diff options
author | netblue30 <netblue30@protonmail.com> | 2021-11-11 02:23:59 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-11-11 02:23:59 +0000 |
commit | ba78abd252a9412a85224b856b2a02ea3b270641 (patch) | |
tree | bf6c615c7602343f90aac2f9f89a82be212c0e21 | |
parent | Merge pull request #4675 from glitsj16/ssh-fixes (diff) | |
parent | Relocate firecfg.config to /etc/firejail/ (diff) | |
download | firejail-ba78abd252a9412a85224b856b2a02ea3b270641.tar.gz firejail-ba78abd252a9412a85224b856b2a02ea3b270641.tar.zst firejail-ba78abd252a9412a85224b856b2a02ea3b270641.zip |
Merge pull request #4669 from hlein/firecfg_location
Relocate firecfg.config to /etc/firejail/
-rw-r--r-- | Makefile.in | 3 | ||||
-rw-r--r-- | README.md | 2 | ||||
-rw-r--r-- | src/firecfg/firecfg.config | 2 | ||||
-rw-r--r-- | src/firecfg/main.c | 8 | ||||
-rw-r--r-- | src/firejail/appimage.c | 6 | ||||
-rw-r--r-- | src/man/firecfg.txt | 2 |
6 files changed, 12 insertions, 11 deletions
diff --git a/Makefile.in b/Makefile.in index 11193122d..ddc63c1af 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -116,7 +116,7 @@ endif | |||
116 | install -m 0755 src/jailcheck/jailcheck $(DESTDIR)$(bindir) | 116 | install -m 0755 src/jailcheck/jailcheck $(DESTDIR)$(bindir) |
117 | # libraries and plugins | 117 | # libraries and plugins |
118 | install -m 0755 -d $(DESTDIR)$(libdir)/firejail | 118 | install -m 0755 -d $(DESTDIR)$(libdir)/firejail |
119 | install -m 0644 -t $(DESTDIR)$(libdir)/firejail $(MYLIBS) $(SECCOMP_FILTERS) src/firecfg/firecfg.config | 119 | install -m 0644 -t $(DESTDIR)$(libdir)/firejail $(MYLIBS) $(SECCOMP_FILTERS) |
120 | install -m 0755 -t $(DESTDIR)$(libdir)/firejail $(SBOX_APPS) | 120 | install -m 0755 -t $(DESTDIR)$(libdir)/firejail $(SBOX_APPS) |
121 | # plugins w/o read permission (non-dumpable) | 121 | # plugins w/o read permission (non-dumpable) |
122 | install -m 0711 -t $(DESTDIR)$(libdir)/firejail $(SBOX_APPS_NON_DUMPABLE) | 122 | install -m 0711 -t $(DESTDIR)$(libdir)/firejail $(SBOX_APPS_NON_DUMPABLE) |
@@ -135,6 +135,7 @@ endif | |||
135 | install -m 0644 -t $(DESTDIR)$(DOCDIR) COPYING README RELNOTES etc/templates/* | 135 | install -m 0644 -t $(DESTDIR)$(DOCDIR) COPYING README RELNOTES etc/templates/* |
136 | # profiles and settings | 136 | # profiles and settings |
137 | install -m 0755 -d $(DESTDIR)$(sysconfdir)/firejail | 137 | install -m 0755 -d $(DESTDIR)$(sysconfdir)/firejail |
138 | install -m 0644 -t $(DESTDIR)$(sysconfdir)/firejail src/firecfg/firecfg.config | ||
138 | install -m 0644 -t $(DESTDIR)$(sysconfdir)/firejail etc/profile-a-l/*.profile etc/profile-m-z/*.profile etc/inc/*.inc etc/net/*.net etc/firejail.config etc/ids.config | 139 | install -m 0644 -t $(DESTDIR)$(sysconfdir)/firejail etc/profile-a-l/*.profile etc/profile-m-z/*.profile etc/inc/*.inc etc/net/*.net etc/firejail.config etc/ids.config |
139 | sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" | 140 | sh -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;" |
140 | ifeq ($(BUSYBOX_WORKAROUND),yes) | 141 | ifeq ($(BUSYBOX_WORKAROUND),yes) |
@@ -150,7 +150,7 @@ PulseAudio changes. | |||
150 | Start your programs the way you are used to: desktop manager menus, file manager, desktop launchers. | 150 | Start your programs the way you are used to: desktop manager menus, file manager, desktop launchers. |
151 | The integration applies to any program supported by default by Firejail. There are about 250 default applications | 151 | The integration applies to any program supported by default by Firejail. There are about 250 default applications |
152 | in current Firejail version, and the number goes up with every new release. | 152 | in current Firejail version, and the number goes up with every new release. |
153 | We keep the application list in [/usr/lib/firejail/firecfg.config](https://github.com/netblue30/firejail/blob/master/src/firecfg/firecfg.config) file. | 153 | We keep the application list in [/etc/firejail/firecfg.config](https://github.com/netblue30/firejail/blob/master/src/firecfg/firecfg.config) file. |
154 | 154 | ||
155 | ## Security profiles | 155 | ## Security profiles |
156 | 156 | ||
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config index 0f4c1b18b..3ec5f9660 100644 --- a/src/firecfg/firecfg.config +++ b/src/firecfg/firecfg.config | |||
@@ -1,4 +1,4 @@ | |||
1 | # /usr/lib/firejail/firecfg.config - firecfg utility configuration file | 1 | # /etc/firejail/firecfg.config - firecfg utility configuration file |
2 | # This is the list of programs in alphabetical order handled by firecfg utility | 2 | # This is the list of programs in alphabetical order handled by firecfg utility |
3 | # | 3 | # |
4 | 0ad | 4 | 0ad |
diff --git a/src/firecfg/main.c b/src/firecfg/main.c index 363000e15..fafa0e635 100644 --- a/src/firecfg/main.c +++ b/src/firecfg/main.c | |||
@@ -171,17 +171,17 @@ static void set_file(const char *name, const char *firejail_exec) { | |||
171 | free(fname); | 171 | free(fname); |
172 | } | 172 | } |
173 | 173 | ||
174 | // parse /usr/lib/firejail/firecfg.cfg file | 174 | // parse /etc/firejail/firecfg.config file |
175 | static void set_links_firecfg(void) { | 175 | static void set_links_firecfg(void) { |
176 | char *cfgfile; | 176 | char *cfgfile; |
177 | if (asprintf(&cfgfile, "%s/firejail/firecfg.config", LIBDIR) == -1) | 177 | if (asprintf(&cfgfile, "%s/firecfg.config", SYSCONFDIR) == -1) |
178 | errExit("asprintf"); | 178 | errExit("asprintf"); |
179 | 179 | ||
180 | char *firejail_exec; | 180 | char *firejail_exec; |
181 | if (asprintf(&firejail_exec, "%s/bin/firejail", PREFIX) == -1) | 181 | if (asprintf(&firejail_exec, "%s/bin/firejail", PREFIX) == -1) |
182 | errExit("asprintf"); | 182 | errExit("asprintf"); |
183 | 183 | ||
184 | // parse /usr/lib/firejail/firecfg.cfg file | 184 | // parse /etc/firejail/firecfg.config file |
185 | FILE *fp = fopen(cfgfile, "r"); | 185 | FILE *fp = fopen(cfgfile, "r"); |
186 | if (!fp) { | 186 | if (!fp) { |
187 | perror("fopen"); | 187 | perror("fopen"); |
@@ -440,7 +440,7 @@ int main(int argc, char **argv) { | |||
440 | // clear all symlinks | 440 | // clear all symlinks |
441 | clean(); | 441 | clean(); |
442 | 442 | ||
443 | // set new symlinks based on /usr/lib/firejail/firecfg.cfg | 443 | // set new symlinks based on /etc/firejail/firecfg.config |
444 | set_links_firecfg(); | 444 | set_links_firecfg(); |
445 | 445 | ||
446 | if (getuid() == 0) { | 446 | if (getuid() == 0) { |
diff --git a/src/firejail/appimage.c b/src/firejail/appimage.c index 2266fa499..bb5b29d79 100644 --- a/src/firejail/appimage.c +++ b/src/firejail/appimage.c | |||
@@ -45,10 +45,10 @@ int appimage_find_profile(const char *archive) { | |||
45 | assert(archive); | 45 | assert(archive); |
46 | assert(strlen(archive)); | 46 | assert(strlen(archive)); |
47 | 47 | ||
48 | // try to match the name of the archive with the list of programs in /usr/lib/firejail/firecfg.config | 48 | // try to match the name of the archive with the list of programs in /etc/firejail/firecfg.config |
49 | FILE *fp = fopen(LIBDIR "/firejail/firecfg.config", "r"); | 49 | FILE *fp = fopen(SYSCONFDIR "/firecfg.config", "r"); |
50 | if (!fp) { | 50 | if (!fp) { |
51 | fprintf(stderr, "Error: cannot find %s, firejail is not correctly installed\n", LIBDIR "/firejail/firecfg.config"); | 51 | fprintf(stderr, "Error: cannot find %s, firejail is not correctly installed\n", SYSCONFDIR "/firecfg.config"); |
52 | exit(1); | 52 | exit(1); |
53 | } | 53 | } |
54 | char buf[MAXBUF]; | 54 | char buf[MAXBUF]; |
diff --git a/src/man/firecfg.txt b/src/man/firecfg.txt index 7e0a57f92..189e9cc8d 100644 --- a/src/man/firecfg.txt +++ b/src/man/firecfg.txt | |||
@@ -27,7 +27,7 @@ desktop managers are supported in this moment | |||
27 | To set it up, run "sudo firecfg" after installing Firejail software. | 27 | To set it up, run "sudo firecfg" after installing Firejail software. |
28 | The same command should also be run after | 28 | The same command should also be run after |
29 | installing new programs. If the program is supported by Firejail, the symbolic link in /usr/local/bin | 29 | installing new programs. If the program is supported by Firejail, the symbolic link in /usr/local/bin |
30 | will be created. For a full list of programs supported by default run "cat /usr/lib/firejail/firecfg.config". | 30 | will be created. For a full list of programs supported by default run "cat /etc/firejail/firecfg.config". |
31 | 31 | ||
32 | For user-driven manual integration, see \fBDESKTOP INTEGRATION\fR section in \fBman 1 firejail\fR. | 32 | For user-driven manual integration, see \fBDESKTOP INTEGRATION\fR section in \fBman 1 firejail\fR. |
33 | .SH DEFAULT ACTIONS | 33 | .SH DEFAULT ACTIONS |