diff options
author | 2018-08-27 11:57:28 -0400 | |
---|---|---|
committer | 2018-08-27 11:57:28 -0400 | |
commit | 189b7fd6b949fafd8fe0ed0327dcf696be560f31 (patch) | |
tree | a0893c7d4273ee726b85b4c73897bf85941f55a6 | |
parent | mainline merge (diff) | |
download | firejail-189b7fd6b949fafd8fe0ed0327dcf696be560f31.tar.gz firejail-189b7fd6b949fafd8fe0ed0327dcf696be560f31.tar.zst firejail-189b7fd6b949fafd8fe0ed0327dcf696be560f31.zip |
checkcfg.c cleanup
-rw-r--r-- | src/firejail/checkcfg.c | 182 |
1 files changed, 0 insertions, 182 deletions
diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c index 3a2d9048d..430771a13 100644 --- a/src/firejail/checkcfg.c +++ b/src/firejail/checkcfg.c | |||
@@ -76,17 +76,6 @@ int checkcfg(int val) { | |||
76 | if (!ptr) | 76 | if (!ptr) |
77 | continue; | 77 | continue; |
78 | 78 | ||
79 | #ifndef LTS | ||
80 | // file transfer | ||
81 | else if (strncmp(ptr, "file-transfer ", 14) == 0) { | ||
82 | if (strcmp(ptr + 14, "yes") == 0) | ||
83 | cfg_val[CFG_FILE_TRANSFER] = 1; | ||
84 | else if (strcmp(ptr + 14, "no") == 0) | ||
85 | cfg_val[CFG_FILE_TRANSFER] = 0; | ||
86 | else | ||
87 | goto errout; | ||
88 | } | ||
89 | #endif | ||
90 | // dbus | 79 | // dbus |
91 | else if (strncmp(ptr, "dbus ", 5) == 0) { | 80 | else if (strncmp(ptr, "dbus ", 5) == 0) { |
92 | if (strcmp(ptr + 5, "yes") == 0) | 81 | if (strcmp(ptr + 5, "yes") == 0) |
@@ -105,17 +94,6 @@ int checkcfg(int val) { | |||
105 | else | 94 | else |
106 | goto errout; | 95 | goto errout; |
107 | } | 96 | } |
108 | #ifndef LTS | ||
109 | // x11 | ||
110 | else if (strncmp(ptr, "x11 ", 4) == 0) { | ||
111 | if (strcmp(ptr + 4, "yes") == 0) | ||
112 | cfg_val[CFG_X11] = 1; | ||
113 | else if (strcmp(ptr + 4, "no") == 0) | ||
114 | cfg_val[CFG_X11] = 0; | ||
115 | else | ||
116 | goto errout; | ||
117 | } | ||
118 | #endif | ||
119 | // apparmor | 97 | // apparmor |
120 | else if (strncmp(ptr, "apparmor ", 9) == 0) { | 98 | else if (strncmp(ptr, "apparmor ", 9) == 0) { |
121 | if (strcmp(ptr + 9, "yes") == 0) | 99 | if (strcmp(ptr + 9, "yes") == 0) |
@@ -143,17 +121,6 @@ int checkcfg(int val) { | |||
143 | else | 121 | else |
144 | goto errout; | 122 | goto errout; |
145 | } | 123 | } |
146 | #ifndef LTS | ||
147 | // chroot | ||
148 | else if (strncmp(ptr, "chroot ", 7) == 0) { | ||
149 | if (strcmp(ptr + 7, "yes") == 0) | ||
150 | cfg_val[CFG_CHROOT] = 1; | ||
151 | else if (strcmp(ptr + 7, "no") == 0) | ||
152 | cfg_val[CFG_CHROOT] = 0; | ||
153 | else | ||
154 | goto errout; | ||
155 | } | ||
156 | #endif | ||
157 | // prompt | 124 | // prompt |
158 | else if (strncmp(ptr, "firejail-prompt ", 16) == 0) { | 125 | else if (strncmp(ptr, "firejail-prompt ", 16) == 0) { |
159 | if (strcmp(ptr + 16, "yes") == 0) | 126 | if (strcmp(ptr + 16, "yes") == 0) |
@@ -241,70 +208,6 @@ int checkcfg(int val) { | |||
241 | if (arg_debug) | 208 | if (arg_debug) |
242 | printf("netfilter default file %s\n", fname); | 209 | printf("netfilter default file %s\n", fname); |
243 | } | 210 | } |
244 | |||
245 | #ifndef LTS | ||
246 | // Xephyr screen size | ||
247 | else if (strncmp(ptr, "xephyr-screen ", 14) == 0) { | ||
248 | // expecting two numbers and an x between them | ||
249 | int n1; | ||
250 | int n2; | ||
251 | int rv = sscanf(ptr + 14, "%dx%d", &n1, &n2); | ||
252 | if (rv != 2) | ||
253 | goto errout; | ||
254 | if (asprintf(&xephyr_screen, "%dx%d", n1, n2) == -1) | ||
255 | errExit("asprintf"); | ||
256 | } | ||
257 | |||
258 | // xephyr window title | ||
259 | else if (strncmp(ptr, "xephyr-window-title ", 20) == 0) { | ||
260 | if (strcmp(ptr + 20, "yes") == 0) | ||
261 | cfg_val[CFG_XEPHYR_WINDOW_TITLE] = 1; | ||
262 | else if (strcmp(ptr + 20, "no") == 0) | ||
263 | cfg_val[CFG_XEPHYR_WINDOW_TITLE] = 0; | ||
264 | else | ||
265 | goto errout; | ||
266 | } | ||
267 | |||
268 | // Xephyr command extra parameters | ||
269 | else if (strncmp(ptr, "xephyr-extra-params ", 20) == 0) { | ||
270 | if (*xephyr_extra_params != '\0') | ||
271 | goto errout; | ||
272 | xephyr_extra_params = strdup(ptr + 20); | ||
273 | if (!xephyr_extra_params) | ||
274 | errExit("strdup"); | ||
275 | } | ||
276 | |||
277 | // xpra server extra parameters | ||
278 | else if (strncmp(ptr, "xpra-extra-params ", 18) == 0) { | ||
279 | if (*xpra_extra_params != '\0') | ||
280 | goto errout; | ||
281 | xpra_extra_params = strdup(ptr + 18); | ||
282 | if (!xpra_extra_params) | ||
283 | errExit("strdup"); | ||
284 | } | ||
285 | |||
286 | // Xvfb screen size | ||
287 | else if (strncmp(ptr, "xvfb-screen ", 12) == 0) { | ||
288 | // expecting three numbers separated by x's | ||
289 | unsigned int n1; | ||
290 | unsigned int n2; | ||
291 | unsigned int n3; | ||
292 | int rv = sscanf(ptr + 12, "%ux%ux%u", &n1, &n2, &n3); | ||
293 | if (rv != 3) | ||
294 | goto errout; | ||
295 | if (asprintf(&xvfb_screen, "%ux%ux%u", n1, n2, n3) == -1) | ||
296 | errExit("asprintf"); | ||
297 | } | ||
298 | |||
299 | // Xvfb extra parameters | ||
300 | else if (strncmp(ptr, "xvfb-extra-params ", 18) == 0) { | ||
301 | if (*xvfb_extra_params != '\0') | ||
302 | goto errout; | ||
303 | xvfb_extra_params = strdup(ptr + 18); | ||
304 | if (!xvfb_extra_params) | ||
305 | errExit("strdup"); | ||
306 | } | ||
307 | #endif | ||
308 | // quiet by default | 211 | // quiet by default |
309 | else if (strncmp(ptr, "quiet-by-default ", 17) == 0) { | 212 | else if (strncmp(ptr, "quiet-by-default ", 17) == 0) { |
310 | if (strcmp(ptr + 17, "yes") == 0) | 213 | if (strcmp(ptr + 17, "yes") == 0) |
@@ -314,40 +217,6 @@ int checkcfg(int val) { | |||
314 | else | 217 | else |
315 | goto errout; | 218 | goto errout; |
316 | } | 219 | } |
317 | #ifndef LTS | ||
318 | else if (strncmp(ptr, "overlayfs ", 10) == 0) { | ||
319 | if (strcmp(ptr + 10, "yes") == 0) | ||
320 | cfg_val[CFG_OVERLAYFS] = 1; | ||
321 | else if (strcmp(ptr + 10, "no") == 0) | ||
322 | cfg_val[CFG_OVERLAYFS] = 0; | ||
323 | else | ||
324 | goto errout; | ||
325 | } | ||
326 | else if (strncmp(ptr, "private-home ", 13) == 0) { | ||
327 | if (strcmp(ptr + 13, "yes") == 0) | ||
328 | cfg_val[CFG_PRIVATE_HOME] = 1; | ||
329 | else if (strcmp(ptr + 13, "no") == 0) | ||
330 | cfg_val[CFG_PRIVATE_HOME] = 0; | ||
331 | else | ||
332 | goto errout; | ||
333 | } | ||
334 | else if (strncmp(ptr, "private-lib ", 12) == 0) { | ||
335 | if (strcmp(ptr + 12, "yes") == 0) | ||
336 | cfg_val[CFG_PRIVATE_LIB] = 1; | ||
337 | else if (strcmp(ptr + 12, "no") == 0) | ||
338 | cfg_val[CFG_PRIVATE_LIB] = 0; | ||
339 | else | ||
340 | goto errout; | ||
341 | } | ||
342 | else if (strncmp(ptr, "private-bin-no-local ", 21) == 0) { | ||
343 | if (strcmp(ptr + 21, "yes") == 0) | ||
344 | cfg_val[CFG_PRIVATE_BIN_NO_LOCAL] = 1; | ||
345 | else if (strcmp(ptr + 21, "no") == 0) | ||
346 | cfg_val[CFG_PRIVATE_BIN_NO_LOCAL] = 0; | ||
347 | else | ||
348 | goto errout; | ||
349 | } | ||
350 | #endif | ||
351 | else if (strncmp(ptr, "disable-mnt ", 12) == 0) { | 220 | else if (strncmp(ptr, "disable-mnt ", 12) == 0) { |
352 | if (strcmp(ptr + 12, "yes") == 0) | 221 | if (strcmp(ptr + 12, "yes") == 0) |
353 | cfg_val[CFG_DISABLE_MNT] = 1; | 222 | cfg_val[CFG_DISABLE_MNT] = 1; |
@@ -363,17 +232,6 @@ int checkcfg(int val) { | |||
363 | goto errout; | 232 | goto errout; |
364 | cfg_val[CFG_ARP_PROBES] = arp_probes; | 233 | cfg_val[CFG_ARP_PROBES] = arp_probes; |
365 | } | 234 | } |
366 | #ifndef LTS | ||
367 | // xpra-attach | ||
368 | else if (strncmp(ptr, "xpra-attach ", 12) == 0) { | ||
369 | if (strcmp(ptr + 12, "yes") == 0) | ||
370 | cfg_val[CFG_XPRA_ATTACH] = 1; | ||
371 | else if (strcmp(ptr + 12, "no") == 0) | ||
372 | cfg_val[CFG_XPRA_ATTACH] = 0; | ||
373 | else | ||
374 | goto errout; | ||
375 | } | ||
376 | #endif | ||
377 | else | 235 | else |
378 | goto errout; | 236 | goto errout; |
379 | 237 | ||
@@ -421,14 +279,6 @@ void print_compiletime_support(void) { | |||
421 | #endif | 279 | #endif |
422 | ); | 280 | ); |
423 | 281 | ||
424 | printf("\t- chroot support is %s\n", | ||
425 | #ifdef HAVE_CHROOT | ||
426 | "enabled" | ||
427 | #else | ||
428 | "disabled" | ||
429 | #endif | ||
430 | ); | ||
431 | |||
432 | printf("\t- file and directory whitelisting support is %s\n", | 282 | printf("\t- file and directory whitelisting support is %s\n", |
433 | #ifdef HAVE_WHITELIST | 283 | #ifdef HAVE_WHITELIST |
434 | "enabled" | 284 | "enabled" |
@@ -437,14 +287,6 @@ void print_compiletime_support(void) { | |||
437 | #endif | 287 | #endif |
438 | ); | 288 | ); |
439 | 289 | ||
440 | printf("\t- file transfer support is %s\n", | ||
441 | #ifdef HAVE_FILE_TRANSFER | ||
442 | "enabled" | ||
443 | #else | ||
444 | "disabled" | ||
445 | #endif | ||
446 | ); | ||
447 | |||
448 | printf("\t- networking support is %s\n", | 290 | printf("\t- networking support is %s\n", |
449 | #ifdef HAVE_NETWORK | 291 | #ifdef HAVE_NETWORK |
450 | "enabled" | 292 | "enabled" |
@@ -453,22 +295,6 @@ void print_compiletime_support(void) { | |||
453 | #endif | 295 | #endif |
454 | ); | 296 | ); |
455 | 297 | ||
456 | printf("\t- overlayfs support is %s\n", | ||
457 | #ifdef HAVE_OVERLAYFS | ||
458 | "enabled" | ||
459 | #else | ||
460 | "disabled" | ||
461 | #endif | ||
462 | ); | ||
463 | |||
464 | printf("\t- private-home support is %s\n", | ||
465 | #ifdef HAVE_PRIVATE_HOME | ||
466 | "enabled" | ||
467 | #else | ||
468 | "disabled" | ||
469 | #endif | ||
470 | ); | ||
471 | |||
472 | printf("\t- seccomp-bpf support is %s\n", | 298 | printf("\t- seccomp-bpf support is %s\n", |
473 | #ifdef HAVE_SECCOMP | 299 | #ifdef HAVE_SECCOMP |
474 | "enabled" | 300 | "enabled" |
@@ -484,12 +310,4 @@ void print_compiletime_support(void) { | |||
484 | "disabled" | 310 | "disabled" |
485 | #endif | 311 | #endif |
486 | ); | 312 | ); |
487 | |||
488 | printf("\t- X11 sandboxing support is %s\n", | ||
489 | #ifdef HAVE_X11 | ||
490 | "enabled" | ||
491 | #else | ||
492 | "disabled" | ||
493 | #endif | ||
494 | ); | ||
495 | } | 313 | } |