Revert "allow/noallow/deny/nodeny aliases for whitelist/nowhitelist/blacklist/noblacklist"

This reverts commit 45f2ba544e9934b49e03b17c0a638dddc3a44734. Note: This is not a clean revert. Note2: This also reverts the changes to src/firejail/profile.c from commit fe0f975f4 ("move whitelist/blacklist to allow/deny", 2021-07-05). Relates to #4410.
author: Kelvin M. Klann <kmk3.code@protonmail.com> 2021-12-10 13:42:17 -0300
committer: Kelvin M. Klann <kmk3.code@protonmail.com> 2021-12-10 14:04:30 -0300
commit: 41684db4934fcc6913909059b1cd22ac529d8dfc (patch)
tree: b879eb6115c881f956dbbe5f601c1ce2fbdb63e9
parent: Revert "allow/deny in zsh completion" (diff)
download: firejail-41684db4934fcc6913909059b1cd22ac529d8dfc.tar.gz
firejail-41684db4934fcc6913909059b1cd22ac529d8dfc.tar.zst
firejail-41684db4934fcc6913909059b1cd22ac529d8dfc.zip
2 files changed, 0 insertions, 74 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 0262db608..58e374b8b 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -1574,7 +1574,6 @@ int main(int argc, char **argv, char **envp) {
                        profile_add(line);
                }
-                // blacklist/deny
                else if (strncmp(argv[i], "--blacklist=", 12) == 0) {
                        char *line;
                        if (asprintf(&line, "blacklist %s", argv[i] + 12) == -1)
@@ -1583,14 +1582,6 @@ int main(int argc, char **argv, char **envp) {
                        profile_check_line(line, 0, NULL);      // will exit if something wrong
                        profile_add(line);
                }
-                else if (strncmp(argv[i], "--deny=", 7) == 0) {
-                        char *line;
-                        if (asprintf(&line, "blacklist %s", argv[i] + 7) == -1)
-                                errExit("asprintf");
-                        profile_check_line(line, 0, NULL);      // will exit if something wrong
-                        profile_add(line);
-                }
                else if (strncmp(argv[i], "--noblacklist=", 14) == 0) {
                        char *line;
                        if (asprintf(&line, "noblacklist %s", argv[i] + 14) == -1)
@@ -1599,16 +1590,6 @@ int main(int argc, char **argv, char **envp) {
                        profile_check_line(line, 0, NULL);      // will exit if something wrong
                        profile_add(line);
                }
-                else if (strncmp(argv[i], "--nodeny=", 9) == 0) {
-                        char *line;
-                        if (asprintf(&line, "noblacklist %s", argv[i] + 9) == -1)
-                                errExit("asprintf");
-                        profile_check_line(line, 0, NULL);      // will exit if something wrong
-                        profile_add(line);
-                }
-                // whitelist
                else if (strncmp(argv[i], "--whitelist=", 12) == 0) {
                        char *line;
                        if (asprintf(&line, "whitelist %s", argv[i] + 12) == -1)
@@ -1617,14 +1598,6 @@ int main(int argc, char **argv, char **envp) {
                        profile_check_line(line, 0, NULL);      // will exit if something wrong
                        profile_add(line);
                }
-                else if (strncmp(argv[i], "--allow=", 8) == 0) {
-                        char *line;
-                        if (asprintf(&line, "whitelist %s", argv[i] + 8) == -1)
-                                errExit("asprintf");
-                        profile_check_line(line, 0, NULL);      // will exit if something wrong
-                        profile_add(line);
-                }
                else if (strncmp(argv[i], "--nowhitelist=", 14) == 0) {
                        char *line;
                        if (asprintf(&line, "nowhitelist %s", argv[i] + 14) == -1)
@@ -1633,15 +1606,6 @@ int main(int argc, char **argv, char **envp) {
                        profile_check_line(line, 0, NULL);      // will exit if something wrong
                        profile_add(line);
                }
-                else if (strncmp(argv[i], "--noallow=", 10) == 0) {
-                        char *line;
-                        if (asprintf(&line, "nowhitelist %s", argv[i] + 10) == -1)
-                                errExit("asprintf");
-                        profile_check_line(line, 0, NULL);      // will exit if something wrong
-                        profile_add(line);
-                }
                else if (strncmp(argv[i], "--mkdir=", 8) == 0) {
                        char *line;
diff --git a/src/firejail/profile.c b/src/firejail/profile.c
index 5e24591fa..9504b26de 100644
--- a/src/firejail/profile.c
+++ b/src/firejail/profile.c
@@ -1752,44 +1752,6 @@ void profile_read(const char *fname) {
                        continue;
                }
-                // translate allow/deny to whitelist/blacklist
-                if (strncmp(ptr, "allow ", 6) == 0) {
-                        char *tmp;
-                        if (asprintf(&tmp, "whitelist %s", ptr + 6) == -1)
-                                errExit("asprintf");
-                        free(ptr);
-                        ptr = tmp;
-                }
-                else if (strncmp(ptr, "deny ", 5) == 0) {
-                        char *tmp;
-                        if (asprintf(&tmp, "blacklist %s", ptr + 5) == -1)
-                                errExit("asprintf");
-                        free(ptr);
-                        ptr = tmp;
-                }
-                else if (strncmp(ptr, "deny-nolog ", 11) == 0) {
-                        char *tmp;
-                        if (asprintf(&tmp, "blacklist-nolog %s", ptr + 11) == -1)
-                                errExit("asprintf");
-                        free(ptr);
-                        ptr = tmp;
-                }
-                // translate noallow/nodeny to nowhitelist/noblacklist
-                else if (strncmp(ptr, "noallow ", 8) == 0) {
-                        char *tmp;
-                        if (asprintf(&tmp, "nowhitelist %s", ptr + 8) == -1)
-                                errExit("asprintf");
-                        free(ptr);
-                        ptr = tmp;
-                }
-                else if (strncmp(ptr, "nodeny ", 7) == 0) {
-                        char *tmp;
-                        if (asprintf(&tmp, "noblacklist %s", ptr + 7) == -1)
-                                errExit("asprintf");
-                        free(ptr);
-                        ptr = tmp;
-                }
                // process quiet
                // todo: a quiet in the profile file cannot be disabled by --ignore on command line
                if (strcmp(ptr, "quiet") == 0) {
author	Kelvin M. Klann <kmk3.code@protonmail.com>	2021-12-10 13:42:17 -0300
committer	Kelvin M. Klann <kmk3.code@protonmail.com>	2021-12-10 14:04:30 -0300
commit	41684db4934fcc6913909059b1cd22ac529d8dfc (patch)
tree	b879eb6115c881f956dbbe5f601c1ce2fbdb63e9
parent	Revert "allow/deny in zsh completion" (diff)
download	firejail-41684db4934fcc6913909059b1cd22ac529d8dfc.tar.gz firejail-41684db4934fcc6913909059b1cd22ac529d8dfc.tar.zst firejail-41684db4934fcc6913909059b1cd22ac529d8dfc.zip

diff --git a/src/firejail/main.c b/src/firejail/main.c index 0262db608..58e374b8b 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c
@@ -1574,7 +1574,6 @@ int main(int argc, char argv, char envp) {
1574	profile_add(line);	1574	profile_add(line);
1575	}	1575	}
1576		1576
1577	// blacklist/deny
1578	else if (strncmp(argv[i], "--blacklist=", 12) == 0) {	1577	else if (strncmp(argv[i], "--blacklist=", 12) == 0) {
1579	char *line;	1578	char *line;
1580	if (asprintf(&line, "blacklist %s", argv[i] + 12) == -1)	1579	if (asprintf(&line, "blacklist %s", argv[i] + 12) == -1)
@@ -1583,14 +1582,6 @@ int main(int argc, char argv, char envp) {
1583	profile_check_line(line, 0, NULL); // will exit if something wrong	1582	profile_check_line(line, 0, NULL); // will exit if something wrong
1584	profile_add(line);	1583	profile_add(line);
1585	}	1584	}
1586	else if (strncmp(argv[i], "--deny=", 7) == 0) {
1587	char *line;
1588	if (asprintf(&line, "blacklist %s", argv[i] + 7) == -1)
1589	errExit("asprintf");
1590
1591	profile_check_line(line, 0, NULL); // will exit if something wrong
1592	profile_add(line);
1593	}
1594	else if (strncmp(argv[i], "--noblacklist=", 14) == 0) {	1585	else if (strncmp(argv[i], "--noblacklist=", 14) == 0) {
1595	char *line;	1586	char *line;
1596	if (asprintf(&line, "noblacklist %s", argv[i] + 14) == -1)	1587	if (asprintf(&line, "noblacklist %s", argv[i] + 14) == -1)
@@ -1599,16 +1590,6 @@ int main(int argc, char argv, char envp) {
1599	profile_check_line(line, 0, NULL); // will exit if something wrong	1590	profile_check_line(line, 0, NULL); // will exit if something wrong
1600	profile_add(line);	1591	profile_add(line);
1601	}	1592	}
1602	else if (strncmp(argv[i], "--nodeny=", 9) == 0) {
1603	char *line;
1604	if (asprintf(&line, "noblacklist %s", argv[i] + 9) == -1)
1605	errExit("asprintf");
1606
1607	profile_check_line(line, 0, NULL); // will exit if something wrong
1608	profile_add(line);
1609	}
1610
1611	// whitelist
1612	else if (strncmp(argv[i], "--whitelist=", 12) == 0) {	1593	else if (strncmp(argv[i], "--whitelist=", 12) == 0) {
1613	char *line;	1594	char *line;
1614	if (asprintf(&line, "whitelist %s", argv[i] + 12) == -1)	1595	if (asprintf(&line, "whitelist %s", argv[i] + 12) == -1)
@@ -1617,14 +1598,6 @@ int main(int argc, char argv, char envp) {
1617	profile_check_line(line, 0, NULL); // will exit if something wrong	1598	profile_check_line(line, 0, NULL); // will exit if something wrong
1618	profile_add(line);	1599	profile_add(line);
1619	}	1600	}
1620	else if (strncmp(argv[i], "--allow=", 8) == 0) {
1621	char *line;
1622	if (asprintf(&line, "whitelist %s", argv[i] + 8) == -1)
1623	errExit("asprintf");
1624
1625	profile_check_line(line, 0, NULL); // will exit if something wrong
1626	profile_add(line);
1627	}
1628	else if (strncmp(argv[i], "--nowhitelist=", 14) == 0) {	1601	else if (strncmp(argv[i], "--nowhitelist=", 14) == 0) {
1629	char *line;	1602	char *line;
1630	if (asprintf(&line, "nowhitelist %s", argv[i] + 14) == -1)	1603	if (asprintf(&line, "nowhitelist %s", argv[i] + 14) == -1)
@@ -1633,15 +1606,6 @@ int main(int argc, char argv, char envp) {
1633	profile_check_line(line, 0, NULL); // will exit if something wrong	1606	profile_check_line(line, 0, NULL); // will exit if something wrong
1634	profile_add(line);	1607	profile_add(line);
1635	}	1608	}
1636	else if (strncmp(argv[i], "--noallow=", 10) == 0) {
1637	char *line;
1638	if (asprintf(&line, "nowhitelist %s", argv[i] + 10) == -1)
1639	errExit("asprintf");
1640
1641	profile_check_line(line, 0, NULL); // will exit if something wrong
1642	profile_add(line);
1643	}
1644
1645		1609
1646	else if (strncmp(argv[i], "--mkdir=", 8) == 0) {	1610	else if (strncmp(argv[i], "--mkdir=", 8) == 0) {
1647	char *line;	1611	char *line;


diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 5e24591fa..9504b26de 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c
@@ -1752,44 +1752,6 @@ void profile_read(const char *fname) {
1752	continue;	1752	continue;
1753	}	1753	}
1754		1754
1755	// translate allow/deny to whitelist/blacklist
1756	if (strncmp(ptr, "allow ", 6) == 0) {
1757	char *tmp;
1758	if (asprintf(&tmp, "whitelist %s", ptr + 6) == -1)
1759	errExit("asprintf");
1760	free(ptr);
1761	ptr = tmp;
1762	}
1763	else if (strncmp(ptr, "deny ", 5) == 0) {
1764	char *tmp;
1765	if (asprintf(&tmp, "blacklist %s", ptr + 5) == -1)
1766	errExit("asprintf");
1767	free(ptr);
1768	ptr = tmp;
1769	}
1770	else if (strncmp(ptr, "deny-nolog ", 11) == 0) {
1771	char *tmp;
1772	if (asprintf(&tmp, "blacklist-nolog %s", ptr + 11) == -1)
1773	errExit("asprintf");
1774	free(ptr);
1775	ptr = tmp;
1776	}
1777	// translate noallow/nodeny to nowhitelist/noblacklist
1778	else if (strncmp(ptr, "noallow ", 8) == 0) {
1779	char *tmp;
1780	if (asprintf(&tmp, "nowhitelist %s", ptr + 8) == -1)
1781	errExit("asprintf");
1782	free(ptr);
1783	ptr = tmp;
1784	}
1785	else if (strncmp(ptr, "nodeny ", 7) == 0) {
1786	char *tmp;
1787	if (asprintf(&tmp, "noblacklist %s", ptr + 7) == -1)
1788	errExit("asprintf");
1789	free(ptr);
1790	ptr = tmp;
1791	}
1792
1793	// process quiet	1755	// process quiet
1794	// todo: a quiet in the profile file cannot be disabled by --ignore on command line	1756	// todo: a quiet in the profile file cannot be disabled by --ignore on command line
1795	if (strcmp(ptr, "quiet") == 0) {	1757	if (strcmp(ptr, "quiet") == 0) {