Arch Linux

Additionally we need to add [apparmor] as dependence in order to use `apparmor_parser`.

I think it would be enough to make apparmor as optional dep and don't use post-install script.

There's a patch file for the firejail PKGBUILD and a firejail.install file. It's already tested that works.

I think it cannot be optional dep:
$ firejail
firejail: error while loading shared libraries: libapparmor.so.1: cannot open shared object file: No such file or directory

Yeah, you're right. I doesn't did the test. Can you include apparmor as dependency? Thanks.

New version of firejail is available https://github.com/netblue30/firejail/releases/tag/0.9.60, it fix a security issue https://nvd.nist.gov/vuln/detail/CVE-2019-12589. New patch attached.

This is implemented in https://git.archlinux.org/svntogit/community.git/commit/trunk?h=packages/firejail&id=f0eb903f0451c2844ce16077b8f224213a9f87d4 but "etc/apparmor.d/local/firejail-local" is missing from backup list which means user modifications will be removed on update.

I added separate bug report here: https://bugs.archlinux.org/task/62838

That's trunk, no one of the repos. The bug should be closed only when the package is available for download, not before.

Edit:

Additionally https://git.archlinux.org/svntogit/community.git/tree/trunk/firejail.install?h=packages/firejail&id=f0eb903f0451c2844ce16077b8f224213a9f87d4#n4 need to be modified removing "install the apparmor package" because it was added as dependency.

@edu4rdshl

wtf you are talking about? This commit is part of package available in repos since yesterday:
https://www.archlinux.org/packages/community/x86_64/firejail/

You should better know what's going on before commenting and don't post flawed patches.

Magali, your attitude isn't necessary here. I will clarify you 2 things:

In every package are two different trees, trunk and repos. Take a look to https://git.archlinux.org/svntogit/community.git/tree/?h=packages/firejail and you can see about what I'm talking, the commit was made in the trunk tree, no repos tree and that mean that the PKGBUILD of the tree that is used to release the packages was not touched then the package isn't available for users in the repo, you need to know a bit how it works instead of using that kind of words. Regarding to the patch, you can post a better patch, thanks.

@edu4rdshl

Did you ever look at link you posted? This commit is in both trees:
https://git.archlinux.org/svntogit/community.git/commit/repos?h=packages/firejail&id=3c0604fa2a31e58b0bd440bb970715ace2ce2171

AppArmor files are part of firejail package which you can download from https://www.archlinux.org/packages/community/x86_64/firejail/download/

I proved you wrong and you doubled down on it while linking to source which proves you are wrong(!).

This is incredible level of ignorance you showed here in public. Everyone can see it.

Guy, stop being insulting. The commit that you've referenced in https://bugs.archlinux.org/task/61628#comment179653 is a commit of the trunk tree, not the packages tree. The strength of your insult demonstrates the weakness of your argument. Accepting your own errors made you a better person.