for –docdir and DESTDIR
  • Profile file support for include, caps, seccomp and private keywords
  • Dropbox profile file
  • Linux capabilities and seccomp filters enabled by default for Firefox, Midori, Evince and Dropbox
  • Support for private home directories
  • bugfixes

Version 0.9.14, Friday, October 17 2004

  • Linux capabilities and seccomp filters are automatically enabled in
    chroot mode (–chroot option) if the sandbox is started as regular user
  • Added support for user defined seccomp blacklists
  • Added syscall trace support
  • Added –tmpfs option
  • Added –balcklist option
  • Added –read-only option
  • Added –bind option
  • Process resource limits: –rlimit-fsize, –rlimit-nofile, –rlimit-nproc, –rlimit-sigpending
  • Logging enhancements
  • -overlay option was reactivated
  • Added firemon support to print the ARP table for each sandbox
  • Added firemon support to print the route table for each sandbox
  • Added firemon support to print interface information for each sandbox
  • bugfixes

Version 0.9.12.2, Monday, September 29 2014

  • More pulseaudio fixes
  • –overlay option was temporarily disabled in this build

Version 0.9.12.1, Tuesday, September 23 2014

  • Fix for pulseaudio problems
  • –overlay option was temporarily disabled in this build

Version 0.9.12, Monday, September 15 2014

  • Added Linux capabilities support
  • Added support for CentOS 7
  • Bugfixes

Version 0.9.10, Thursday, August 28 2014

  • Disable /proc/kcore, /proc/kallsyms, /dev/port, /boot
  • Fixed –top option CPU utilization calculation
  • Implemented –tree option in firejail and firemon
  • Implemented –join=name option
  • Implemented –shutdown option
  • Preserve the current working directory if possible
  • Cppcheck and clang errors cleanup
  • Added a Chromium web browser profile

Version 0.9.8.1, Friday, July 25 2014

  • Fixed a number of problems introduced in release 0.9.8.

Version 0.9.8, Thursday, July 24 2014

  • Implemented nowrap mode for firejail –list command option
  • Added –top option in both firejail and firemon
  • Seccomp filter support
  • Added PID filtering support for firemon
  • Lots of bugfixes

Version 0.9.6, Saturday, June 7 2014

  • Mounting tmpfs on top of /var/log, required by several server programs
  • Server fixes for /var/lib and /var/cache
  • Private mode fixes
  • csh and zsh default shell support
  • Chroot mode fixes
  • Added support for lighttpd, isc-dhcp-server, apache2, nginx, snmpd

Version 0.9.4, Sunday, May 4 2014

  • Fixed resolv.conf on Ubuntu systems using DHCP.
  • Fixed resolv.conf on Debian systems using resolvconf package.
  • Fixed /var/lock directory.
  • Fixed /var/tmp directory.
  • Fixed symbolic links in profile files.
  • Added profiles for evince, midori.

Version 0.9.2, Friday, April 24 2014

  • Checking IP address passed with –ip option using ARP; exit if the address is already present.
  • Using a lock file during ARP address assignment in order to removed a race condition.
  • everal fixes to –private option; it also mounts a tmpfs filesystem on top of /tmp.
  • Added user access check for profile file.
  • Added –defaultgw option.
  • Added support of –noip option; it is necessary for DHCP setups.
  • Added syslog support.
  • Added support for “tmpfs” and “read-only” profile commands.
  • Added an expect-based testing framework for the project.
  • Added bash completion support.
  • Added support for multiple networks.

Version 0.9, Saturday, April 12 2014

  • First beta version.

Back to Firejail project page

2 thoughts on “Firejail Release Notes

  1. Priyojit Chatterjee

    Firefox and many other apps like Sylpheed, Hexchat are crashing either on startup or after some activity.
    firejail 0.9.12.2
    $ uname -r
    3.17.0-1-MANJARO
    Firefox 32.0.3
    This started happening after I installed the last update pack which upgraded Xorg. Now Xorg runs without root rights.
    Firefox Error
    $ firejail ~/bin/firefox/firefox
    Parent pid 12834, child pid 12835
    Interface IP Mask Status
    lo 127.0.0.1 255.0.0.0 UP
    enp0s7 192.168.0.101 255.255.255.0 UP

    Child process initialized

    (process:1): GLib-CRITICAL **: g_slice_set_config: assertion ‘sys_page_size == 0′ failed
    [Parent 1] ###!!! ABORT: X_ShmPutImage: BadShmSeg (invalid shared segment parameter); 661 requests ago: file /builds/slave/rel-m-rel-lx_bld-0000000000000/build/toolkit/xre/nsX11ErrorHandler.cpp, line 157
    [Parent 1] ###!!! ABORT: X_ShmPutImage: BadShmSeg (invalid shared segment parameter); 661 requests ago: file /builds/slave/rel-m-rel-lx_bld-0000000000000/build/toolkit/xre/nsX11ErrorHandler.cpp, line 157

    parent is shutting down, bye…

    Please create a forum or at least an IRC channel.

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s