x11 work

author: netblue30 <netblue30@yahoo.com> 2016-06-09 12:39:21 -0400
committer: netblue30 <netblue30@yahoo.com> 2016-06-09 12:39:21 -0400
commit: ecaf0cb4edcc9f216af7c0bfd238db6b2516c799 (patch)
tree: 6ed93d8f16336a449822a7428234753726f4df6d
parent: fixes (diff)
download: firejail-ecaf0cb4edcc9f216af7c0bfd238db6b2516c799.tar.gz
firejail-ecaf0cb4edcc9f216af7c0bfd238db6b2516c799.tar.zst
firejail-ecaf0cb4edcc9f216af7c0bfd238db6b2516c799.zip
4 files changed, 40 insertions, 6 deletions
diff --git a/etc/firejail.config b/etc/firejail.config
index 8795b0aae..eaff4de8f 100644
--- a/etc/firejail.config
+++ b/etc/firejail.config
@@ -45,3 +45,10 @@
 # xephyr-screen 800x600
 # xephyr-screen 1024x768
 # xephyr-screen 1280x1024
+# Firejail window title in Xephry, default enabled.
+# xephyr-window-title yes
+# Xephyr command extra parameters. None by default, and the declaration is commented out.
+# xephyr-extra-params -keybd ephyr,,,xkbmodel=evdev
+# xephyr-extra-params -grayscale
diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c
index bf85436c3..a69c2831e 100644
--- a/src/firejail/checkcfg.c
+++ b/src/firejail/checkcfg.c
@@ -25,6 +25,7 @@
 static int initialized = 0;
 static int cfg_val[CFG_MAX];
 char *xephyr_screen = "800x600";
+char *xephyr_extra_params = "";
 int checkcfg(int val) {
        EUID_ASSERT();
@@ -165,9 +166,27 @@ int checkcfg(int val) {
                                if (asprintf(&xephyr_screen, "%dx%d", n1, n2) == -1)
                                        errExit("asprintf");
                        }
+        
+                        // xephyr window title
+                        else if (strncmp(ptr, "xephyr-window-title ", 20) == 0) {
+                                if (strcmp(ptr + 20, "yes") == 0)
+                                        cfg_val[CFG_XEPHYR_WINDOW_TITLE] = 1;
+                                else if (strcmp(ptr + 20, "no") == 0)
+                                        cfg_val[CFG_XEPHYR_WINDOW_TITLE] = 0;
+                                else
+                                        goto errout;
+                        }
+                                
+                        // Xephyr command extra parameters
+                        else if (strncmp(ptr, "xephyr-extra-params ", 19) == 0) {
+                                xephyr_extra_params = strdup(ptr + 19);
+                                if (!xephyr_extra_params)
+                                        errExit("strdup");
+                        }
                        else
                                goto errout;
-                                
                        free(ptr);
                }
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index 026273aa3..6d64ce4cd 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -550,7 +550,6 @@ int x11_display(void);
 void x11_start(int argc, char **argv);
 void x11_start_xpra(int argc, char **argv);
 void x11_start_xephyr(int argc, char **argv);
-extern char *xephyr_screen;
 // ls.c
 #define SANDBOX_FS_LS 0
@@ -569,7 +568,10 @@ void sandboxfs(int op, pid_t pid, const char *patqh);
 #define CFG_RESTRICTED_NETWORK 7
 #define CFG_FORCE_NONEWPRIVS 8
 #define CFG_WHITELIST 9
-#define CFG_MAX 10 // this should always be the last entry
+#define CFG_XEPHYR_WINDOW_TITLE 10
+#define CFG_MAX 11 // this should always be the last entry
+extern char *xephyr_screen;
+extern char *xephyr_extra_params;
 int checkcfg(int val);
 // fs_rdwr.c
diff --git a/src/firejail/x11.c b/src/firejail/x11.c
index 300078872..c742ff567 100644
--- a/src/firejail/x11.c
+++ b/src/firejail/x11.c
@@ -187,9 +187,15 @@ void x11_start_xephyr(int argc, char **argv) {
        // start xephyr
        char *cmd1;
-        if (asprintf(&cmd1, "Xephyr -ac -br -title \"firejail x11 sandbox\" -noreset -screen %s :%d", xephyr_screen, display) == -1)
+        if (checkcfg(CFG_XEPHYR_WINDOW_TITLE)) {
-                errExit("asprintf");
+                if (asprintf(&cmd1, "Xephyr -ac -br -title \"firejail x11 sandbox\" %s -noreset -screen %s :%d", xephyr_extra_params, xephyr_screen, display) == -1)
-        
+                        errExit("asprintf");
+        }
+        else {
+                if (asprintf(&cmd1, "Xephyr -ac -br  %s -noreset -screen %s :%d", xephyr_extra_params, xephyr_screen, display) == -1)
+                        errExit("asprintf");
+        }
        int len = 50; // DISPLAY...
        for (i = 0; i < argc; i++) {
                len += strlen(argv[i]) + 1; // + ' '
author	netblue30 <netblue30@yahoo.com>	2016-06-09 12:39:21 -0400
committer	netblue30 <netblue30@yahoo.com>	2016-06-09 12:39:21 -0400
commit	ecaf0cb4edcc9f216af7c0bfd238db6b2516c799 (patch)
tree	6ed93d8f16336a449822a7428234753726f4df6d
parent	fixes (diff)
download	firejail-ecaf0cb4edcc9f216af7c0bfd238db6b2516c799.tar.gz firejail-ecaf0cb4edcc9f216af7c0bfd238db6b2516c799.tar.zst firejail-ecaf0cb4edcc9f216af7c0bfd238db6b2516c799.zip

diff --git a/etc/firejail.config b/etc/firejail.config index 8795b0aae..eaff4de8f 100644 --- a/etc/firejail.config +++ b/etc/firejail.config
@@ -45,3 +45,10 @@
45	# xephyr-screen 800x600	45	# xephyr-screen 800x600
46	# xephyr-screen 1024x768	46	# xephyr-screen 1024x768
47	# xephyr-screen 1280x1024	47	# xephyr-screen 1280x1024
		48
		49	# Firejail window title in Xephry, default enabled.
		50	# xephyr-window-title yes
		51
		52	# Xephyr command extra parameters. None by default, and the declaration is commented out.
		53	# xephyr-extra-params -keybd ephyr,,,xkbmodel=evdev
		54	# xephyr-extra-params -grayscale


diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c index bf85436c3..a69c2831e 100644 --- a/src/firejail/checkcfg.c +++ b/src/firejail/checkcfg.c
@@ -25,6 +25,7 @@
25	static int initialized = 0;	25	static int initialized = 0;
26	static int cfg_val[CFG_MAX];	26	static int cfg_val[CFG_MAX];
27	char *xephyr_screen = "800x600";	27	char *xephyr_screen = "800x600";
		28	char *xephyr_extra_params = "";
28		29
29	int checkcfg(int val) {	30	int checkcfg(int val) {
30	EUID_ASSERT();	31	EUID_ASSERT();
@@ -165,9 +166,27 @@ int checkcfg(int val) {
165	if (asprintf(&xephyr_screen, "%dx%d", n1, n2) == -1)	166	if (asprintf(&xephyr_screen, "%dx%d", n1, n2) == -1)
166	errExit("asprintf");	167	errExit("asprintf");
167	}	168	}
		169
		170	// xephyr window title
		171	else if (strncmp(ptr, "xephyr-window-title ", 20) == 0) {
		172	if (strcmp(ptr + 20, "yes") == 0)
		173	cfg_val[CFG_XEPHYR_WINDOW_TITLE] = 1;
		174	else if (strcmp(ptr + 20, "no") == 0)
		175	cfg_val[CFG_XEPHYR_WINDOW_TITLE] = 0;
		176	else
		177	goto errout;
		178	}
		179
		180	// Xephyr command extra parameters
		181	else if (strncmp(ptr, "xephyr-extra-params ", 19) == 0) {
		182	xephyr_extra_params = strdup(ptr + 19);
		183	if (!xephyr_extra_params)
		184	errExit("strdup");
		185	}
		186
168	else	187	else
169	goto errout;	188	goto errout;
170		189
171	free(ptr);	190	free(ptr);
172	}	191	}
173		192


diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 026273aa3..6d64ce4cd 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h
@@ -550,7 +550,6 @@ int x11_display(void);
550	void x11_start(int argc, char **argv);	550	void x11_start(int argc, char **argv);
551	void x11_start_xpra(int argc, char **argv);	551	void x11_start_xpra(int argc, char **argv);
552	void x11_start_xephyr(int argc, char **argv);	552	void x11_start_xephyr(int argc, char **argv);
553	extern char *xephyr_screen;
554		553
555	// ls.c	554	// ls.c
556	#define SANDBOX_FS_LS 0	555	#define SANDBOX_FS_LS 0
@@ -569,7 +568,10 @@ void sandboxfs(int op, pid_t pid, const char *patqh);
569	#define CFG_RESTRICTED_NETWORK 7	568	#define CFG_RESTRICTED_NETWORK 7
570	#define CFG_FORCE_NONEWPRIVS 8	569	#define CFG_FORCE_NONEWPRIVS 8
571	#define CFG_WHITELIST 9	570	#define CFG_WHITELIST 9
572	#define CFG_MAX 10 // this should always be the last entry	571	#define CFG_XEPHYR_WINDOW_TITLE 10
		572	#define CFG_MAX 11 // this should always be the last entry
		573	extern char *xephyr_screen;
		574	extern char *xephyr_extra_params;
573	int checkcfg(int val);	575	int checkcfg(int val);
574		576
575	// fs_rdwr.c	577	// fs_rdwr.c


diff --git a/src/firejail/x11.c b/src/firejail/x11.c index 300078872..c742ff567 100644 --- a/src/firejail/x11.c +++ b/src/firejail/x11.c
@@ -187,9 +187,15 @@ void x11_start_xephyr(int argc, char **argv) {
187		187
188	// start xephyr	188	// start xephyr
189	char *cmd1;	189	char *cmd1;
190	if (asprintf(&cmd1, "Xephyr -ac -br -title \"firejail x11 sandbox\" -noreset -screen %s :%d", xephyr_screen, display) == -1)	190	if (checkcfg(CFG_XEPHYR_WINDOW_TITLE)) {
191	errExit("asprintf");	191	if (asprintf(&cmd1, "Xephyr -ac -br -title \"firejail x11 sandbox\" %s -noreset -screen %s :%d", xephyr_extra_params, xephyr_screen, display) == -1)
192		192	errExit("asprintf");
		193	}
		194	else {
		195	if (asprintf(&cmd1, "Xephyr -ac -br %s -noreset -screen %s :%d", xephyr_extra_params, xephyr_screen, display) == -1)
		196	errExit("asprintf");
		197	}
		198
193	int len = 50; // DISPLAY...	199	int len = 50; // DISPLAY...
194	for (i = 0; i < argc; i++) {	200	for (i = 0; i < argc; i++) {
195	len += strlen(argv[i]) + 1; // + ' '	201	len += strlen(argv[i]) + 1; // + ' '