checkcfg.c cleanup

author: netblue30 <netblue30@yahoo.com> 2018-08-27 11:57:28 -0400
committer: netblue30 <netblue30@yahoo.com> 2018-08-27 11:57:28 -0400
commit: 189b7fd6b949fafd8fe0ed0327dcf696be560f31 (patch)
tree: a0893c7d4273ee726b85b4c73897bf85941f55a6
parent: mainline merge (diff)
download: firejail-189b7fd6b949fafd8fe0ed0327dcf696be560f31.tar.gz
firejail-189b7fd6b949fafd8fe0ed0327dcf696be560f31.tar.zst
firejail-189b7fd6b949fafd8fe0ed0327dcf696be560f31.zip
1 files changed, 0 insertions, 182 deletions
diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c
index 3a2d9048d..430771a13 100644
--- a/src/firejail/checkcfg.c
+++ b/src/firejail/checkcfg.c
@@ -76,17 +76,6 @@ int checkcfg(int val) {
                        if (!ptr)
                                continue;
-#ifndef LTS
-                        // file transfer
-                        else if (strncmp(ptr, "file-transfer ", 14) == 0) {
-                                if (strcmp(ptr + 14, "yes") == 0)
-                                        cfg_val[CFG_FILE_TRANSFER] = 1;
-                                else if (strcmp(ptr + 14, "no") == 0)
-                                        cfg_val[CFG_FILE_TRANSFER] = 0;
-                                else
-                                        goto errout;
-                        }
-#endif
                        // dbus
                        else if (strncmp(ptr, "dbus ", 5) == 0) {
                                if (strcmp(ptr + 5, "yes") == 0)
@@ -105,17 +94,6 @@ int checkcfg(int val) {
                                else
                                        goto errout;
                        }
-#ifndef LTS
-                        // x11
-                        else if (strncmp(ptr, "x11 ", 4) == 0) {
-                                if (strcmp(ptr + 4, "yes") == 0)
-                                        cfg_val[CFG_X11] = 1;
-                                else if (strcmp(ptr + 4, "no") == 0)
-                                        cfg_val[CFG_X11] = 0;
-                                else
-                                        goto errout;
-                        }
-#endif
                        // apparmor
                        else if (strncmp(ptr, "apparmor ", 9) == 0) {
                                if (strcmp(ptr + 9, "yes") == 0)
@@ -143,17 +121,6 @@ int checkcfg(int val) {
                                else
                                        goto errout;
                        }
-#ifndef LTS
-                        // chroot
-                        else if (strncmp(ptr, "chroot ", 7) == 0) {
-                                if (strcmp(ptr + 7, "yes") == 0)
-                                        cfg_val[CFG_CHROOT] = 1;
-                                else if (strcmp(ptr + 7, "no") == 0)
-                                        cfg_val[CFG_CHROOT] = 0;
-                                else
-                                        goto errout;
-                        }
-#endif
                        // prompt
                        else if (strncmp(ptr, "firejail-prompt ", 16) == 0) {
                                if (strcmp(ptr + 16, "yes") == 0)
@@ -241,70 +208,6 @@ int checkcfg(int val) {
                                if (arg_debug)
                                        printf("netfilter default file %s\n", fname);
                        }
-#ifndef LTS
-                        // Xephyr screen size
-                        else if (strncmp(ptr, "xephyr-screen ", 14) == 0) {
-                                // expecting two numbers and an x between them
-                                int n1;
-                                int n2;
-                                int rv = sscanf(ptr + 14, "%dx%d", &n1, &n2);
-                                if (rv != 2)
-                                        goto errout;
-                                if (asprintf(&xephyr_screen, "%dx%d", n1, n2) == -1)
-                                        errExit("asprintf");
-                        }
-                        // xephyr window title
-                        else if (strncmp(ptr, "xephyr-window-title ", 20) == 0) {
-                                if (strcmp(ptr + 20, "yes") == 0)
-                                        cfg_val[CFG_XEPHYR_WINDOW_TITLE] = 1;
-                                else if (strcmp(ptr + 20, "no") == 0)
-                                        cfg_val[CFG_XEPHYR_WINDOW_TITLE] = 0;
-                                else
-                                        goto errout;
-                        }
-                        // Xephyr command extra parameters
-                        else if (strncmp(ptr, "xephyr-extra-params ", 20) == 0) {
-                                if (*xephyr_extra_params != '\0')
-                                        goto errout;
-                                xephyr_extra_params = strdup(ptr + 20);
-                                if (!xephyr_extra_params)
-                                        errExit("strdup");
-                        }
-                        // xpra server extra parameters
-                        else if (strncmp(ptr, "xpra-extra-params ", 18) == 0) {
-                                if (*xpra_extra_params != '\0')
-                                        goto errout;
-                                xpra_extra_params = strdup(ptr + 18);
-                                if (!xpra_extra_params)
-                                        errExit("strdup");
-                        }
-                        // Xvfb screen size
-                                else if (strncmp(ptr, "xvfb-screen ", 12) == 0) {
-                                // expecting three numbers separated by x's
-                                unsigned int n1;
-                                unsigned int n2;
-                                unsigned int n3;
-                                int rv = sscanf(ptr + 12, "%ux%ux%u", &n1, &n2, &n3);
-                                if (rv != 3)
-                                        goto errout;
-                                if (asprintf(&xvfb_screen, "%ux%ux%u", n1, n2, n3) == -1)
-                                        errExit("asprintf");
-                        }
-                        // Xvfb extra parameters
-                        else if (strncmp(ptr, "xvfb-extra-params ", 18) == 0) {
-                                if (*xvfb_extra_params != '\0')
-                                        goto errout;
-                                xvfb_extra_params = strdup(ptr + 18);
-                                if (!xvfb_extra_params)
-                                        errExit("strdup");
-                        }
-#endif
                        // quiet by default
                        else if (strncmp(ptr, "quiet-by-default ", 17) == 0) {
                                if (strcmp(ptr + 17, "yes") == 0)
@@ -314,40 +217,6 @@ int checkcfg(int val) {
                                else
                                        goto errout;
                        }
-#ifndef LTS
-                        else if (strncmp(ptr, "overlayfs ", 10) == 0) {
-                                if (strcmp(ptr + 10, "yes") == 0)
-                                        cfg_val[CFG_OVERLAYFS] = 1;
-                                else if (strcmp(ptr + 10, "no") == 0)
-                                        cfg_val[CFG_OVERLAYFS] = 0;
-                                else
-                                        goto errout;
-                        }
-                        else if (strncmp(ptr, "private-home ", 13) == 0) {
-                                if (strcmp(ptr + 13, "yes") == 0)
-                                        cfg_val[CFG_PRIVATE_HOME] = 1;
-                                else if (strcmp(ptr + 13, "no") == 0)
-                                        cfg_val[CFG_PRIVATE_HOME] = 0;
-                                else
-                                        goto errout;
-                        }
-                        else if (strncmp(ptr, "private-lib ", 12) == 0) {
-                                if (strcmp(ptr + 12, "yes") == 0)
-                                        cfg_val[CFG_PRIVATE_LIB] = 1;
-                                else if (strcmp(ptr + 12, "no") == 0)
-                                        cfg_val[CFG_PRIVATE_LIB] = 0;
-                                else
-                                        goto errout;
-                        }
-                        else if (strncmp(ptr, "private-bin-no-local ", 21) == 0) {
-                                if (strcmp(ptr + 21, "yes") == 0)
-                                        cfg_val[CFG_PRIVATE_BIN_NO_LOCAL] = 1;
-                                else if (strcmp(ptr + 21, "no") == 0)
-                                        cfg_val[CFG_PRIVATE_BIN_NO_LOCAL] = 0;
-                                else
-                                        goto errout;
-                        }
-#endif
                        else if (strncmp(ptr, "disable-mnt ", 12) == 0) {
                                if (strcmp(ptr + 12, "yes") == 0)
                                        cfg_val[CFG_DISABLE_MNT] = 1;
@@ -363,17 +232,6 @@ int checkcfg(int val) {
                                        goto errout;
                                cfg_val[CFG_ARP_PROBES] = arp_probes;
                        }
-#ifndef LTS
-                        // xpra-attach
-                        else if (strncmp(ptr, "xpra-attach ", 12) == 0) {
-                                if (strcmp(ptr + 12, "yes") == 0)
-                                        cfg_val[CFG_XPRA_ATTACH] = 1;
-                                else if (strcmp(ptr + 12, "no") == 0)
-                                        cfg_val[CFG_XPRA_ATTACH] = 0;
-                                else
-                                        goto errout;
-                        }
-#endif
                        else
                                goto errout;
@@ -421,14 +279,6 @@ void print_compiletime_support(void) {
 #endif
                );
-        printf("\t- chroot support is %s\n",
-#ifdef HAVE_CHROOT
-                "enabled"
-#else
-                "disabled"
-#endif
-                );
        printf("\t- file and directory whitelisting support is %s\n",
 #ifdef HAVE_WHITELIST
                "enabled"
@@ -437,14 +287,6 @@ void print_compiletime_support(void) {
 #endif
                );
-        printf("\t- file transfer support is %s\n",
-#ifdef HAVE_FILE_TRANSFER
-                "enabled"
-#else
-                "disabled"
-#endif
-                );
        printf("\t- networking support is %s\n",
 #ifdef HAVE_NETWORK
                "enabled"
@@ -453,22 +295,6 @@ void print_compiletime_support(void) {
 #endif
                );
-        printf("\t- overlayfs support is %s\n",
-#ifdef HAVE_OVERLAYFS
-                "enabled"
-#else
-                "disabled"
-#endif
-                );
-        printf("\t- private-home support is %s\n",
-#ifdef HAVE_PRIVATE_HOME
-                "enabled"
-#else
-                "disabled"
-#endif
-                );
        printf("\t- seccomp-bpf support is %s\n",
 #ifdef HAVE_SECCOMP
                "enabled"
@@ -484,12 +310,4 @@ void print_compiletime_support(void) {
                "disabled"
 #endif
                );
-        printf("\t- X11 sandboxing support is %s\n",
-#ifdef HAVE_X11
-                "enabled"
-#else
-                "disabled"
-#endif
-                );
 }
author	netblue30 <netblue30@yahoo.com>	2018-08-27 11:57:28 -0400
committer	netblue30 <netblue30@yahoo.com>	2018-08-27 11:57:28 -0400
commit	189b7fd6b949fafd8fe0ed0327dcf696be560f31 (patch)
tree	a0893c7d4273ee726b85b4c73897bf85941f55a6
parent	mainline merge (diff)
download	firejail-189b7fd6b949fafd8fe0ed0327dcf696be560f31.tar.gz firejail-189b7fd6b949fafd8fe0ed0327dcf696be560f31.tar.zst firejail-189b7fd6b949fafd8fe0ed0327dcf696be560f31.zip

diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c index 3a2d9048d..430771a13 100644 --- a/src/firejail/checkcfg.c +++ b/src/firejail/checkcfg.c
@@ -76,17 +76,6 @@ int checkcfg(int val) {
76	if (!ptr)	76	if (!ptr)
77	continue;	77	continue;
78		78
79	#ifndef LTS
80	// file transfer
81	else if (strncmp(ptr, "file-transfer ", 14) == 0) {
82	if (strcmp(ptr + 14, "yes") == 0)
83	cfg_val[CFG_FILE_TRANSFER] = 1;
84	else if (strcmp(ptr + 14, "no") == 0)
85	cfg_val[CFG_FILE_TRANSFER] = 0;
86	else
87	goto errout;
88	}
89	#endif
90	// dbus	79	// dbus
91	else if (strncmp(ptr, "dbus ", 5) == 0) {	80	else if (strncmp(ptr, "dbus ", 5) == 0) {
92	if (strcmp(ptr + 5, "yes") == 0)	81	if (strcmp(ptr + 5, "yes") == 0)
@@ -105,17 +94,6 @@ int checkcfg(int val) {
105	else	94	else
106	goto errout;	95	goto errout;
107	}	96	}
108	#ifndef LTS
109	// x11
110	else if (strncmp(ptr, "x11 ", 4) == 0) {
111	if (strcmp(ptr + 4, "yes") == 0)
112	cfg_val[CFG_X11] = 1;
113	else if (strcmp(ptr + 4, "no") == 0)
114	cfg_val[CFG_X11] = 0;
115	else
116	goto errout;
117	}
118	#endif
119	// apparmor	97	// apparmor
120	else if (strncmp(ptr, "apparmor ", 9) == 0) {	98	else if (strncmp(ptr, "apparmor ", 9) == 0) {
121	if (strcmp(ptr + 9, "yes") == 0)	99	if (strcmp(ptr + 9, "yes") == 0)
@@ -143,17 +121,6 @@ int checkcfg(int val) {
143	else	121	else
144	goto errout;	122	goto errout;
145	}	123	}
146	#ifndef LTS
147	// chroot
148	else if (strncmp(ptr, "chroot ", 7) == 0) {
149	if (strcmp(ptr + 7, "yes") == 0)
150	cfg_val[CFG_CHROOT] = 1;
151	else if (strcmp(ptr + 7, "no") == 0)
152	cfg_val[CFG_CHROOT] = 0;
153	else
154	goto errout;
155	}
156	#endif
157	// prompt	124	// prompt
158	else if (strncmp(ptr, "firejail-prompt ", 16) == 0) {	125	else if (strncmp(ptr, "firejail-prompt ", 16) == 0) {
159	if (strcmp(ptr + 16, "yes") == 0)	126	if (strcmp(ptr + 16, "yes") == 0)
@@ -241,70 +208,6 @@ int checkcfg(int val) {
241	if (arg_debug)	208	if (arg_debug)
242	printf("netfilter default file %s\n", fname);	209	printf("netfilter default file %s\n", fname);
243	}	210	}
244
245	#ifndef LTS
246	// Xephyr screen size
247	else if (strncmp(ptr, "xephyr-screen ", 14) == 0) {
248	// expecting two numbers and an x between them
249	int n1;
250	int n2;
251	int rv = sscanf(ptr + 14, "%dx%d", &n1, &n2);
252	if (rv != 2)
253	goto errout;
254	if (asprintf(&xephyr_screen, "%dx%d", n1, n2) == -1)
255	errExit("asprintf");
256	}
257
258	// xephyr window title
259	else if (strncmp(ptr, "xephyr-window-title ", 20) == 0) {
260	if (strcmp(ptr + 20, "yes") == 0)
261	cfg_val[CFG_XEPHYR_WINDOW_TITLE] = 1;
262	else if (strcmp(ptr + 20, "no") == 0)
263	cfg_val[CFG_XEPHYR_WINDOW_TITLE] = 0;
264	else
265	goto errout;
266	}
267
268	// Xephyr command extra parameters
269	else if (strncmp(ptr, "xephyr-extra-params ", 20) == 0) {
270	if (*xephyr_extra_params != '\0')
271	goto errout;
272	xephyr_extra_params = strdup(ptr + 20);
273	if (!xephyr_extra_params)
274	errExit("strdup");
275	}
276
277	// xpra server extra parameters
278	else if (strncmp(ptr, "xpra-extra-params ", 18) == 0) {
279	if (*xpra_extra_params != '\0')
280	goto errout;
281	xpra_extra_params = strdup(ptr + 18);
282	if (!xpra_extra_params)
283	errExit("strdup");
284	}
285
286	// Xvfb screen size
287	else if (strncmp(ptr, "xvfb-screen ", 12) == 0) {
288	// expecting three numbers separated by x's
289	unsigned int n1;
290	unsigned int n2;
291	unsigned int n3;
292	int rv = sscanf(ptr + 12, "%ux%ux%u", &n1, &n2, &n3);
293	if (rv != 3)
294	goto errout;
295	if (asprintf(&xvfb_screen, "%ux%ux%u", n1, n2, n3) == -1)
296	errExit("asprintf");
297	}
298
299	// Xvfb extra parameters
300	else if (strncmp(ptr, "xvfb-extra-params ", 18) == 0) {
301	if (*xvfb_extra_params != '\0')
302	goto errout;
303	xvfb_extra_params = strdup(ptr + 18);
304	if (!xvfb_extra_params)
305	errExit("strdup");
306	}
307	#endif
308	// quiet by default	211	// quiet by default
309	else if (strncmp(ptr, "quiet-by-default ", 17) == 0) {	212	else if (strncmp(ptr, "quiet-by-default ", 17) == 0) {
310	if (strcmp(ptr + 17, "yes") == 0)	213	if (strcmp(ptr + 17, "yes") == 0)
@@ -314,40 +217,6 @@ int checkcfg(int val) {
314	else	217	else
315	goto errout;	218	goto errout;
316	}	219	}
317	#ifndef LTS
318	else if (strncmp(ptr, "overlayfs ", 10) == 0) {
319	if (strcmp(ptr + 10, "yes") == 0)
320	cfg_val[CFG_OVERLAYFS] = 1;
321	else if (strcmp(ptr + 10, "no") == 0)
322	cfg_val[CFG_OVERLAYFS] = 0;
323	else
324	goto errout;
325	}
326	else if (strncmp(ptr, "private-home ", 13) == 0) {
327	if (strcmp(ptr + 13, "yes") == 0)
328	cfg_val[CFG_PRIVATE_HOME] = 1;
329	else if (strcmp(ptr + 13, "no") == 0)
330	cfg_val[CFG_PRIVATE_HOME] = 0;
331	else
332	goto errout;
333	}
334	else if (strncmp(ptr, "private-lib ", 12) == 0) {
335	if (strcmp(ptr + 12, "yes") == 0)
336	cfg_val[CFG_PRIVATE_LIB] = 1;
337	else if (strcmp(ptr + 12, "no") == 0)
338	cfg_val[CFG_PRIVATE_LIB] = 0;
339	else
340	goto errout;
341	}
342	else if (strncmp(ptr, "private-bin-no-local ", 21) == 0) {
343	if (strcmp(ptr + 21, "yes") == 0)
344	cfg_val[CFG_PRIVATE_BIN_NO_LOCAL] = 1;
345	else if (strcmp(ptr + 21, "no") == 0)
346	cfg_val[CFG_PRIVATE_BIN_NO_LOCAL] = 0;
347	else
348	goto errout;
349	}
350	#endif
351	else if (strncmp(ptr, "disable-mnt ", 12) == 0) {	220	else if (strncmp(ptr, "disable-mnt ", 12) == 0) {
352	if (strcmp(ptr + 12, "yes") == 0)	221	if (strcmp(ptr + 12, "yes") == 0)
353	cfg_val[CFG_DISABLE_MNT] = 1;	222	cfg_val[CFG_DISABLE_MNT] = 1;
@@ -363,17 +232,6 @@ int checkcfg(int val) {
363	goto errout;	232	goto errout;
364	cfg_val[CFG_ARP_PROBES] = arp_probes;	233	cfg_val[CFG_ARP_PROBES] = arp_probes;
365	}	234	}
366	#ifndef LTS
367	// xpra-attach
368	else if (strncmp(ptr, "xpra-attach ", 12) == 0) {
369	if (strcmp(ptr + 12, "yes") == 0)
370	cfg_val[CFG_XPRA_ATTACH] = 1;
371	else if (strcmp(ptr + 12, "no") == 0)
372	cfg_val[CFG_XPRA_ATTACH] = 0;
373	else
374	goto errout;
375	}
376	#endif
377	else	235	else
378	goto errout;	236	goto errout;
379		237
@@ -421,14 +279,6 @@ void print_compiletime_support(void) {
421	#endif	279	#endif
422	);	280	);
423		281
424	printf("\t- chroot support is %s\n",
425	#ifdef HAVE_CHROOT
426	"enabled"
427	#else
428	"disabled"
429	#endif
430	);
431
432	printf("\t- file and directory whitelisting support is %s\n",	282	printf("\t- file and directory whitelisting support is %s\n",
433	#ifdef HAVE_WHITELIST	283	#ifdef HAVE_WHITELIST
434	"enabled"	284	"enabled"
@@ -437,14 +287,6 @@ void print_compiletime_support(void) {
437	#endif	287	#endif
438	);	288	);
439		289
440	printf("\t- file transfer support is %s\n",
441	#ifdef HAVE_FILE_TRANSFER
442	"enabled"
443	#else
444	"disabled"
445	#endif
446	);
447
448	printf("\t- networking support is %s\n",	290	printf("\t- networking support is %s\n",
449	#ifdef HAVE_NETWORK	291	#ifdef HAVE_NETWORK
450	"enabled"	292	"enabled"
@@ -453,22 +295,6 @@ void print_compiletime_support(void) {
453	#endif	295	#endif
454	);	296	);
455		297
456	printf("\t- overlayfs support is %s\n",
457	#ifdef HAVE_OVERLAYFS
458	"enabled"
459	#else
460	"disabled"
461	#endif
462	);
463
464	printf("\t- private-home support is %s\n",
465	#ifdef HAVE_PRIVATE_HOME
466	"enabled"
467	#else
468	"disabled"
469	#endif
470	);
471
472	printf("\t- seccomp-bpf support is %s\n",	298	printf("\t- seccomp-bpf support is %s\n",
473	#ifdef HAVE_SECCOMP	299	#ifdef HAVE_SECCOMP
474	"enabled"	300	"enabled"
@@ -484,12 +310,4 @@ void print_compiletime_support(void) {
484	"disabled"	310	"disabled"
485	#endif	311	#endif
486	);	312	);
487
488	printf("\t- X11 sandboxing support is %s\n",
489	#ifdef HAVE_X11
490	"enabled"
491	#else
492	"disabled"
493	#endif
494	);
495	}	313	}