diff options
author | netblue30 <netblue30@protonmail.com> | 2021-05-21 08:56:45 -0400 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2021-05-21 08:56:45 -0400 |
commit | d8d016dc44648fe185577ff82433a32fb17081f7 (patch) | |
tree | b4786ab1a7e42ff487e0ee8286c66b0143cdc26b | |
parent | --buid fixes (diff) | |
download | firejail-d8d016dc44648fe185577ff82433a32fb17081f7.tar.gz firejail-d8d016dc44648fe185577ff82433a32fb17081f7.tar.zst firejail-d8d016dc44648fe185577ff82433a32fb17081f7.zip |
support trailing comments on profile lines
-rw-r--r-- | RELNOTES | 1 | ||||
-rw-r--r-- | src/firejail/profile.c | 12 | ||||
-rw-r--r-- | test/profiles/comment.profile | 3 | ||||
-rwxr-xr-x | test/profiles/profile_comment.exp | 52 | ||||
-rwxr-xr-x | test/profiles/profiles.sh | 3 |
5 files changed, 67 insertions, 4 deletions
@@ -18,6 +18,7 @@ firejail (0.9.65) baseline; urgency=low | |||
18 | * compile time: --enable-lts | 18 | * compile time: --enable-lts |
19 | * subdirs support in private-etc | 19 | * subdirs support in private-etc |
20 | * input devices support in private-dev, --no-input | 20 | * input devices support in private-dev, --no-input |
21 | * support trailing comments on profile lines | ||
21 | * new profiles: vmware-view, display-im6.q16, ipcalc, ipcalc-ng | 22 | * new profiles: vmware-view, display-im6.q16, ipcalc, ipcalc-ng |
22 | * ebook-convert, ebook-edit, ebook-meta, ebook-polish, lzop, | 23 | * ebook-convert, ebook-edit, ebook-meta, ebook-polish, lzop, |
23 | * avidemux, calligragemini, vmware-player, vmware-workstation | 24 | * avidemux, calligragemini, vmware-player, vmware-workstation |
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index dd4506ac1..38e94c074 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
@@ -1714,13 +1714,17 @@ void profile_read(const char *fname) { | |||
1714 | int lineno = 0; | 1714 | int lineno = 0; |
1715 | while (fgets(buf, MAX_READ, fp)) { | 1715 | while (fgets(buf, MAX_READ, fp)) { |
1716 | ++lineno; | 1716 | ++lineno; |
1717 | |||
1718 | // remove comments | ||
1719 | char *ptr = strchr(buf, '#'); | ||
1720 | if (ptr) | ||
1721 | *ptr = '\0'; | ||
1722 | |||
1717 | // remove empty space - ptr in allocated memory | 1723 | // remove empty space - ptr in allocated memory |
1718 | char *ptr = line_remove_spaces(buf); | 1724 | ptr = line_remove_spaces(buf); |
1719 | if (ptr == NULL) | 1725 | if (ptr == NULL) |
1720 | continue; | 1726 | continue; |
1721 | 1727 | if (*ptr == '\0') { | |
1722 | // comments | ||
1723 | if (*ptr == '#' || *ptr == '\0') { | ||
1724 | free(ptr); | 1728 | free(ptr); |
1725 | continue; | 1729 | continue; |
1726 | } | 1730 | } |
diff --git a/test/profiles/comment.profile b/test/profiles/comment.profile new file mode 100644 index 000000000..4a907a408 --- /dev/null +++ b/test/profiles/comment.profile | |||
@@ -0,0 +1,3 @@ | |||
1 | # this is a comment | ||
2 | net none # this is another comment | ||
3 | private # some other comment | ||
diff --git a/test/profiles/profile_comment.exp b/test/profiles/profile_comment.exp new file mode 100755 index 000000000..a2be510c1 --- /dev/null +++ b/test/profiles/profile_comment.exp | |||
@@ -0,0 +1,52 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2021 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | set timeout 10 | ||
7 | spawn $env(SHELL) | ||
8 | match_max 100000 | ||
9 | |||
10 | send -- "rm -fr /tmp/firejailtest*\r" | ||
11 | send -- "rm -fr /tmp/firejail-strace*\r" | ||
12 | send -- "rm -fr /tmp/firejail-trace*\r" | ||
13 | sleep 1 | ||
14 | |||
15 | send -- "firejail --profile=comment.profile /usr/bin/true\r" | ||
16 | expect { | ||
17 | timeout {puts "TESTING ERROR 0\n";exit} | ||
18 | "Child process initialized" | ||
19 | } | ||
20 | expect { | ||
21 | timeout {puts "TESTING ERROR 1\n";exit} | ||
22 | "Parent is shutting down" | ||
23 | } | ||
24 | sleep 2 | ||
25 | |||
26 | send -- "firejail --build=/tmp/firejailtest.profile /usr/bin/true\r" | ||
27 | sleep 1 | ||
28 | |||
29 | send -- "cat /tmp/firejailtest.profile\r" | ||
30 | expect { | ||
31 | timeout {puts "TESTING ERROR 2\n";exit} | ||
32 | "seccomp" | ||
33 | } | ||
34 | after 100 | ||
35 | |||
36 | send -- "firejail --profile=/tmp/firejailtest.profile /usr/bin/true\r" | ||
37 | expect { | ||
38 | timeout {puts "TESTING ERROR 3\n";exit} | ||
39 | "Child process initialized" | ||
40 | } | ||
41 | expect { | ||
42 | timeout {puts "TESTING ERROR 4\n";exit} | ||
43 | "Parent is shutting down" | ||
44 | } | ||
45 | after 100 | ||
46 | |||
47 | send -- "rm -fr /tmp/firejailtest*\r" | ||
48 | send -- "rm -fr /tmp/firejail-strace*\r" | ||
49 | send -- "rm -fr /tmp/firejail-trace*\r" | ||
50 | after 100 | ||
51 | |||
52 | puts "\nall done\n" | ||
diff --git a/test/profiles/profiles.sh b/test/profiles/profiles.sh index a5f74f2e2..cbc6fa4d9 100755 --- a/test/profiles/profiles.sh +++ b/test/profiles/profiles.sh | |||
@@ -7,6 +7,9 @@ export MALLOC_CHECK_=3 | |||
7 | export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) | 7 | export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) |
8 | export LC_ALL=C | 8 | export LC_ALL=C |
9 | 9 | ||
10 | echo "TESTING: profile comments (test/profiles/profilecomment.exp)" | ||
11 | ./profile_comment.exp | ||
12 | |||
10 | echo "TESTING: profile conditional (test/profiles/conditional.exp)" | 13 | echo "TESTING: profile conditional (test/profiles/conditional.exp)" |
11 | ./conditional.exp | 14 | ./conditional.exp |
12 | 15 | ||