diff options
author | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2022-04-21 21:24:44 +0200 |
---|---|---|
committer | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2022-04-21 21:24:44 +0200 |
commit | c8c69ca2f615e55c93d2937b3dba672cf59abb46 (patch) | |
tree | 35fa00b40707ab9b9046dcc6671adcc5b5865324 | |
parent | more on firecfg --guide (diff) | |
download | firejail-c8c69ca2f615e55c93d2937b3dba672cf59abb46.tar.gz firejail-c8c69ca2f615e55c93d2937b3dba672cf59abb46.tar.zst firejail-c8c69ca2f615e55c93d2937b3dba672cf59abb46.zip |
firejail-welcome.sh fixes
- fix shellcheck
- break long lines
- remove unseless $? check
- remove needless \\
-rwxr-xr-x | src/firecfg/firejail-welcome.sh | 33 |
1 files changed, 16 insertions, 17 deletions
diff --git a/src/firecfg/firejail-welcome.sh b/src/firecfg/firejail-welcome.sh index a3e9713e4..b70d7861d 100755 --- a/src/firecfg/firejail-welcome.sh +++ b/src/firecfg/firejail-welcome.sh | |||
@@ -15,7 +15,7 @@ | |||
15 | PROGRAM=$1 | 15 | PROGRAM=$1 |
16 | SYSCONFDIR=$2 | 16 | SYSCONFDIR=$2 |
17 | 17 | ||
18 | if ! command -v $PROGRAM >/dev/null; then | 18 | if ! command -v "$PROGRAM" >/dev/null; then |
19 | echo "Please install $PROGRAM." | 19 | echo "Please install $PROGRAM." |
20 | exit 1 | 20 | exit 1 |
21 | fi | 21 | fi |
@@ -37,8 +37,10 @@ enable_nonewprivs=false | |||
37 | read -r -d $'\0' MSG_INTRO <<EOM | 37 | read -r -d $'\0' MSG_INTRO <<EOM |
38 | <big><b>Welcome to Firejail!</b></big> | 38 | <big><b>Welcome to Firejail!</b></big> |
39 | 39 | ||
40 | 40 | This guide will walk you through some of the most common sandbox customizations. At the end of the | |
41 | This guide will walk you through some of the most common sandbox customizations. At the end of the guide you'll have the option to save your changes in Firejail's global config file at <b>/etc/firejail/firejail.config</b>. A copy of the original file is stored as <b>/etc/firejal/firejail.config-</b>. | 41 | guide you'll have the option to save your changes in Firejail's global config file at |
42 | <b>/etc/firejail/firejail.config</b>. A copy of the original file is stored as | ||
43 | <b>/etc/firejal/firejail.config-</b>. | ||
42 | 44 | ||
43 | Please note that running this script a second time can set new options, but does not clear options set in a previous run. | 45 | Please note that running this script a second time can set new options, but does not clear options set in a previous run. |
44 | 46 | ||
@@ -62,7 +64,6 @@ EOM | |||
62 | if $PROGRAM --title="$TITLE" --question --ellipsize --text="$MSG_Q_RUN_FIRECFG"; then | 64 | if $PROGRAM --title="$TITLE" --question --ellipsize --text="$MSG_Q_RUN_FIRECFG"; then |
63 | run_firecfg=true | 65 | run_firecfg=true |
64 | fi | 66 | fi |
65 | [[ $? -eq 1 ]] && exit 0 | ||
66 | 67 | ||
67 | #****************************************************** | 68 | #****************************************************** |
68 | # U2F | 69 | # U2F |
@@ -156,43 +157,41 @@ if $PROGRAM --title="$TITLE" --question --ellipsize --text="$MSG_Q_SECCOMP"; the | |||
156 | sed_scripts+=("-e s/# seccomp-error-action EPERM/seccomp-error-action kill/") | 157 | sed_scripts+=("-e s/# seccomp-error-action EPERM/seccomp-error-action kill/") |
157 | fi | 158 | fi |
158 | 159 | ||
159 | |||
160 | |||
161 | |||
162 | #****************************************************** | 160 | #****************************************************** |
163 | # root | 161 | # root |
164 | #****************************************************** | 162 | #****************************************************** |
165 | read -r -d $'\0' MSG_RUN <<EOM | 163 | read -r -d $'\0' MSG_RUN <<EOM |
166 | Now, I will apply the changes. This is what I will do: | 164 | Now, I will apply the changes. This is what I will do: |
165 | |||
166 | |||
167 | EOM | 167 | EOM |
168 | 168 | ||
169 | MSG_RUN+="\\n\\n" | ||
170 | if [[ "$run_firecfg" == "true" ]]; then | 169 | if [[ "$run_firecfg" == "true" ]]; then |
171 | MSG_RUN+=" * enable Firejail for all recognized programs\\n" | 170 | MSG_RUN+=" * enable Firejail for all recognized programs\n" |
172 | fi | 171 | fi |
173 | if [[ "$enable_u2f" == "true" ]]; then | 172 | if [[ "$enable_u2f" == "true" ]]; then |
174 | MSG_RUN+=" * allow browsers to access U2F devices\\n" | 173 | MSG_RUN+=" * allow browsers to access U2F devices\n" |
175 | fi | 174 | fi |
176 | if [[ "$enable_drm" == "true" ]]; then | 175 | if [[ "$enable_drm" == "true" ]]; then |
177 | MSG_RUN+=" * allow browsers to play DRM content\\n" | 176 | MSG_RUN+=" * allow browsers to play DRM content\n" |
178 | fi | 177 | fi |
179 | if [[ "$enable_nonewprivs" == "true" ]]; then | 178 | if [[ "$enable_nonewprivs" == "true" ]]; then |
180 | MSG_RUN+=" * enable nonewprivs globally\\n" | 179 | MSG_RUN+=" * enable nonewprivs globally\n" |
181 | fi | 180 | fi |
182 | if [[ "$enable_restricted_net" == "true" ]]; then | 181 | if [[ "$enable_restricted_net" == "true" ]]; then |
183 | MSG_RUN+=" * restrict networking features\\n" | 182 | MSG_RUN+=" * restrict networking features\n" |
184 | fi | 183 | fi |
185 | if [[ "$enable_seccomp_kill" == "true" ]]; then | 184 | if [[ "$enable_seccomp_kill" == "true" ]]; then |
186 | MSG_RUN+=" * enable seccomp kill\\n" | 185 | MSG_RUN+=" * enable seccomp kill\n" |
187 | fi | 186 | fi |
188 | MSG_RUN+="\\n\\nPress OK to continue, or close this window to stop the program." | 187 | MSG_RUN+="\n\nPress OK to continue, or close this window to stop the program." |
189 | 188 | ||
190 | $PROGRAM --title="$TITLE" --info --width=600 --height=40 --text="$MSG_RUN" | 189 | $PROGRAM --title="$TITLE" --info --width=600 --height=40 --text="$MSG_RUN" |
191 | [[ $? -eq 1 ]] && exit 0 | 190 | [[ $? -eq 1 ]] && exit 0 |
192 | 191 | ||
193 | if [[ -n "${sed_scripts[*]}" ]]; then | 192 | if [[ -n "${sed_scripts[*]}" ]]; then |
194 | cp $SYSCONFDIR/firejail.config $SYSCONFDIR/firejail.config- | 193 | cp "$SYSCONFDIR"/firejail.config "$SYSCONFDIR"/firejail.config- |
195 | sed -i "${sed_scripts[@]}" $SYSCONFDIR/firejail.config | 194 | sed -i "${sed_scripts[@]}" "$SYSCONFDIR"/firejail.config |
196 | fi | 195 | fi |
197 | if [[ "$run_firecfg" == "true" ]]; then | 196 | if [[ "$run_firecfg" == "true" ]]; then |
198 | # return 55 to inform firecfg symlinks are desired | 197 | # return 55 to inform firecfg symlinks are desired |