diff options
author | netblue30 <netblue30@yahoo.com> | 2017-10-22 11:09:50 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-10-22 11:09:50 -0400 |
commit | ba231088e6bd8e4c52e372f7a4d2928ee7bf223a (patch) | |
tree | 614f1fbcbdaa6ae5ac6a2148bd13cb6073b263e7 /src/fbuilder/build_fs.c | |
parent | --build fixes (diff) | |
download | firejail-ba231088e6bd8e4c52e372f7a4d2928ee7bf223a.tar.gz firejail-ba231088e6bd8e4c52e372f7a4d2928ee7bf223a.tar.zst firejail-ba231088e6bd8e4c52e372f7a4d2928ee7bf223a.zip |
--build: save the resulting profile in a file
Diffstat (limited to 'src/fbuilder/build_fs.c')
-rw-r--r-- | src/fbuilder/build_fs.c | 52 |
1 files changed, 26 insertions, 26 deletions
diff --git a/src/fbuilder/build_fs.c b/src/fbuilder/build_fs.c index 01104edb1..f1a27a35a 100644 --- a/src/fbuilder/build_fs.c +++ b/src/fbuilder/build_fs.c | |||
@@ -125,21 +125,21 @@ static void etc_callback(char *ptr) { | |||
125 | etc_out = filedb_add(etc_out, ptr); | 125 | etc_out = filedb_add(etc_out, ptr); |
126 | } | 126 | } |
127 | 127 | ||
128 | void build_etc(const char *fname) { | 128 | void build_etc(const char *fname, FILE *fp) { |
129 | assert(fname); | 129 | assert(fname); |
130 | 130 | ||
131 | process_files(fname, "/etc", etc_callback); | 131 | process_files(fname, "/etc", etc_callback); |
132 | 132 | ||
133 | printf("private-etc "); | 133 | fprintf(fp, "private-etc "); |
134 | if (etc_out == NULL) | 134 | if (etc_out == NULL) |
135 | printf("none\n"); | 135 | fprintf(fp, "none\n"); |
136 | else { | 136 | else { |
137 | FileDB *ptr = etc_out; | 137 | FileDB *ptr = etc_out; |
138 | while (ptr) { | 138 | while (ptr) { |
139 | printf("%s,", ptr->fname); | 139 | fprintf(fp, "%s,", ptr->fname); |
140 | ptr = ptr->next; | 140 | ptr = ptr->next; |
141 | } | 141 | } |
142 | printf("\n"); | 142 | fprintf(fp, "\n"); |
143 | } | 143 | } |
144 | } | 144 | } |
145 | 145 | ||
@@ -160,15 +160,15 @@ static void var_callback(char *ptr) { | |||
160 | var_out = filedb_add(var_out, ptr); | 160 | var_out = filedb_add(var_out, ptr); |
161 | } | 161 | } |
162 | 162 | ||
163 | void build_var(const char *fname) { | 163 | void build_var(const char *fname, FILE *fp) { |
164 | assert(fname); | 164 | assert(fname); |
165 | 165 | ||
166 | process_files(fname, "/var", var_callback); | 166 | process_files(fname, "/var", var_callback); |
167 | 167 | ||
168 | if (var_out == NULL) | 168 | if (var_out == NULL) |
169 | printf("blacklist /var\n"); | 169 | fprintf(fp, "blacklist /var\n"); |
170 | else | 170 | else |
171 | filedb_print(var_out, "whitelist "); | 171 | filedb_print(var_out, "whitelist ", fp); |
172 | } | 172 | } |
173 | 173 | ||
174 | 174 | ||
@@ -197,15 +197,15 @@ static void share_callback(char *ptr) { | |||
197 | share_out = filedb_add(share_out, ptr); | 197 | share_out = filedb_add(share_out, ptr); |
198 | } | 198 | } |
199 | 199 | ||
200 | void build_share(const char *fname) { | 200 | void build_share(const char *fname, FILE *fp) { |
201 | assert(fname); | 201 | assert(fname); |
202 | 202 | ||
203 | process_files(fname, "/usr/share", share_callback); | 203 | process_files(fname, "/usr/share", share_callback); |
204 | 204 | ||
205 | if (share_out == NULL) | 205 | if (share_out == NULL) |
206 | printf("blacklist /usr/share\n"); | 206 | fprintf(fp, "blacklist /usr/share\n"); |
207 | else | 207 | else |
208 | filedb_print(share_out, "whitelist "); | 208 | filedb_print(share_out, "whitelist ", fp); |
209 | } | 209 | } |
210 | 210 | ||
211 | //******************************************* | 211 | //******************************************* |
@@ -216,21 +216,21 @@ static void tmp_callback(char *ptr) { | |||
216 | filedb_add(tmp_out, ptr); | 216 | filedb_add(tmp_out, ptr); |
217 | } | 217 | } |
218 | 218 | ||
219 | void build_tmp(const char *fname) { | 219 | void build_tmp(const char *fname, FILE *fp) { |
220 | assert(fname); | 220 | assert(fname); |
221 | 221 | ||
222 | process_files(fname, "/tmp", tmp_callback); | 222 | process_files(fname, "/tmp", tmp_callback); |
223 | 223 | ||
224 | if (tmp_out == NULL) | 224 | if (tmp_out == NULL) |
225 | printf("private-tmp\n"); | 225 | fprintf(fp, "private-tmp\n"); |
226 | else { | 226 | else { |
227 | printf("\n"); | 227 | fprintf(fp, "\n"); |
228 | printf("# private-tmp\n"); | 228 | fprintf(fp, "# private-tmp\n"); |
229 | printf("# File accessed in /tmp directory:\n"); | 229 | fprintf(fp, "# File accessed in /tmp directory:\n"); |
230 | printf("# "); | 230 | fprintf(fp, "# "); |
231 | FileDB *ptr = tmp_out; | 231 | FileDB *ptr = tmp_out; |
232 | while (ptr) { | 232 | while (ptr) { |
233 | printf("%s,", ptr->fname); | 233 | fprintf(fp, "%s,", ptr->fname); |
234 | ptr = ptr->next; | 234 | ptr = ptr->next; |
235 | } | 235 | } |
236 | printf("\n"); | 236 | printf("\n"); |
@@ -294,24 +294,24 @@ static void dev_callback(char *ptr) { | |||
294 | filedb_add(dev_out, ptr); | 294 | filedb_add(dev_out, ptr); |
295 | } | 295 | } |
296 | 296 | ||
297 | void build_dev(const char *fname) { | 297 | void build_dev(const char *fname, FILE *fp) { |
298 | assert(fname); | 298 | assert(fname); |
299 | 299 | ||
300 | process_files(fname, "/dev", dev_callback); | 300 | process_files(fname, "/dev", dev_callback); |
301 | 301 | ||
302 | if (dev_out == NULL) | 302 | if (dev_out == NULL) |
303 | printf("private-dev\n"); | 303 | fprintf(fp, "private-dev\n"); |
304 | else { | 304 | else { |
305 | printf("\n"); | 305 | fprintf(fp, "\n"); |
306 | printf("# private-dev\n"); | 306 | fprintf(fp, "# private-dev\n"); |
307 | printf("# This is the list of devices accessed (on top of regular private-dev devices:\n"); | 307 | fprintf(fp, "# This is the list of devices accessed (on top of regular private-dev devices:\n"); |
308 | printf("# "); | 308 | fprintf(fp, "# "); |
309 | FileDB *ptr = dev_out; | 309 | FileDB *ptr = dev_out; |
310 | while (ptr) { | 310 | while (ptr) { |
311 | printf("%s,", ptr->fname); | 311 | fprintf(fp, "%s,", ptr->fname); |
312 | ptr = ptr->next; | 312 | ptr = ptr->next; |
313 | } | 313 | } |
314 | printf("\n"); | 314 | fprintf(fp, "\n"); |
315 | } | 315 | } |
316 | } | 316 | } |
317 | 317 | ||