diff options
author | 2023-03-05 09:57:04 -0500 | |
---|---|---|
committer | 2023-03-05 09:57:04 -0500 | |
commit | d78fc96ee0585fbf0fc467eebc109716eee2e1d7 (patch) | |
tree | 65a56cdde3a8e803dde6e5c4d5dfe26d617579c4 | |
parent | cleanup appimage (diff) | |
download | firejail-d78fc96ee.tar.gz firejail-d78fc96ee.tar.zst firejail-d78fc96ee.zip |
codespell github action
-rw-r--r-- | .github/workflows/build-extra.yml | 15 | ||||
-rw-r--r-- | Makefile | 4 | ||||
-rw-r--r-- | README | 3 | ||||
-rw-r--r-- | src/firejail/arp.c | 2 | ||||
-rw-r--r-- | src/firejail/ls.c | 2 | ||||
-rw-r--r-- | src/firejail/usage.c | 4 | ||||
-rw-r--r-- | src/firejail/util.c | 2 | ||||
-rw-r--r-- | src/fnet/main.c | 2 | ||||
-rw-r--r-- | src/lib/firejail_user.c | 2 | ||||
-rw-r--r-- | test/fcopy/src/a/b/file4 | 6 | ||||
-rwxr-xr-x | test/network/configure | 31 |
11 files changed, 31 insertions, 42 deletions
diff --git a/.github/workflows/build-extra.yml b/.github/workflows/build-extra.yml index 1ed662352..bfe65d44e 100644 --- a/.github/workflows/build-extra.yml +++ b/.github/workflows/build-extra.yml | |||
@@ -120,3 +120,18 @@ jobs: | |||
120 | run: sudo apt-get install cppcheck | 120 | run: sudo apt-get install cppcheck |
121 | - name: cppcheck | 121 | - name: cppcheck |
122 | run: cppcheck -q --force --error-exitcode=1 --enable=warning,performance . | 122 | run: cppcheck -q --force --error-exitcode=1 --enable=warning,performance . |
123 | codespell: | ||
124 | runs-on: ubuntu-22.04 | ||
125 | steps: | ||
126 | - name: Harden Runner | ||
127 | uses: step-security/harden-runner@c8454efe5d0bdefd25384362fe217428ca277d57 | ||
128 | with: | ||
129 | egress-policy: block | ||
130 | allowed-endpoints: > | ||
131 | azure.archive.ubuntu.com:80 | ||
132 | github.com:443 | ||
133 | - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c | ||
134 | - name: install dependencies | ||
135 | run: sudo apt-get install codespell | ||
136 | - name: codespell | ||
137 | run: make codespell | ||
@@ -360,6 +360,10 @@ cppcheck: clean | |||
360 | scan-build: clean | 360 | scan-build: clean |
361 | NO_EXTRA_CFLAGS="yes" scan-build make | 361 | NO_EXTRA_CFLAGS="yes" scan-build make |
362 | 362 | ||
363 | .PHONY: codespell | ||
364 | codespell: clean | ||
365 | codespell --ignore-regex "UE|creat|shotcut|ether" src test | ||
366 | |||
363 | # | 367 | # |
364 | # make test | 368 | # make test |
365 | # | 369 | # |
@@ -135,7 +135,7 @@ Amin Vakil (https://github.com/aminvakil) | |||
135 | Ammon Smith (https://github.com/ammongit) | 135 | Ammon Smith (https://github.com/ammongit) |
136 | - Add DBus filter rules specific to firefox-developer-edition | 136 | - Add DBus filter rules specific to firefox-developer-edition |
137 | Andreas Hunkeler (https://github.com/Karneades) | 137 | Andreas Hunkeler (https://github.com/Karneades) |
138 | - Add profile for offical Linux Teams application | 138 | - Add profile for official Linux Teams application |
139 | Andrey Alekseenko (https://github.com/al42and) | 139 | Andrey Alekseenko (https://github.com/al42and) |
140 | - fixing lintian warnings | 140 | - fixing lintian warnings |
141 | - fixed Skype profile | 141 | - fixed Skype profile |
@@ -688,6 +688,7 @@ LaurentGH (https://github.com/LaurentGH) | |||
688 | layderv (https://github.com/layderv) | 688 | layderv (https://github.com/layderv) |
689 | - prevent sandbox name from containing only digits | 689 | - prevent sandbox name from containing only digits |
690 | - clean escape control characters from the command line | 690 | - clean escape control characters from the command line |
691 | - check hostname syntax | ||
691 | lecso7 (https://github.com/lecso7) | 692 | lecso7 (https://github.com/lecso7) |
692 | - added goldendict profile | 693 | - added goldendict profile |
693 | - allow evince to read .cbz file format | 694 | - allow evince to read .cbz file format |
diff --git a/src/firejail/arp.c b/src/firejail/arp.c index bfb522d38..d4288b29e 100644 --- a/src/firejail/arp.c +++ b/src/firejail/arp.c | |||
@@ -299,7 +299,7 @@ static uint32_t arp_random(const char *dev, Bridge *br) { | |||
299 | return 0; | 299 | return 0; |
300 | } | 300 | } |
301 | 301 | ||
302 | // go sequentially trough all IP addresses and assign the first one not in use | 302 | // go sequentially through all IP addresses and assign the first one not in use |
303 | static uint32_t arp_sequential(const char *dev, Bridge *br) { | 303 | static uint32_t arp_sequential(const char *dev, Bridge *br) { |
304 | assert(dev); | 304 | assert(dev); |
305 | assert(br); | 305 | assert(br); |
diff --git a/src/firejail/ls.c b/src/firejail/ls.c index ea85fabfd..b2e4b1947 100644 --- a/src/firejail/ls.c +++ b/src/firejail/ls.c | |||
@@ -381,7 +381,7 @@ void sandboxfs(int op, pid_t pid, const char *path1, const char *path2) { | |||
381 | errExit("ftruncate"); | 381 | errExit("ftruncate"); |
382 | 382 | ||
383 | if (copy_file_by_fd(src, dest) != 0) | 383 | if (copy_file_by_fd(src, dest) != 0) |
384 | fwarning("an error occured during copying\n"); | 384 | fwarning("an error occurred during copying\n"); |
385 | close(src); | 385 | close(src); |
386 | close(dest); | 386 | close(dest); |
387 | } | 387 | } |
diff --git a/src/firejail/usage.c b/src/firejail/usage.c index 2e10fb959..965d09992 100644 --- a/src/firejail/usage.c +++ b/src/firejail/usage.c | |||
@@ -200,8 +200,8 @@ static char *usage_str = | |||
200 | " --private=directory - use directory as user home.\n" | 200 | " --private=directory - use directory as user home.\n" |
201 | " --private-cache - temporary ~/.cache directory.\n" | 201 | " --private-cache - temporary ~/.cache directory.\n" |
202 | " --private-home=file,directory - build a new user home in a temporary\n" | 202 | " --private-home=file,directory - build a new user home in a temporary\n" |
203 | "\tfilesystem, and copy the files and directories in the list in\n" | 203 | "\tfilesystem, and copy the files and directories in the list in the\n" |
204 | "\tthe new home.\n" | 204 | "\tnew home.\n" |
205 | " --private-bin=file,file - build a new /bin in a temporary filesystem,\n" | 205 | " --private-bin=file,file - build a new /bin in a temporary filesystem,\n" |
206 | "\tand copy the programs in the list.\n" | 206 | "\tand copy the programs in the list.\n" |
207 | " --private-dev - create a new /dev directory with a small number of\n" | 207 | " --private-dev - create a new /dev directory with a small number of\n" |
diff --git a/src/firejail/util.c b/src/firejail/util.c index bafcd69ec..cda99e432 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
@@ -1323,7 +1323,7 @@ void close_all(int *keep_list, size_t sz) { | |||
1323 | if (fd == dirfd(dir)) | 1323 | if (fd == dirfd(dir)) |
1324 | continue; // just postponed | 1324 | continue; // just postponed |
1325 | 1325 | ||
1326 | // dont't close file descriptors in keep list | 1326 | // don't close file descriptors in keep list |
1327 | int keep = 0; | 1327 | int keep = 0; |
1328 | if (keep_list) { | 1328 | if (keep_list) { |
1329 | size_t i; | 1329 | size_t i; |
diff --git a/src/fnet/main.c b/src/fnet/main.c index 96c4f1478..fc36ae977 100644 --- a/src/fnet/main.c +++ b/src/fnet/main.c | |||
@@ -87,7 +87,7 @@ printf("\n"); | |||
87 | else if (argc == 7 && strcmp(argv[1], "create") == 0 && strcmp(argv[2], "veth") == 0) { | 87 | else if (argc == 7 && strcmp(argv[1], "create") == 0 && strcmp(argv[2], "veth") == 0) { |
88 | // create veth pair and move one end in the the namespace | 88 | // create veth pair and move one end in the the namespace |
89 | net_create_veth(argv[3], argv[4], atoi(argv[6])); | 89 | net_create_veth(argv[3], argv[4], atoi(argv[6])); |
90 | // connect the ohter veth end to the bridge ... | 90 | // connect the other veth end to the bridge ... |
91 | net_bridge_add_interface(argv[5], argv[3]); | 91 | net_bridge_add_interface(argv[5], argv[3]); |
92 | // ... and bring it up | 92 | // ... and bring it up |
93 | net_if_up(argv[3]); | 93 | net_if_up(argv[3]); |
diff --git a/src/lib/firejail_user.c b/src/lib/firejail_user.c index dc6361422..a924f26cf 100644 --- a/src/lib/firejail_user.c +++ b/src/lib/firejail_user.c | |||
@@ -19,7 +19,7 @@ | |||
19 | */ | 19 | */ |
20 | 20 | ||
21 | // | 21 | // |
22 | // Firejail access database inplementation | 22 | // Firejail access database implementation |
23 | // | 23 | // |
24 | // The database is a simple list of users allowed to run firejail SUID executable | 24 | // The database is a simple list of users allowed to run firejail SUID executable |
25 | // It is usually stored in /etc/firejail/firejail.users | 25 | // It is usually stored in /etc/firejail/firejail.users |
diff --git a/test/fcopy/src/a/b/file4 b/test/fcopy/src/a/b/file4 index ac318d7ab..d4a4c0bd5 100644 --- a/test/fcopy/src/a/b/file4 +++ b/test/fcopy/src/a/b/file4 | |||
@@ -4,8 +4,8 @@ Lorem ipsum dolor sit amet, consectetur adipiscing elit. Etiam interdum at massa | |||
4 | 4 | ||
5 | Mauris ac quam vel purus volutpat semper eget a ante. Curabitur arcu nisl, dapibus ac lectus ac, porttitor fermentum metus. Aliquam et sem aliquam magna interdum ultricies at eu orci. Aenean tortor augue, volutpat nec magna nec, rutrum bibendum justo. Vivamus ex quam, auctor ut pellentesque mattis, aliquet a eros. Etiam ac lacus ac ante ullamcorper sollicitudin a quis orci. Suspendisse quis justo ac mauris cursus finibus quis at elit. Vestibulum elementum finibus diam, eget convallis purus aliquet et. Fusce fermentum ornare urna, non ornare nisl tincidunt consectetur. Donec et lacus vitae ex eleifend porttitor id ut odio. Quisque luctus eget lorem et sollicitudin. | 5 | Mauris ac quam vel purus volutpat semper eget a ante. Curabitur arcu nisl, dapibus ac lectus ac, porttitor fermentum metus. Aliquam et sem aliquam magna interdum ultricies at eu orci. Aenean tortor augue, volutpat nec magna nec, rutrum bibendum justo. Vivamus ex quam, auctor ut pellentesque mattis, aliquet a eros. Etiam ac lacus ac ante ullamcorper sollicitudin a quis orci. Suspendisse quis justo ac mauris cursus finibus quis at elit. Vestibulum elementum finibus diam, eget convallis purus aliquet et. Fusce fermentum ornare urna, non ornare nisl tincidunt consectetur. Donec et lacus vitae ex eleifend porttitor id ut odio. Quisque luctus eget lorem et sollicitudin. |
6 | 6 | ||
7 | Aliquam libero elit, finibus a nisl a, commodo viverra turpis. Nam pulvinar in est sit amet fermentum. Praesent scelerisque tempus lectus, ac porta elit sodales rutrum. Duis faucibus faucibus urna eget accumsan. Vivamus in turpis ut massa rhoncus pretium nec et lorem. Aenean at tellus eget metus porta ornare. Aliquam erat volutpat. Donec hendrerit a massa vel malesuada. Integer varius sapien et orci viverra pretium. In at velit aliquet, vulputate nisi lobortis, aliquam augue. | 7 | Aliquam libero elit, finibus a nisl a, commodo viverra turpis. Nam pulvinar in est sit amet fermentum. Praesent scelerisque tempus lectus, ac porta elit sodales rutrum. Duis faucibus faucibus urna eget accumsan. Vivamus in turpis ut massa rhoncus pretium nec et lorem. Aenean at tellus eget metus porta ornare. Aliquam erat volutpat. Donec hendrerit a massa vel malesuada. Integer sapien et orci viverra pretium. In at velit aliquet, vulputate nisi lobortis, aliquam augue. |
8 | 8 | ||
9 | Ut aliquam turpis ut lorem aliquam, in faucibus elit pulvinar. Vivamus viverra tortor ornare, lacinia leo sit amet, auctor arcu. Sed erat leo, pellentesque vel nibh a, malesuada vehicula purus. Vivamus est dolor, aliquet quis facilisis fermentum, varius in dolor. Nunc quis libero feugiat, imperdiet est vitae, mollis risus. Vestibulum elementum mattis lorem vitae gravida. Nullam id tellus interdum, aliquam erat eu, laoreet nunc. Aliquam ut felis vel mauris maximus pellentesque. | 9 | Ut aliquam turpis ut lorem aliquam, in faucibus elit pulvinar. Vivamus viverra tortor ornare, lacinia leo sit amet, auctor arcu. Sed erat leo, pellentesque vel nibh a, malesuada vehicula purus. Vivamus est dolor, aliquet quis facilisis fermentum, in dolor. Nunc quis libero feugiat, imperdiet est vitae, mollis risus. Vestibulum elementum mattis lorem vitae gravida. Nullam id tellus interdum, aliquam erat eu, laoreet nunc. Aliquam ut felis vel mauris maximus pellentesque. |
10 | 10 | ||
11 | Vestibulum tempus mauris eget ex interdum, vitae vehicula tortor sollicitudin. Pellentesque et dolor cursus dui vulputate laoreet. Morbi eu bibendum quam, at ultrices elit. Vestibulum dictum enim sit amet ultricies imperdiet. Praesent congue magna ac mauris mattis, a iaculis ante aliquet. Vivamus at egestas ex. Suspendisse orci dolor, pharetra at aliquam a, faucibus facilisis leo. Quisque semper lorem eget elit commodo pretium. Aenean posuere augue quis arcu finibus, sit amet fringilla risus congue. Pellentesque rutrum nunc leo, aliquam lobortis lacus molestie nec. Donec convallis congue diam, ullamcorper vestibulum dui varius nec. Praesent pellentesque nisi risus. In aliquam molestie malesuada. Nulla facilisis a risus eu tristique. Morbi molestie et arcu quis efficitur. Curabitur cursus vestibulum luctus. | 11 | Vestibulum tempus mauris eget ex interdum, vitae vehicula tortor sollicitudin. Pellentesque et dolor cursus dui vulputate laoreet. Morbi eu bibendum quam, at ultrices elit. Vestibulum dictum enim sit amet ultricies imperdiet. Praesent congue magna ac mauris mattis, a iaculis ante aliquet. Vivamus at egestas ex. Suspendisse orci dolor, pharetra at aliquam a, faucibus facilisis leo. Quisque semper lorem eget elit commodo pretium. Aenean posuere augue quis arcu finibus, sit amet fringilla risus congue. Pellentesque rutrum nunc leo, aliquam lobortis lacus molestie nec. Donec convallis congue diam, ullamcorper vestibulum dui nec. Praesent pellentesque nisi risus. In aliquam molestie malesuada. Nulla facilisis a risus eu tristique. Morbi molestie et arcu quis efficitur. Curabitur cursus vestibulum luctus. |
diff --git a/test/network/configure b/test/network/configure deleted file mode 100755 index 1a39dd5ad..000000000 --- a/test/network/configure +++ /dev/null | |||
@@ -1,31 +0,0 @@ | |||
1 | #!/bin/bash | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2023 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | brctl addbr br0 | ||
7 | ifconfig br0 10.10.20.1/29 up | ||
8 | # NAT masquerade | ||
9 | iptables -t nat -A POSTROUTING -o eth0 -s 10.10.20.0/29 -j MASQUERADE | ||
10 | # port forwarding | ||
11 | # iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 10.10.20.2:80 | ||
12 | |||
13 | brctl addbr br-unconfigured | ||
14 | ifconfig br-unconfigured up | ||
15 | brctl addbr br1 | ||
16 | ifconfig br1 10.10.30.1/24 up | ||
17 | brctl addbr br2 | ||
18 | ifconfig br2 10.10.40.1/24 up | ||
19 | brctl addbr br3 | ||
20 | ifconfig br3 10.10.50.1/24 up | ||
21 | brctl addbr br4 | ||
22 | ifconfig br4 10.10.60.1/24 up | ||
23 | ip link add link eth0 name eth0.5 type vlan id 5 | ||
24 | /sbin/ifconfig eth0.5 10.10.205.10/24 up | ||
25 | ip link add link eth0 name eth0.6 type vlan id 6 | ||
26 | /sbin/ifconfig eth0.6 10.10.206.10/24 up | ||
27 | ip link add link eth0 name eth0.7 type vlan id 7 | ||
28 | /sbin/ifconfig eth0.7 10.10.207.10/24 up | ||
29 | |||
30 | # network namespace | ||
31 | ip netns add red | ||