diff options
author | netblue30 <netblue30@yahoo.com> | 2017-03-01 09:08:59 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-03-01 09:08:59 -0500 |
commit | 00acc715548b6b2338693f0b3dbf6cc9355832d9 (patch) | |
tree | 99351ede72b843fa0ac5fdefe5f6c6f60decd9ef | |
parent | profile merges (diff) | |
download | firejail-00acc715548b6b2338693f0b3dbf6cc9355832d9.tar.gz firejail-00acc715548b6b2338693f0b3dbf6cc9355832d9.tar.zst firejail-00acc715548b6b2338693f0b3dbf6cc9355832d9.zip |
merge #1100 from zackw: removed mask_x11_abstract_socket
-rw-r--r-- | src/firejail/firejail.h | 1 | ||||
-rw-r--r-- | src/firejail/fs.c | 2 | ||||
-rw-r--r-- | src/firejail/main.c | 4 | ||||
-rw-r--r-- | src/firejail/profile.c | 3 | ||||
-rw-r--r-- | src/firejail/x11.c | 4 |
5 files changed, 0 insertions, 14 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index fbf83abb3..cafaf8c4f 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
@@ -644,7 +644,6 @@ void fs_mkdir(const char *name); | |||
644 | void fs_mkfile(const char *name); | 644 | void fs_mkfile(const char *name); |
645 | 645 | ||
646 | // x11.c | 646 | // x11.c |
647 | extern int mask_x11_abstract_socket; | ||
648 | void fs_x11(void); | 647 | void fs_x11(void); |
649 | int x11_display(void); | 648 | int x11_display(void); |
650 | void x11_start(int argc, char **argv); | 649 | void x11_start(int argc, char **argv); |
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index c386f70cf..a06f3a35d 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
@@ -1084,7 +1084,6 @@ void fs_check_chroot_dir(const char *rootdir) { | |||
1084 | 1084 | ||
1085 | // check x11 socket directory | 1085 | // check x11 socket directory |
1086 | if (getenv("FIREJAIL_X11")) { | 1086 | if (getenv("FIREJAIL_X11")) { |
1087 | mask_x11_abstract_socket = 1; | ||
1088 | char *name; | 1087 | char *name; |
1089 | if (asprintf(&name, "%s/tmp/.X11-unix", rootdir) == -1) | 1088 | if (asprintf(&name, "%s/tmp/.X11-unix", rootdir) == -1) |
1090 | errExit("asprintf"); | 1089 | errExit("asprintf"); |
@@ -1117,7 +1116,6 @@ void fs_chroot(const char *rootdir) { | |||
1117 | 1116 | ||
1118 | // x11 | 1117 | // x11 |
1119 | if (getenv("FIREJAIL_X11")) { | 1118 | if (getenv("FIREJAIL_X11")) { |
1120 | mask_x11_abstract_socket = 1; | ||
1121 | char *newx11; | 1119 | char *newx11; |
1122 | if (asprintf(&newx11, "%s/tmp/.X11-unix", rootdir) == -1) | 1120 | if (asprintf(&newx11, "%s/tmp/.X11-unix", rootdir) == -1) |
1123 | errExit("asprintf"); | 1121 | errExit("asprintf"); |
diff --git a/src/firejail/main.c b/src/firejail/main.c index 310795abf..978ca8cd2 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -2182,10 +2182,6 @@ int main(int argc, char **argv) { | |||
2182 | fprintf(stderr, "Warning: --trace and --tracelog are mutually exclusive; --tracelog disabled\n"); | 2182 | fprintf(stderr, "Warning: --trace and --tracelog are mutually exclusive; --tracelog disabled\n"); |
2183 | } | 2183 | } |
2184 | 2184 | ||
2185 | // disable x11 abstract socket | ||
2186 | if (getenv("FIREJAIL_X11")) | ||
2187 | mask_x11_abstract_socket = 1; | ||
2188 | |||
2189 | // check user namespace (--noroot) options | 2185 | // check user namespace (--noroot) options |
2190 | if (arg_noroot) { | 2186 | if (arg_noroot) { |
2191 | if (arg_overlay) { | 2187 | if (arg_overlay) { |
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 5684a2d95..271176fcd 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
@@ -696,7 +696,6 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
696 | if (checkcfg(CFG_X11)) { | 696 | if (checkcfg(CFG_X11)) { |
697 | char *x11env = getenv("FIREJAIL_X11"); | 697 | char *x11env = getenv("FIREJAIL_X11"); |
698 | if (x11env && strcmp(x11env, "yes") == 0) { | 698 | if (x11env && strcmp(x11env, "yes") == 0) { |
699 | mask_x11_abstract_socket = 1; | ||
700 | return 0; | 699 | return 0; |
701 | } | 700 | } |
702 | else { | 701 | else { |
@@ -725,7 +724,6 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
725 | if (checkcfg(CFG_X11)) { | 724 | if (checkcfg(CFG_X11)) { |
726 | char *x11env = getenv("FIREJAIL_X11"); | 725 | char *x11env = getenv("FIREJAIL_X11"); |
727 | if (x11env && strcmp(x11env, "yes") == 0) { | 726 | if (x11env && strcmp(x11env, "yes") == 0) { |
728 | mask_x11_abstract_socket = 1; | ||
729 | return 0; | 727 | return 0; |
730 | } | 728 | } |
731 | else { | 729 | else { |
@@ -745,7 +743,6 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
745 | if (checkcfg(CFG_X11)) { | 743 | if (checkcfg(CFG_X11)) { |
746 | char *x11env = getenv("FIREJAIL_X11"); | 744 | char *x11env = getenv("FIREJAIL_X11"); |
747 | if (x11env && strcmp(x11env, "yes") == 0) { | 745 | if (x11env && strcmp(x11env, "yes") == 0) { |
748 | mask_x11_abstract_socket = 1; | ||
749 | return 0; | 746 | return 0; |
750 | } | 747 | } |
751 | else { | 748 | else { |
diff --git a/src/firejail/x11.c b/src/firejail/x11.c index 5bbc327a6..b668c1c9c 100644 --- a/src/firejail/x11.c +++ b/src/firejail/x11.c | |||
@@ -31,8 +31,6 @@ | |||
31 | #include <sys/wait.h> | 31 | #include <sys/wait.h> |
32 | #include <errno.h> | 32 | #include <errno.h> |
33 | #include <limits.h> | 33 | #include <limits.h> |
34 | int mask_x11_abstract_socket = 0; | ||
35 | |||
36 | 34 | ||
37 | // Parse the DISPLAY environment variable and return a display number. | 35 | // Parse the DISPLAY environment variable and return a display number. |
38 | // Returns -1 if DISPLAY is not set, or is set to anything other than :ddd. | 36 | // Returns -1 if DISPLAY is not set, or is set to anything other than :ddd. |
@@ -833,8 +831,6 @@ void fs_x11(void) { | |||
833 | 831 | ||
834 | void x11_block(void) { | 832 | void x11_block(void) { |
835 | #ifdef HAVE_X11 | 833 | #ifdef HAVE_X11 |
836 | mask_x11_abstract_socket = 1; | ||
837 | |||
838 | // check abstract socket presence and network namespace options | 834 | // check abstract socket presence and network namespace options |
839 | if ((!arg_nonetwork && !cfg.bridge0.configured && !cfg.interface0.configured) | 835 | if ((!arg_nonetwork && !cfg.bridge0.configured && !cfg.interface0.configured) |
840 | && x11_abstract_sockets_present()) { | 836 | && x11_abstract_sockets_present()) { |