diff options
author | netblue30 <netblue30@protonmail.com> | 2023-01-25 11:33:47 -0500 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2023-01-25 11:33:47 -0500 |
commit | 02d37680c45cca9b5a8c05020cd3962b9425da80 (patch) | |
tree | 7b127173f60ff6669124f5490df5f0ce4dcee5ce | |
parent | merges (diff) | |
download | firejail-02d37680c45cca9b5a8c05020cd3962b9425da80.tar.gz firejail-02d37680c45cca9b5a8c05020cd3962b9425da80.tar.zst firejail-02d37680c45cca9b5a8c05020cd3962b9425da80.zip |
private-etc rework: file groups moved to src/include/etc_groups.h, new groups added
-rw-r--r-- | src/firejail/Makefile | 4 | ||||
-rw-r--r-- | src/firejail/fs_etc.c | 72 | ||||
-rw-r--r-- | src/include/etc_groups.h | 90 |
3 files changed, 102 insertions, 64 deletions
diff --git a/src/firejail/Makefile b/src/firejail/Makefile index 4e241af7e..47edc5ac6 100644 --- a/src/firejail/Makefile +++ b/src/firejail/Makefile | |||
@@ -13,7 +13,9 @@ MOD_HDRS = \ | |||
13 | ../include/seccomp.h \ | 13 | ../include/seccomp.h \ |
14 | ../include/syscall_i386.h \ | 14 | ../include/syscall_i386.h \ |
15 | ../include/syscall_x86_64.h \ | 15 | ../include/syscall_x86_64.h \ |
16 | ../include/firejail_user.h | 16 | ../include/firejail_user.h \ |
17 | ../include/etc_groups.h | ||
18 | |||
17 | 19 | ||
18 | MOD_OBJS = \ | 20 | MOD_OBJS = \ |
19 | ../lib/common.o \ | 21 | ../lib/common.o \ |
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c index bc7cd901c..ad5e8585d 100644 --- a/src/firejail/fs_etc.c +++ b/src/firejail/fs_etc.c | |||
@@ -25,67 +25,9 @@ | |||
25 | #include <time.h> | 25 | #include <time.h> |
26 | #include <unistd.h> | 26 | #include <unistd.h> |
27 | #include <glob.h> | 27 | #include <glob.h> |
28 | #include "../include/etc_groups.h" | ||
28 | 29 | ||
29 | #define ETC_MAX 256 | ||
30 | static int etc_cnt = 0; | 30 | static int etc_cnt = 0; |
31 | static char *etc_list[ETC_MAX + 1] = { // plus 1 for ending NULL pointer | ||
32 | "alternatives", | ||
33 | "fonts", | ||
34 | "ld.so.cache", | ||
35 | "ld.so.conf", | ||
36 | "ld.so.conf.d", | ||
37 | "ld.so.preload", | ||
38 | "locale", | ||
39 | "locale.alias", | ||
40 | "locale.conf", | ||
41 | "locale.gen", | ||
42 | "localtime", | ||
43 | "nsswitch.conf", | ||
44 | "passwd", | ||
45 | NULL | ||
46 | }; | ||
47 | |||
48 | static char*etc_group_network[] = { | ||
49 | "hostname", | ||
50 | "hosts", | ||
51 | "resolv.conf", | ||
52 | "protocols", | ||
53 | NULL | ||
54 | }; | ||
55 | |||
56 | static char *etc_group_gnome[] = { | ||
57 | "xdg", | ||
58 | "drirc", | ||
59 | "dconf", | ||
60 | "gtk-2.0", | ||
61 | "gtk-3.0", | ||
62 | NULL | ||
63 | }; | ||
64 | |||
65 | static char *etc_group_kde[] = { | ||
66 | "xdg", | ||
67 | "drirc", | ||
68 | "kde4rc", | ||
69 | "kde5rc", | ||
70 | NULL | ||
71 | }; | ||
72 | |||
73 | static char *etc_group_sound[] = { | ||
74 | "alsa", | ||
75 | "asound.conf", | ||
76 | "machine-id", // required by PulseAudio | ||
77 | "pulse", | ||
78 | NULL | ||
79 | }; | ||
80 | |||
81 | static char *etc_group_tls_ca[] = { | ||
82 | "ca-certificates", | ||
83 | "ca-certificates.conf", | ||
84 | "crypto-policies", | ||
85 | "pki", | ||
86 | "ssl", | ||
87 | NULL | ||
88 | }; | ||
89 | 31 | ||
90 | static void etc_copy_group(char **pptr) { | 32 | static void etc_copy_group(char **pptr) { |
91 | assert(pptr); | 33 | assert(pptr); |
@@ -137,10 +79,14 @@ char *fs_etc_build(char *str) { | |||
137 | // look for standard groups | 79 | // look for standard groups |
138 | if (strcmp(ptr, "TLS-CA") == 0) | 80 | if (strcmp(ptr, "TLS-CA") == 0) |
139 | etc_copy_group(&etc_group_tls_ca[0]); | 81 | etc_copy_group(&etc_group_tls_ca[0]); |
140 | if (strcmp(ptr, "GNOME") == 0) | 82 | if (strcmp(ptr, "GUI") == 0) |
141 | etc_copy_group(&etc_group_gnome[0]); | 83 | etc_copy_group(&etc_group_gui[0]); |
142 | if (strcmp(ptr, "KDE") == 0) | 84 | if (strcmp(ptr, "SOUND") == 0) |
143 | etc_copy_group(&etc_group_kde[0]); | 85 | etc_copy_group(&etc_group_sound[0]); |
86 | if (strcmp(ptr, "NETWORK") == 0) | ||
87 | etc_copy_group(&etc_group_network[0]); | ||
88 | if (strcmp(ptr, "GAMES") == 0) | ||
89 | etc_copy_group(&etc_group_games[0]); | ||
144 | else | 90 | else |
145 | etc_add(ptr); | 91 | etc_add(ptr); |
146 | ptr = strtok(NULL, ","); | 92 | ptr = strtok(NULL, ","); |
diff --git a/src/include/etc_groups.h b/src/include/etc_groups.h new file mode 100644 index 000000000..5242c9c3b --- /dev/null +++ b/src/include/etc_groups.h | |||
@@ -0,0 +1,90 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2014-2022 Firejail Authors | ||
3 | * | ||
4 | * This file is part of firejail project | ||
5 | * | ||
6 | * This program is free software; you can redistribute it and/or modify | ||
7 | * it under the terms of the GNU General Public License as published by | ||
8 | * the Free Software Foundation; either version 2 of the License, or | ||
9 | * (at your option) any later version. | ||
10 | * | ||
11 | * This program is distributed in the hope that it will be useful, | ||
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
14 | * GNU General Public License for more details. | ||
15 | * | ||
16 | * You should have received a copy of the GNU General Public License along | ||
17 | * with this program; if not, write to the Free Software Foundation, Inc., | ||
18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | ||
19 | */ | ||
20 | |||
21 | #ifndef ETC_GROUPS_H | ||
22 | #define ETC_GROUPS_H | ||
23 | |||
24 | #define ETC_MAX 256 | ||
25 | |||
26 | // DEFAULT | ||
27 | static char *etc_list[ETC_MAX + 1] = { // plus 1 for ending NULL pointer | ||
28 | "alternatives", | ||
29 | "fonts", | ||
30 | "ld.so.cache", | ||
31 | "ld.so.conf", | ||
32 | "ld.so.conf.d", | ||
33 | "ld.so.preload", | ||
34 | "locale", | ||
35 | "locale.alias", | ||
36 | "locale.conf", | ||
37 | "localtime", | ||
38 | "nsswitch.conf", | ||
39 | "passwd", | ||
40 | NULL | ||
41 | }; | ||
42 | |||
43 | // SOUND | ||
44 | static char *etc_group_sound[] = { | ||
45 | "alsa", | ||
46 | "asound.conf", | ||
47 | "machine-id", // required by PulseAudio | ||
48 | "pulse", | ||
49 | NULL | ||
50 | }; | ||
51 | |||
52 | // NETWORK | ||
53 | static char*etc_group_network[] = { | ||
54 | "hostname", | ||
55 | "hosts", | ||
56 | "resolv.conf", | ||
57 | "protocols", | ||
58 | NULL | ||
59 | }; | ||
60 | |||
61 | // TLS-CA | ||
62 | static char *etc_group_tls_ca[] = { | ||
63 | "ca-certificates", | ||
64 | "crypto-policies", | ||
65 | "gcrypt", | ||
66 | "pki", | ||
67 | "ssl", | ||
68 | NULL | ||
69 | }; | ||
70 | |||
71 | // GUI | ||
72 | static char *etc_group_gui[] = { | ||
73 | "xdg", | ||
74 | "drirc", | ||
75 | "dconf", | ||
76 | "gtk-2.0", | ||
77 | "gtk-3.0", | ||
78 | "kde4rc", | ||
79 | "kde5rc", | ||
80 | NULL | ||
81 | }; | ||
82 | |||
83 | // GAMES | ||
84 | static char *etc_group_games[] = { | ||
85 | "timidity", // MIDI | ||
86 | "timidity.cfg", | ||
87 | "openal", // 3D sound | ||
88 | }; | ||
89 | |||
90 | #endif | ||