firecfg utility

6 files changed, 136 insertions, 9 deletions

diff --git a/.gitignore b/.gitignore
index 408290b85..85e317827 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,9 +8,12 @@ config.log
 config.status
 firejail-login.5
 firejail-profile.5
+firejail-config.5
 firejail.1
 firemon.1
+firecfg.1
 src/firejail/firejail
 src/firemon/firemon
+src/firecfg/firecfg
 src/ftee/ftee
 src/tags
diff --git a/README.md b/README.md
index 9b045d50c..0e9c280bd 100644
--- a/README.md
+++ b/README.md
@@ -89,6 +89,52 @@ FILE TRANSFER
               $ firejail --get=mybrowser ~/Downloads/xpra-clipboard.png
 `````
 
+## FIrecfg
+`````
+NAME
+       Firecfg - Desktop configuration program for Firejail software.
+
+SYNOPSIS
+       firecfg [OPTIONS]
+
+DESCRIPTION
+       Firecfg is the desktop configuration utility for Firejail software. The
+       utility creates several symbolic links  to  firejail  executable.  This
+       allows the user to sandbox applications automatically, just by clicking
+       on a regular desktop menus and icons.
+
+       The symbolic links are placed in /usr/local/bin. For more  information,
+       see DESKTOP INTEGRATION section in man 1 firejail.
+
+OPTIONS
+       --clear
+              Clear all firejail symbolic links
+
+       -?, --help
+              Print options end exit.
+
+       --list List all firejail symbolic links
+
+       --version
+              Print program version and exit.
+
+       Example:
+
+       $ sudo firecfg
+       /usr/local/bin/firefox created
+       /usr/local/bin/vlc created
+       [...]
+       $ firecfg --list
+       /usr/local/bin/firefox
+       /usr/local/bin/vlc
+       [...]
+       $ sudo firecfg --clear
+       /usr/local/bin/firefox removed
+       /usr/local/bin/vlc removed
+       [...]
+`````
+
+
 ## Compile time and run time configuration support
 
 Most Linux kernel security features require root privileges during configuration.
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index fb996966f..13bcc5110 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -1,7 +1,74 @@
 # /etc/firejail/firecfg.config - firecfg utility configuration file
 # This is the list of programs handled by firecfg utility
 #
+
+# browsers/email
 firefox
 iceweasel
+chromium-browser
+chromium
+conkeror
 thunderbird
+epiphany
+flashpeak-slimjet
+google-chrome-beta
+google-chrome-stable
+google-chrome-unstable
+google-chrome
+icecat
+icedove
+kmail
+midori
+opera-beta
+opera
+qutebrowser
+seamonkey
+seamonkey-bin
+vivaldi-beta
+vivaldi
+
+# bittorrent/ftp
+deluge
+filezilla
+qbittorrent
+rtorrent
+tranmission-gtk
+transmission-qt
+
+# office
+cherrytree
+evince
+fbreader
+localc
+lodraw
+loffice
+lofromtemplate
+loimpress
+lomath
+loweb
+lowriter
+Mathematica
+mathematica
+
+# Media
 vlc
+audacious
+clementine
+deadbeef
+parole
+rhythmbox
+totem
+
+# chat/messaging
+bitlbee
+empathy
+gnome-mplayer
+hexchat
+pidgin
+qtox
+quassel
+xchat
+
+# games
+hedgewars
+wesnot
diff --git a/src/firecfg/main.c b/src/firecfg/main.c
index 7465f2d3e..0c6b278b5 100644
--- a/src/firecfg/main.c
+++ b/src/firecfg/main.c
@@ -30,7 +30,7 @@ static void usage(void) {
         printf("Firecfg is the desktop configuration utility for Firejail software. The utility\n");
         printf("creates several symbolic links to firejail executable. This allows the user to\n");
         printf("sandbox applications automatically, just by clicking on a regular desktop\n");
-        printf("menues and icons.\n\n");
+        printf("menus and icons.\n\n");
         printf("The symbolic links are placed in /usr/local/bin. For more information, see\n");
         printf("DESKTOP INTEGRATION section in man 1 firejail.\n\n");
         printf("Usage: firecfg [OPTIONS]\n\n");
@@ -245,21 +245,33 @@ static void set(void) {
                 lineno++;
                 if (*buf == '#') // comments
                         continue;
+
+                // do not accept .. and/or / in file name
+                if (strstr(buf, "..") || strchr(buf, '/')) {
+                        fprintf(stderr, "Error: invalid line %d in %s\n", lineno, cfgfile);
+                        exit(1);
+                }
                 
                 // remove \n
                 char *ptr = strchr(buf, '\n');
                 if (ptr)
                         *ptr = '\0';
+                        
+                // trim spaces
+                ptr = buf;
+                while (*ptr == ' ' || *ptr == '\t')
+                        ptr++;
+                char *start = ptr;
                 
-                // do not accept .. and/or / in file name
-                if (strstr(buf, "..") || strchr(buf, '/')) {
-                        fprintf(stderr, "Error: invalid line %d in %s\n", lineno, cfgfile);
-                        exit(1);
-                }
+                // empty line
+                if (*start == '\0')
+                        continue;
                 
-                set_file(buf, firejail_exec);
+                // set link
+                set_file(start, firejail_exec);
         }
 
+        fclose(fp);
         free(cfgfile);
         free(firejail_exec);
 }
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 612d9c667..1f8907e4c 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -2041,7 +2041,6 @@ int main(int argc, char **argv) {
                 gid_t audiogid = get_audio_gid();
                 if (ttygid) {
                         sprintf(ptr, "%d %d 1\n", audiogid, audiogid);
-                        ptr += strlen(ptr);
                 }
                 
                 EUID_ROOT();
diff --git a/src/man/firecfg.txt b/src/man/firecfg.txt
index 7d95892a4..a97e5b76f 100644
--- a/src/man/firecfg.txt
+++ b/src/man/firecfg.txt
@@ -7,7 +7,7 @@ firecfg [OPTIONS]
 Firecfg is the desktop configuration utility for Firejail software. The utility
 creates several symbolic links to firejail executable. This allows the user to
 sandbox applications automatically, just by clicking on a regular desktop
-menues and icons.
+menus and icons.
 
 The symbolic links are placed in /usr/local/bin. For more information, see
 DESKTOP INTEGRATION section in man 1 firejail.