fixed sysconfdir

8 files changed, 91 insertions, 51 deletions

diff --git a/Makefile.in b/Makefile.in
index bcf9d613f..65f43884b 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -8,9 +8,7 @@ bindir=@bindir@
 libdir=@libdir@
 datarootdir=@datarootdir@
 mandir=@mandir@
-# todo: fix sysconfdir
-# sysconfdir=@sysconfdir@ 
-sysconfdir=/etc
+sysconfdir=@sysconfdir@
 
 VERSION=@PACKAGE_VERSION@
 NAME=@PACKAGE_NAME@
@@ -72,51 +70,53 @@ realinstall:
         install -c -m 0644 README $(DESTDIR)/$(DOCDIR)/.
         install -c -m 0644 RELNOTES $(DESTDIR)/$(DOCDIR)/.
         # etc files
+        ./mketc.sh $(sysconfdir)
         mkdir -p $(DESTDIR)/$(sysconfdir)/firejail
-        install -c -m 0644 etc/audacious.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/clementine.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/gnome-mplayer.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/rhythmbox.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/totem.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/firefox.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/icedove.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/iceweasel.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/midori.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/evince.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/chromium-browser.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/chromium.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/google-chrome.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/disable-mgmt.inc $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/disable-secret.inc $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/disable-common.inc $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/dropbox.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/opera.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/thunderbird.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/transmission-gtk.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/transmission-qt.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/vlc.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/deluge.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/qbittorrent.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/generic.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/pidgin.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/xchat.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/empathy.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/server.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/icecat.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/quassel.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/deadbeef.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/filezilla.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/fbreader.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/spotify.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/steam.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/skype.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/wine.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/disable-devel.inc $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/conkeror.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/unbound.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/dnscrypt-proxy.profile $(DESTDIR)/$(sysconfdir)/firejail/.
-        install -c -m 0644 etc/whitelist-common.inc $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/audacious.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/clementine.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/gnome-mplayer.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/rhythmbox.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/totem.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/firefox.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/icedove.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/iceweasel.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/midori.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/evince.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/chromium-browser.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/chromium.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/google-chrome.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/disable-mgmt.inc $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/disable-secret.inc $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/disable-common.inc $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/dropbox.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/opera.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/thunderbird.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/transmission-gtk.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/transmission-qt.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/vlc.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/deluge.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/qbittorrent.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/generic.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/pidgin.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/xchat.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/empathy.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/server.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/icecat.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/quassel.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/deadbeef.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/filezilla.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/fbreader.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/spotify.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/steam.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/skype.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/wine.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/disable-devel.inc $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/conkeror.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/unbound.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/dnscrypt-proxy.profile $(DESTDIR)/$(sysconfdir)/firejail/.
+        install -c -m 0644 .etc/whitelist-common.inc $(DESTDIR)/$(sysconfdir)/firejail/.
         bash -c "if [ ! -f $(DESTDIR)/$(sysconfdir)/firejail/login.users ]; then install -c -m 0644 etc/login.users $(DESTDIR)/$(sysconfdir)/firejail/.; fi;"
+        rm -fr .etc
         # man pages
         rm -f firejail.1.gz
         gzip -9n firejail.1
diff --git a/configure b/configure
index 3e3676f40..fe05f2a80 100755
--- a/configure
+++ b/configure
@@ -3558,6 +3558,11 @@ fi
 
 
 
+# set sysconfdir
+if test "$prefix" = /usr; then
+        sysconfdir="/etc"
+fi
+
 ac_config_files="$ac_config_files Makefile src/lib/Makefile src/firejail/Makefile src/firemon/Makefile src/libtrace/Makefile src/ftee/Makefile"
 
 cat >confcache <<\_ACEOF
@@ -4731,9 +4736,12 @@ fi
 echo
 echo "Configuration options:"
 echo "   prefix: $prefix"
+echo "   sysconfdir: $sysconfdir"
 echo "   seccomp: $HAVE_SECCOMP"
 echo "   <linux/seccomp.h>: $HAVE_SECCOMP_H"
 echo "   chroot: $HAVE_CHROOT"
 echo "   bind: $HAVE_BIND"
 echo "   fatal warnings: $HAVE_FATAL_WARNINGS"
 echo
+
+
diff --git a/configure.ac b/configure.ac
index 589451cab..f7db96ee7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -47,14 +47,22 @@ AC_CHECK_HEADER(pthread.h,,AC_MSG_ERROR([*** POSIX thread support not installed
 AC_CHECK_HEADER([linux/seccomp.h], HAVE_SECCOMP_H="-DHAVE_SECCOMP_H", HAVE_SECCOMP_H="")
 AC_SUBST(HAVE_SECCOMP_H)
 
+# set sysconfdir
+if test "$prefix" = /usr; then
+        sysconfdir="/etc"
+fi
+
 AC_OUTPUT(Makefile src/lib/Makefile src/firejail/Makefile src/firemon/Makefile src/libtrace/Makefile src/ftee/Makefile)
 
 echo
 echo "Configuration options:"
 echo "   prefix: $prefix"
+echo "   sysconfdir: $sysconfdir"
 echo "   seccomp: $HAVE_SECCOMP"
 echo "   <linux/seccomp.h>: $HAVE_SECCOMP_H"
 echo "   chroot: $HAVE_CHROOT"
 echo "   bind: $HAVE_BIND"
 echo "   fatal warnings: $HAVE_FATAL_WARNINGS"
 echo
+
+
diff --git a/mketc.sh b/mketc.sh
new file mode 100755
index 000000000..7b86a69e4
--- /dev/null
+++ b/mketc.sh
@@ -0,0 +1,18 @@
+#!/bin/bash
+rm -fr .etc
+mkdir .etc
+
+result=$(echo $1 | sed 's/\//\\\//g')
+echo $result
+
+FILES=`ls etc/*.profile`
+for file in $FILES
+do
+        sed "s/\/etc/$result/g" $file > .$file
+done
+
+FILES=`ls etc/*.inc`
+for file in $FILES
+do
+        sed "s/\/etc/$result/g" $file > .$file
+done
diff --git a/src/firejail/Makefile.in b/src/firejail/Makefile.in
index 255784ac7..c2663f1a9 100644
--- a/src/firejail/Makefile.in
+++ b/src/firejail/Makefile.in
@@ -3,6 +3,7 @@ all: firejail
 prefix=@prefix@
 exec_prefix=@exec_prefix@
 libdir=@libdir@
+sysconfdir=@sysconfdir@
 
 VERSION=@PACKAGE_VERSION@
 NAME=@PACKAGE_NAME@
@@ -12,11 +13,12 @@ HAVE_CHROOT=@HAVE_CHROOT@
 HAVE_BIND=@HAVE_BIND@
 HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@
 
+
 H_FILE_LIST       = $(wildcard *.[h])
 C_FILE_LIST       = $(wildcard *.c)
 OBJS = $(C_FILE_LIST:.c=.o)
 BINOBJS =  $(foreach file, $(OBJS), $file)
-CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(prefix)"' -DLIBDIR='"$(libdir)"' $(HAVE_SECCOMP) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_BIND) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security
+CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(prefix)"'  -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_SECCOMP) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_BIND) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security
 LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
 
 %.o : %.c $(H_FILE_LIST)
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 601999db5..3a2da0852 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -1222,7 +1222,7 @@ int main(int argc, char **argv) {
                 }
                 if (!custom_profile) {
                         // look for a user profile in /etc/firejail directory
-                        int rv = profile_find(cfg.command_name, "/etc/firejail");
+                        int rv = profile_find(cfg.command_name, SYSCONFDIR);
                         custom_profile = rv;
                 }
         }
@@ -1252,7 +1252,7 @@ int main(int argc, char **argv) {
         
                         if (!custom_profile) {
                                 // look for the profile in /etc/firejail directory
-                                custom_profile = profile_find(profile_name, "/etc/firejail");
+                                custom_profile = profile_find(profile_name, SYSCONFDIR);
                         }
                         
                         if (custom_profile && !arg_quiet)
diff --git a/src/firejail/profile.c b/src/firejail/profile.c
index 5ab6bc776..de89cf40f 100644
--- a/src/firejail/profile.c
+++ b/src/firejail/profile.c
@@ -429,7 +429,7 @@ void profile_read(const char *fname) {
         // open profile file:
         FILE *fp = fopen(fname, "r");
         if (fp == NULL) {
-                fprintf(stderr, "Error: cannot open profile file\n");
+                fprintf(stderr, "Error: cannot open profile file %s\n", fname);
                 exit(1);
         }
 
diff --git a/src/firejail/restricted_shell.c b/src/firejail/restricted_shell.c
index 72354d71b..5b1ce12e0 100644
--- a/src/firejail/restricted_shell.c
+++ b/src/firejail/restricted_shell.c
@@ -27,7 +27,11 @@ int restricted_shell(const char *user) {
         assert(user);
 
         // open profile file:
-        FILE *fp = fopen("/etc/firejail/login.users", "r");
+        char *fname;
+        if (asprintf(&fname, "%s/login.users", SYSCONFDIR) == -1)
+                errExit("asprintf");
+        FILE *fp = fopen(fname, "r");
+        free(fname);
         if (fp == NULL)
                 return 0;