diff options
author | Gaming4JC <g4jc@openmailbox.org> | 2015-10-23 20:13:47 -0400 |
---|---|---|
committer | Gaming4JC <g4jc@openmailbox.org> | 2015-10-23 20:13:47 -0400 |
commit | fccd220bbe044fbaf24e069fb4b8d8a877f5b00d (patch) | |
tree | c744cbe73f0223c378d29b85319ee588271e333a /pcr/firejail/firejail.install | |
parent | 8dec6c902c4e8ea373e8d7bd12b80afce71d7ef0 (diff) |
update firejail with hardening patches
Diffstat (limited to 'pcr/firejail/firejail.install')
-rw-r--r-- | pcr/firejail/firejail.install | 69 |
1 files changed, 42 insertions, 27 deletions
diff --git a/pcr/firejail/firejail.install b/pcr/firejail/firejail.install index e154e7dd7..c8641ecab 100644 --- a/pcr/firejail/firejail.install +++ b/pcr/firejail/firejail.install @@ -6,17 +6,21 @@ echo "Checking 26 firejail profiles for user modification, backing up as needed. '/etc/firejail/deadbeef.profile' '/etc/firejail/deluge.profile' '/etc/firejail/disable-common.inc' +'/etc/firejail/disable-history.inc' '/etc/firejail/disable-mgmt.inc' '/etc/firejail/disable-secret.inc' '/etc/firejail/empathy.profile' '/etc/firejail/evince.profile' +'/etc/firejail/fbreader.profile' '/etc/firejail/filezilla.profile' '/etc/firejail/firefox.profile' '/etc/firejail/generic.profile' '/etc/firejail/gnome-mplayer.profile' +'/etc/firejail/icecat.profile' +'/etc/firejail/icedove.profile' +'/etc/firejail/iceweasel.profile' '/etc/firejail/login.users' '/etc/firejail/midori.profile' -'/etc/firejail/opera.profile' '/etc/firejail/pidgin.profile' '/etc/firejail/qbittorrent.profile' '/etc/firejail/quassel.profile' @@ -30,33 +34,36 @@ echo "Checking 26 firejail profiles for user modification, backing up as needed. '/etc/firejail/xchat.profile') OriginalFileHashes=( -'53d86924bad531072cf279faa63e0a6a6c6ccb22aeae2ba7ddfc7dcab8b09b7a563aeab758cbcbf13ec5f7319066bb0fec3ba2356177e3b8449c58ee5929a766' -'2c13c77de38d6a7c6513ee754e6cd3ca446019b0716b3db2fb90bb3befcc1bfa2de80a06255048e5f82571de076690ddd8c543ab12104f6843a520e7de042147' -'9572631ca9551866c2af91f0fed148e2be6d9ec34dff7773d6589c7245d61e6d17f7421176cbfdeadc08289b0a0c4d74453e2d79eb847355506657e98440b924' -'f730544fdc1a2db051cb73c02722c7f87f4d4536db6f853d1852ee19f527c17abb1ed91879a2b593d2704f8e63e99c4a46640187fe882d4aaced4f7c03c06c46' -'fa89a0ccaa3d3018273b2b66cb3b6e21f0b4582ecde7139a2db3523497a4da14af8ccb969707a32f7ce2f4083405a942ce9af4212948469bd1b0cd8b438e525a' -'d0808badde2e695b77900cf13f89503e23dc2a233e2489e8590551adef061390bdb77c815a7fb59a48a103340ea288832d00dd0a8ce78bd24595ca2f352c9f8f' -'52f550486c4baa03c1327d75765c0edcc3397113fab4190e7644c53112810e5bbcc89cfc8b2c1147a724366a5dffd69dce334daaf4f3ae8e754e35bc38daeedc' -'33251ba45f3f18397956ec28c6ba55e94c8638bf5b1c1de2c49d5383fc2d519f21b5e757e22f747811c1335e745607968aac1fdd93438276223c6b4c5b2bd954' -'8f7f282ada4b557b78b33dd788753daf46b10dbdd2f7f72c25fc787ca98cf99d8a45c0db54d60fa0b1bd912cbbda95bb845d373c865e9b1884b1d3e480ec2b85' -'1088d1921b3c335789fc38e05fe7a898c9615f8fb769d388b6c6d02280891dc64b8b648351b2d5edff62298b46ed21792c0ffc611858697ae02455c5ae8993a7' -'c7b3bca2f1f9fa0a2769754fc8c341a5e2a9e67613a3329e59797a93dcb5fc41c4c8d08196c41d236e4878bd48fcd44fd1737aa6971a4df2a192da522b96cac4' -'a60b88a35228f3f8b4a3acd3dce527f3b873b095f1cf28a701baa5b310ad8b85e36ad633c8ddf8c2378a1d40c634164ada63764da1f9750507e55717affe8f46' -'16777da4a6552b7a39909d7faae0aff13a7e82887409a548433a0575443cf45fa28ecfdd8d43e146a6afa5a5a7298c64aa878bc6d82d2a7b8a2ca666cdb8d2c4' +'fcd9b1c17f7c67e28c3d7d9baef5e04d1fa3c1e652cb7377ff955c56a7434a51b13d2ed86fdf1365eaed595cfa9a7ee5983d240f16f34db43e830ea976160f36' +'96217eab44531f9a4d5f062d0a3d5e55e413df5e55e7b617ff1b42b66830663b72a4356752cac0966bd38075891a7be518fe7b83fe8d2b6f309006112aed8684' +'b20818d85f450f367f8e97cf3fc62848aa9365fc73dc63098a0d671120149425889ab14ad938664a2ea18dfe0f836e182af2c1333eab352a0adfb93c94c09798' +'ebea3e357bd9c0174aaa8c0a52f2ef2458c96dd60072c654181425243ffcb929f81b1931bb2ab7896eb55fa90c28d1aacaf90f662c5b63a90509e2262631ec02' +'71ad60139c7a7f3b987c8d472cef293996126c13c04a358bad29ba4f8d02d60050862acf881bb8448943c1170001dd1dcc611006d38b9ec50e1e04ac98602aff' +'2e412845bf7db285aef97b8c48b73a6fb59377ba21cbd5ac51650a5acb57eae6658ff149516c73e477012e89067fb81c5585ad4e7b430d424f020118cd5b6824' +'c36cb56d0ca440307fea86ed41d697603f48a0273dd313aad3ddc5886a31f43425c24546cda6227b55d11ab2f46352b3f2591239d08694f2442e4b30525ac3b9' +'422626df14c9669f5f36e7092467d0a9ca4b1bf90d7227416481c5f979283f038144acbae28cfb1c60b2c0887191771c9f9beb0d0663f8542e51061198aff052' +'deb91a0f2a00209997e5bd66bd3a34bd77eb722ac3750fcc2c4779a0ae224a35e99800f9a7f0d31b41f01e7c797da8556e84404f6a7285606f336be21eb590d7' +'b8880a5c9ad0f608ba76587b72b56326a331f1bae5520b9b663ed2c6ba62a36bf122155520fd1018c8bb84618843a9a02ae8d14e2c9aa128b58685136fe53e31' +'52b7d856f826988f610524b9432252f36d4202fddab14476f06c2a0d6ce1c5109a66a329d6ae16bd00c9bbf81cd33c4c3dcd9c708a84adc5c986f5612d14a1b2' +'d09a25dab801bbde8aa5d3a5fc24586dddd460a687da49037cd14902dcd572eb7b1dec2c2cb6921047891294ff4bd0dc882de7aa64db10b15c7f44133e03e9f9' +'e0a5824a53d2464955d47760bedbebfd6ca93e3618ed9f2e2434dcefebd357a98362e600bf4507012b1e6ab343609bad52372c90b3162eb9d85637d433c19b83' +'84ba92338aa5ca8c01be84a274fcb71f8fa4bb950b938f6b9fd32297ded2739f6aef4733e6cb787dc366a9a7f04119767d48e56d86f0d2fcb10c28bf58faf86b' +'39a736617d8663a4cbd865ba5bb2c4f3896a2f969b637a62fb3f4da2a18c6d7611a93add84bc02174aaa96e7c2412d36a5485b2d444a0cc51e6320212ec4418d' +'81db63b03b1f950b1e7810fab38ce4fe5776f11e3036848da6298d9002b5c4683028d4fdd630db118d428fd91e5118872b5b2ccff9c82d02a966765efdb9dc17' +'9a8c4d7ce893340da2d9cc8237cecf8bca2865e5552747c480a1f803072960b7aa571b2693600076ea8800b86e1d0945d8a535fffcdbe9569b3820a477b155d2' +'8ded98eec8c11af8defef583227ea833beca534e5f2be48b52ec75152afddf14d78ba47442237e84eda8bb1b8361b1afecd63576f8ef6b18d50fb8c6559e8638' '672fa8b25ed28a07efb41fad6415c9fa96ce4bf4f4a1a6412595afb309ef6c1e67033ee256f997c32e9abe25bd6a100160ff12f2235c9be289c223547d03ca95' -'6aa7ee675b9607313056f9ab70085e9bac7c1cc3b88f3134da3bb7052100b39ed6553b261044be3f87c283543f1231eda1145392536f2a02cf97ba7d5657e969' -'1864b178483193f7a5360685573ce1c60f383924a2dd34dcd218f063b4ce6a12ca4a065a9881f685c11f7ce63cc75b822836491fcbe042c0825d432bc4fb58df' -'8be0eef7d351f68343ec3cb14dbafab0bcac604b216f5f18f3624be1270c2a223b5a4560197c0e565c40005f28a640743736d873bf3bc47dcb3df6e5746e9031' -'16ed951fafad9d07c294b80be98f694fdc47dd525c8373ac83317cb0f1665bfa70111a7eaeeda09eff3544b45507277c12c9d8618958ec38b17e1307daccca70' -'c89b5fcd02d17fcb65661bcd8ac7d230f11b8ed0c50db864bd70e4d077bac1a210526bfc4ced54dbd5e5fc62520b5b9d51c3ede841c1fc1a29afceece9062303' -'8eb8ed39164a8d2a50c06447da745be719eb02005dcdc483d5751a8e2f2390f7329845f3e9022c6fb71814f67b31aa7468fe958d2783c67276e3fc3120bef04b' -'bcc313205c260117e40fac28fc1a282b5f36a97bd7252780c628bfc48971ec2aadd99209442600d3b52b78e932982549baf0c9ba1e791f3ea7fe451e7e7a03a3' -'d739970917e87e89dc746e749f0c8bfe6cce22dd1864d2f115758627f934916aabe5d01c3c5cbe60866a1c0a1d6908df2cd1126d1d78301216678f9ab13f2a9a' -'8a65f7e84c2071869a64a493fe6ce74ef77b50f8f34c6b6cdd4e987740a3628cbf2dd02791ff89d53b7b01c1857ab4d8dba8fd5b30e82ccecb294d6bcf4e4bf3' -'25800523958101d249b96c994fb33bb1e2c646f6af4af6adcedf9aab993a5ae3d3a72dcc340cbabcb9bc0d07cb64155ae21ba6ce87a984594741b1bb806a0b75' -'a2ad0be0e77719ad5bea6167692629f5c8cc5cfaecbdf98ecf32ddd8877aac443ddd20a7201adab202b3497394c700c69de533eb493f8203ebb36b887f78d258' -'a28765a1d99dadcf4bf47774b18305167f81d136b8588420b675ee998f5d0077018d9142269968912b5e4a91559ab3a9e4fe9e8c4b0ed11cb4faa543042fb63d' -'f4ee69f5ef1487ae2b269e43c9bc61fefac168134611bcd10f3dfc2b259430815391a3e89724e8f4830d4a9effe8827ec49237453421f4ffb4f276c0362043ef') +'9e100bb2f51d5ef8d04325a83e80c54fbcd85a082c35d3f5aa7eabc79028cfd90d3a1537768e5b7f93468d2ddbbf15ca421784820ceb6d718915e5a5fe584c6c' +'9f5990e680f85343615fe26f032b8ffcff9cc34772fc546b66d728788a097c91751c91cf56c27c678226a1737c59d1da95970ca88ee58477bdb3d9263336ce28' +'96d1dd388e08ed702e4a7580dad5f759b9d969dc12cc9a1f50431d7a73302b4c1ce1cde5855ae045d3aaba81b733edd7120066ce298c12822706344e590f11e2' +'03393bb3fa555ee9d402770faaece0ec8c974631995d0ea08548a6d849d2c8f09d7df10b1350dae1449cfd6df37cf4013d715cdd2bca865878d8c135f73737d6' +'0fa8393eaa3c0e5514e44e42ed9f8085c2aa8ddfa799e4cdd19d1004c81692dc1baa8963aa75dfbb7e268c80636711a90110f365e2f3d0769d7fdf0b6aaac65e' +'ca60021399e8b1a0e7c3a121a3e77eaaa8063e52e152a32a9c4cb350019c24f1d14adabd6d69259dc8aa206e4ecae3a303237cf4ba02260a21419012f9b9d7eb' +'53902e78dd36bc7b106ee45c9937340651579976ae129882155df3714910f93ed04b76277fe1c777deabede779b41b3d5feb9f222c4109dfa611e3a11900a58d' +'660943c1f153e0cb81aa1c1f424f40c68662ae8123acb3592ab8fbd7003dbfa189352c972e78f33c23e8ae239a65a41cd4f6b46798b130860deab832fbe06247' +'446b8b45a66f0373ad333987f453b6fe02e6c78c9055eec525f17b6990940d645c6e69071836f3483afbb8d9ec00754ad05223a474c05d981a3334c940f2ae02' +'d6a8e3472a2c7f6877c2237745b4bda3aaa4af83b5d60a04d678bb06258ac318790a14140abd0ad4c8525dd15024b695f631fcb827cff1370f06335cbcd938de' +'2a473ef99793552a2f25cfe7acdac3af28575dd734a9d38699ca29cd68857b2121db1af1d582f03c10286c2e441708db7012db33fec84ef3a5c2936418665380') ## Uses above arrays to check if file's original hash matches, if not the file was edited, so we save a backup and notify the user. @@ -114,6 +121,14 @@ OriginalFileHashes=( [[ "$(openssl dgst -r -whirlpool ${FilesToCheck[26]} | awk '{print $1}')" = ${OriginalFileHashes[26]} ]] || { cat "${FilesToCheck[26]}" > "${FilesToCheck[26]}.pacsave" ; echo "Backup saved: ${FilesToCheck[26]}.pacsave"; } +[[ "$(openssl dgst -r -whirlpool ${FilesToCheck[27]} | awk '{print $1}')" = ${OriginalFileHashes[27]} ]] || { cat "${FilesToCheck[27]}" > "${FilesToCheck[27]}.pacsave" ; echo "Backup saved: ${FilesToCheck[27]}.pacsave"; } + +[[ "$(openssl dgst -r -whirlpool ${FilesToCheck[28]} | awk '{print $1}')" = ${OriginalFileHashes[28]} ]] || { cat "${FilesToCheck[28]}" > "${FilesToCheck[28]}.pacsave" ; echo "Backup saved: ${FilesToCheck[28]}.pacsave"; } + +[[ "$(openssl dgst -r -whirlpool ${FilesToCheck[29]} | awk '{print $1}')" = ${OriginalFileHashes[29]} ]] || { cat "${FilesToCheck[29]}" > "${FilesToCheck[29]}.pacsave" ; echo "Backup saved: ${FilesToCheck[29]}.pacsave"; } + +[[ "$(openssl dgst -r -whirlpool ${FilesToCheck[30]} | awk '{print $1}')" = ${OriginalFileHashes[30]} ]] || { cat "${FilesToCheck[30]}" > "${FilesToCheck[30]}.pacsave" ; echo "Backup saved: ${FilesToCheck[30]}.pacsave"; } + echo "Done!" }
\ No newline at end of file |