private-etc rework: file groups moved to src/include/etc_groups.h, new groups added

author: netblue30 <netblue30@protonmail.com> 2023-01-25 11:33:47 -0500
committer: netblue30 <netblue30@protonmail.com> 2023-01-25 11:33:47 -0500
commit: 02d37680c45cca9b5a8c05020cd3962b9425da80 (patch)
tree: 7b127173f60ff6669124f5490df5f0ce4dcee5ce
parent: merges (diff)
download: firejail-02d37680c45cca9b5a8c05020cd3962b9425da80.tar.gz
firejail-02d37680c45cca9b5a8c05020cd3962b9425da80.tar.zst
firejail-02d37680c45cca9b5a8c05020cd3962b9425da80.zip
3 files changed, 102 insertions, 64 deletions
diff --git a/src/firejail/Makefile b/src/firejail/Makefile
index 4e241af7e..47edc5ac6 100644
--- a/src/firejail/Makefile
+++ b/src/firejail/Makefile
@@ -13,7 +13,9 @@ MOD_HDRS = \
 ../include/seccomp.h \
 ../include/syscall_i386.h \
 ../include/syscall_x86_64.h \
-../include/firejail_user.h
+../include/firejail_user.h \
+../include/etc_groups.h
 MOD_OBJS = \
 ../lib/common.o \
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c
index bc7cd901c..ad5e8585d 100644
--- a/src/firejail/fs_etc.c
+++ b/src/firejail/fs_etc.c
@@ -25,67 +25,9 @@
 #include <time.h>
 #include <unistd.h>
 #include <glob.h>
+#include "../include/etc_groups.h"
-#define ETC_MAX 256
 static int etc_cnt = 0;
-static char *etc_list[ETC_MAX + 1] = { // plus 1 for ending NULL pointer
-        "alternatives",
-        "fonts",
-        "ld.so.cache",
-        "ld.so.conf",
-        "ld.so.conf.d",
-        "ld.so.preload",
-        "locale",
-        "locale.alias",
-        "locale.conf",
-        "locale.gen",
-        "localtime",
-        "nsswitch.conf",
-        "passwd",
-        NULL
-};
-static char*etc_group_network[] = {
-        "hostname",
-        "hosts",
-        "resolv.conf",
-        "protocols",
-        NULL
-};
-static char *etc_group_gnome[] = {
-        "xdg",
-        "drirc",
-        "dconf",
-        "gtk-2.0",
-        "gtk-3.0",
-        NULL
-};
-static char *etc_group_kde[] = {
-        "xdg",
-        "drirc",
-        "kde4rc",
-        "kde5rc",
-        NULL
-};
-static char *etc_group_sound[] = {
-        "alsa",
-        "asound.conf",
-        "machine-id", // required by PulseAudio
-        "pulse",
-        NULL
-};
-static char *etc_group_tls_ca[] = {
-        "ca-certificates",
-        "ca-certificates.conf",
-        "crypto-policies",
-        "pki",
-        "ssl",
-        NULL
-};
 static void etc_copy_group(char **pptr) {
        assert(pptr);
@@ -137,10 +79,14 @@ char *fs_etc_build(char *str) {
                        // look for standard groups
                        if (strcmp(ptr, "TLS-CA") == 0)
                                etc_copy_group(&etc_group_tls_ca[0]);
-                        if (strcmp(ptr, "GNOME") == 0)
+                        if (strcmp(ptr, "GUI") == 0)
-                                etc_copy_group(&etc_group_gnome[0]);
+                                etc_copy_group(&etc_group_gui[0]);
-                        if (strcmp(ptr, "KDE") == 0)
+                        if (strcmp(ptr, "SOUND") == 0)
-                                etc_copy_group(&etc_group_kde[0]);
+                                etc_copy_group(&etc_group_sound[0]);
+                        if (strcmp(ptr, "NETWORK") == 0)
+                                etc_copy_group(&etc_group_network[0]);
+                        if (strcmp(ptr, "GAMES") == 0)
+                                etc_copy_group(&etc_group_games[0]);
                        else
                                etc_add(ptr);
                        ptr = strtok(NULL, ",");
diff --git a/src/include/etc_groups.h b/src/include/etc_groups.h
new file mode 100644
index 000000000..5242c9c3b
--- /dev/null
+++ b/src/include/etc_groups.h
@@ -0,0 +1,90 @@
+/*
+ * Copyright (C) 2014-2022 Firejail Authors
+ *
+ * This file is part of firejail project
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*/
+#ifndef ETC_GROUPS_H
+#define ETC_GROUPS_H
+#define ETC_MAX 256
+// DEFAULT
+static char *etc_list[ETC_MAX + 1] = { // plus 1 for ending NULL pointer
+        "alternatives",
+        "fonts",
+        "ld.so.cache",
+        "ld.so.conf",
+        "ld.so.conf.d",
+        "ld.so.preload",
+        "locale",
+        "locale.alias",
+        "locale.conf",
+        "localtime",
+        "nsswitch.conf",
+        "passwd",
+        NULL
+};
+// SOUND
+static char *etc_group_sound[] = {
+        "alsa",
+        "asound.conf",
+        "machine-id", // required by PulseAudio
+        "pulse",
+        NULL
+};
+// NETWORK
+static char*etc_group_network[] = {
+        "hostname",
+        "hosts",
+        "resolv.conf",
+        "protocols",
+        NULL
+};
+// TLS-CA
+static char *etc_group_tls_ca[] = {
+        "ca-certificates",
+        "crypto-policies",
+        "gcrypt",
+        "pki",
+        "ssl",
+        NULL
+};
+// GUI
+static char *etc_group_gui[] = {
+        "xdg",
+        "drirc",
+        "dconf",
+        "gtk-2.0",
+        "gtk-3.0",
+        "kde4rc",
+        "kde5rc",
+        NULL
+};
+// GAMES
+static char *etc_group_games[] = {
+        "timidity", // MIDI
+        "timidity.cfg",
+        "openal", // 3D sound
+};
+#endif
author	netblue30 <netblue30@protonmail.com>	2023-01-25 11:33:47 -0500
committer	netblue30 <netblue30@protonmail.com>	2023-01-25 11:33:47 -0500
commit	02d37680c45cca9b5a8c05020cd3962b9425da80 (patch)
tree	7b127173f60ff6669124f5490df5f0ce4dcee5ce
parent	merges (diff)
download	firejail-02d37680c45cca9b5a8c05020cd3962b9425da80.tar.gz firejail-02d37680c45cca9b5a8c05020cd3962b9425da80.tar.zst firejail-02d37680c45cca9b5a8c05020cd3962b9425da80.zip

diff --git a/src/firejail/Makefile b/src/firejail/Makefile index 4e241af7e..47edc5ac6 100644 --- a/src/firejail/Makefile +++ b/src/firejail/Makefile
@@ -13,7 +13,9 @@ MOD_HDRS = \
13	../include/seccomp.h \	13	../include/seccomp.h \
14	../include/syscall_i386.h \	14	../include/syscall_i386.h \
15	../include/syscall_x86_64.h \	15	../include/syscall_x86_64.h \
16	../include/firejail_user.h	16	../include/firejail_user.h \
		17	../include/etc_groups.h
		18
17		19
18	MOD_OBJS = \	20	MOD_OBJS = \
19	../lib/common.o \	21	../lib/common.o \


diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c index bc7cd901c..ad5e8585d 100644 --- a/src/firejail/fs_etc.c +++ b/src/firejail/fs_etc.c
@@ -25,67 +25,9 @@
25	#include <time.h>	25	#include <time.h>
26	#include <unistd.h>	26	#include <unistd.h>
27	#include <glob.h>	27	#include <glob.h>
		28	#include "../include/etc_groups.h"
28		29
29	#define ETC_MAX 256
30	static int etc_cnt = 0;	30	static int etc_cnt = 0;
31	static char *etc_list[ETC_MAX + 1] = { // plus 1 for ending NULL pointer
32	"alternatives",
33	"fonts",
34	"ld.so.cache",
35	"ld.so.conf",
36	"ld.so.conf.d",
37	"ld.so.preload",
38	"locale",
39	"locale.alias",
40	"locale.conf",
41	"locale.gen",
42	"localtime",
43	"nsswitch.conf",
44	"passwd",
45	NULL
46	};
47
48	static char*etc_group_network[] = {
49	"hostname",
50	"hosts",
51	"resolv.conf",
52	"protocols",
53	NULL
54	};
55
56	static char *etc_group_gnome[] = {
57	"xdg",
58	"drirc",
59	"dconf",
60	"gtk-2.0",
61	"gtk-3.0",
62	NULL
63	};
64
65	static char *etc_group_kde[] = {
66	"xdg",
67	"drirc",
68	"kde4rc",
69	"kde5rc",
70	NULL
71	};
72
73	static char *etc_group_sound[] = {
74	"alsa",
75	"asound.conf",
76	"machine-id", // required by PulseAudio
77	"pulse",
78	NULL
79	};
80
81	static char *etc_group_tls_ca[] = {
82	"ca-certificates",
83	"ca-certificates.conf",
84	"crypto-policies",
85	"pki",
86	"ssl",
87	NULL
88	};
89		31
90	static void etc_copy_group(char **pptr) {	32	static void etc_copy_group(char **pptr) {
91	assert(pptr);	33	assert(pptr);
@@ -137,10 +79,14 @@ char fs_etc_build(char str) {
137	// look for standard groups	79	// look for standard groups
138	if (strcmp(ptr, "TLS-CA") == 0)	80	if (strcmp(ptr, "TLS-CA") == 0)
139	etc_copy_group(&etc_group_tls_ca[0]);	81	etc_copy_group(&etc_group_tls_ca[0]);
140	if (strcmp(ptr, "GNOME") == 0)	82	if (strcmp(ptr, "GUI") == 0)
141	etc_copy_group(&etc_group_gnome[0]);	83	etc_copy_group(&etc_group_gui[0]);
142	if (strcmp(ptr, "KDE") == 0)	84	if (strcmp(ptr, "SOUND") == 0)
143	etc_copy_group(&etc_group_kde[0]);	85	etc_copy_group(&etc_group_sound[0]);
		86	if (strcmp(ptr, "NETWORK") == 0)
		87	etc_copy_group(&etc_group_network[0]);
		88	if (strcmp(ptr, "GAMES") == 0)
		89	etc_copy_group(&etc_group_games[0]);
144	else	90	else
145	etc_add(ptr);	91	etc_add(ptr);
146	ptr = strtok(NULL, ",");	92	ptr = strtok(NULL, ",");


diff --git a/src/include/etc_groups.h b/src/include/etc_groups.h new file mode 100644 index 000000000..5242c9c3b --- /dev/null +++ b/src/include/etc_groups.h
@@ -0,0 +1,90 @@
		1	/*
		2	* Copyright (C) 2014-2022 Firejail Authors
		3	*
		4	* This file is part of firejail project
		5	*
		6	* This program is free software; you can redistribute it and/or modify
		7	* it under the terms of the GNU General Public License as published by
		8	* the Free Software Foundation; either version 2 of the License, or
		9	* (at your option) any later version.
		10	*
		11	* This program is distributed in the hope that it will be useful,
		12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
		13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
		14	* GNU General Public License for more details.
		15	*
		16	* You should have received a copy of the GNU General Public License along
		17	* with this program; if not, write to the Free Software Foundation, Inc.,
		18	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
		19	*/
		20
		21	#ifndef ETC_GROUPS_H
		22	#define ETC_GROUPS_H
		23
		24	#define ETC_MAX 256
		25
		26	// DEFAULT
		27	static char *etc_list[ETC_MAX + 1] = { // plus 1 for ending NULL pointer
		28	"alternatives",
		29	"fonts",
		30	"ld.so.cache",
		31	"ld.so.conf",
		32	"ld.so.conf.d",
		33	"ld.so.preload",
		34	"locale",
		35	"locale.alias",
		36	"locale.conf",
		37	"localtime",
		38	"nsswitch.conf",
		39	"passwd",
		40	NULL
		41	};
		42
		43	// SOUND
		44	static char *etc_group_sound[] = {
		45	"alsa",
		46	"asound.conf",
		47	"machine-id", // required by PulseAudio
		48	"pulse",
		49	NULL
		50	};
		51
		52	// NETWORK
		53	static char*etc_group_network[] = {
		54	"hostname",
		55	"hosts",
		56	"resolv.conf",
		57	"protocols",
		58	NULL
		59	};
		60
		61	// TLS-CA
		62	static char *etc_group_tls_ca[] = {
		63	"ca-certificates",
		64	"crypto-policies",
		65	"gcrypt",
		66	"pki",
		67	"ssl",
		68	NULL
		69	};
		70
		71	// GUI
		72	static char *etc_group_gui[] = {
		73	"xdg",
		74	"drirc",
		75	"dconf",
		76	"gtk-2.0",
		77	"gtk-3.0",
		78	"kde4rc",
		79	"kde5rc",
		80	NULL
		81	};
		82
		83	// GAMES
		84	static char *etc_group_games[] = {
		85	"timidity", // MIDI
		86	"timidity.cfg",
		87	"openal", // 3D sound
		88	};
		89
		90	#endif