Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > Firejail 0.9.60 Kugwiritsa Ntchito Kudzipatula Kutulutsidwa

Firejail 0.9.60 Kugwiritsa Ntchito Kudzipatula Kutulutsidwa

adawona kuwala kutulutsidwa kwa polojekiti Firejail 0.9.60, momwe dongosolo likupangidwira kuti lizigwiritsidwa ntchito patokha la graphical, console ndi seva. Kugwiritsa ntchito Firejail kumakupatsani mwayi wochepetsera chiopsezo chosokoneza dongosolo lalikulu mukamagwiritsa ntchito mapulogalamu osadalirika kapena omwe angakhale pachiwopsezo. Pulogalamuyi inalembedwa m'chinenero cha C, wogawidwa ndi yololedwa pansi pa GPLv2 ndipo imatha kuthamanga pagawidwe lililonse la Linux ndi kernel yakale kuposa 3.0. Phukusi lokonzekera ndi Firejail kukonzekera mu deb (Debian, Ubuntu) ndi rpm (CentOS, Fedora).

Kwa kudzipatula ku Firejail amagwiritsidwa ntchito namespaces, AppArmor, ndi kusefa kuyimba kwadongosolo (seccomp-bpf) ku Linux. Ikangokhazikitsidwa, pulogalamuyi ndi njira zake zonse za ana zimagwiritsa ntchito malingaliro osiyanasiyana azinthu za kernel, monga ma network stack, tebulo lazinthu, ndi malo okwera. Mapulogalamu omwe amadalirana amatha kuphatikizidwa kukhala sandbox imodzi wamba. Ngati mungafune, Firejail itha kugwiritsidwanso ntchito kuyendetsa zotengera za Docker, LXC ndi OpenVZ.

Mosiyana ndi zida zotchinjiriza zotengera, firejail ndiyowopsa zosavuta mu kasinthidwe ndipo sikutanthauza kukonzekera fano dongosolo - zikuchokera chidebe amapangidwa pa ntchentche kutengera zomwe zili mu dongosolo wapamwamba dongosolo ndipo zichotsedwa ntchito akamaliza. Njira zosinthika zokhazikitsira malamulo ofikira pamafayilo amaperekedwa; mutha kudziwa kuti ndi mafayilo ati omwe amaloledwa kapena kukanidwa, kulumikiza mafayilo osakhalitsa (tmpfs) kuti mupeze deta, kuchepetsa mwayi wamafayilo kapena zolemba kuti muwerenge kokha, kuphatikiza maupangiri kudzera kumanga-phiri ndi overlayfs.

Pamapulogalamu ambiri otchuka, kuphatikiza Firefox, Chromium, VLC ndi Transmission, okonzeka Mbiri dongosolo kuitana kudzipatula. Kuti mugwiritse ntchito pulogalamu yodzipatula, ingotchulani dzina la pulogalamuyo ngati mtsutso ku zida zamoto, mwachitsanzo, "firejail firefox" kapena "sudo firejail /etc/init.d/nginx start".

M'kutulutsa kwatsopano:

  • Chiwopsezo chomwe chimalola kuti njira yoyipa idutse njira yoletsa kuyimba foni yakhazikitsidwa. Zomwe zili pachiwopsezo ndikuti zosefera za Seccomp zimakopera ku /run/firejail/mnt directory, zomwe zimalembedwa m'malo akutali. Njira zoyipa zomwe zikuyenda mozipatula zimatha kusintha mafayilowa, zomwe zingapangitse njira zatsopano zomwe zikuyenda m'malo omwewo kuti zichitike popanda kugwiritsa ntchito fyuluta yoyimba foni;
  • Chosefera kukumbukira-kukana-lemba-execute chimatsimikizira kuti foni ya "memfd_create" yatsekedwa;
  • Anawonjezera njira yatsopano "private-cwd" kuti musinthe chikwatu chogwirira ntchito kundende;
  • Njira yowonjezera "--nodbus" kuti mutseke zitsulo za D-Bus;
  • Thandizo lobwezeredwa kwa CentOS 6;
  • Anasiya thandizo kwa phukusi mu akamagwiritsa flatpak ΠΈ chithunzithunzi.
    Zatchulidwakuti mapepalawa agwiritse ntchito zida zawo;

  • Mbiri zatsopano zawonjezedwa kuti zizipatula mapulogalamu owonjezera 87, kuphatikiza mypaint, nano, xfce4-mixer, gnome-keyring, redshift, font-manager, gconf-editor, gsettings, freeciv, lincity-ng, openttd, torcs, tremulous, warsow, freemind, kid3, freecol, opencity, utox, freeoffice-planmaker, freeoffice-presentations, freeoffice-textmaker, inkview, meteo-qt, ktouch, yelp ndi cantata.

Source: opennet.ru

Kuwonjezera ndemanga