diff options
author | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2020-04-21 19:59:08 +0200 |
---|---|---|
committer | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2020-04-21 20:07:48 +0200 |
commit | e09724f53dad4dce14966f746bc18ce359133e51 (patch) | |
tree | d5c507880b5451b569895722385169e151666d21 /src/fbuilder/build_home.c | |
parent | update issue template + add ICEauthority to wruc (diff) | |
download | firejail-e09724f53dad4dce14966f746bc18ce359133e51.tar.gz firejail-e09724f53dad4dce14966f746bc18ce359133e51.tar.zst firejail-e09724f53dad4dce14966f746bc18ce359133e51.zip |
update --build
The profile generated by --build are quite outdated. There are still a
lot of things left to do.
- fix #2150 (whitelist-common.inc is still opened from /etc/firejail)
- include wusc and wvc (todo: remove whitelists in wusc/wvc from the
generated profile.)
- fix parsing wc / use ${HOME} macro instead of ~
- update profile headers
- include all disable includes (mustly commented) in the output
- reorder the filesystem section
Diffstat (limited to 'src/fbuilder/build_home.c')
-rw-r--r-- | src/fbuilder/build_home.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/fbuilder/build_home.c b/src/fbuilder/build_home.c index 8db17a942..fca3396c4 100644 --- a/src/fbuilder/build_home.c +++ b/src/fbuilder/build_home.c | |||
@@ -32,9 +32,9 @@ static void load_whitelist_common(void) { | |||
32 | 32 | ||
33 | char buf[MAX_BUF]; | 33 | char buf[MAX_BUF]; |
34 | while (fgets(buf, MAX_BUF, fp)) { | 34 | while (fgets(buf, MAX_BUF, fp)) { |
35 | if (strncmp(buf, "whitelist ~/", 12) != 0) | 35 | if (strncmp(buf, "whitelist ${HOME}/", 18) != 0) |
36 | continue; | 36 | continue; |
37 | char *fn = buf + 12; | 37 | char *fn = buf + 18; |
38 | char *ptr = strchr(buf, '\n'); | 38 | char *ptr = strchr(buf, '\n'); |
39 | if (!ptr) | 39 | if (!ptr) |
40 | continue; | 40 | continue; |
@@ -190,8 +190,8 @@ void build_home(const char *fname, FILE *fp) { | |||
190 | 190 | ||
191 | // print the out list if any | 191 | // print the out list if any |
192 | if (db_out) { | 192 | if (db_out) { |
193 | filedb_print(db_out, "whitelist ~/", fp); | 193 | filedb_print(db_out, "whitelist ${HOME}/", fp); |
194 | fprintf(fp, "include /etc/firejail/whitelist-common.inc\n"); | 194 | fprintf(fp, "include whitelist-common.inc\n"); |
195 | } | 195 | } |
196 | else | 196 | else |
197 | fprintf(fp, "private\n"); | 197 | fprintf(fp, "private\n"); |