Revert "allow/deny fbuilder"

This reverts commit 4438f14f2892b5c88d158ae8fad0a80a2eebfd44. Also, partially revert related commit e4307b409 ("fix whitelist/allow in make test-utils") to keep the tests working. The profiles are being generated using aliases, which are not used on the profiles in the repository. So generate them using the normal commands for consistency. See also commit dd13595b8 ("Revert "allow/deny help and man pages"") / PR #4502. Relates to #4410. Misc: I noticed this on issue #4592.
author: Kelvin M. Klann <kmk3.code@protonmail.com> 2021-10-05 17:54:03 -0300
committer: Kelvin M. Klann <kmk3.code@protonmail.com> 2021-10-06 15:19:52 -0300
commit: a7e4b9b9b20bc62985e03435e2eee41dd62e0318 (patch)
tree: 94653e21cfae01b7d1f607d46be46ff088e02f0c /src/fbuilder/build_home.c
parent: build_profile.c: fix typo of "begins" (diff)
download: firejail-a7e4b9b9b20bc62985e03435e2eee41dd62e0318.tar.gz
firejail-a7e4b9b9b20bc62985e03435e2eee41dd62e0318.tar.zst
firejail-a7e4b9b9b20bc62985e03435e2eee41dd62e0318.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/fbuilder/build_home.c b/src/fbuilder/build_home.c
index c85474779..0fe0ffef6 100644
--- a/src/fbuilder/build_home.c
+++ b/src/fbuilder/build_home.c
@@ -140,7 +140,7 @@ void build_home(const char *fname, FILE *fp) {
        assert(fname);
        // load whitelist common
-        db_skip = filedb_load_whitelist(db_skip, "whitelist-common.inc", "allow ${HOME}/");
+        db_skip = filedb_load_whitelist(db_skip, "whitelist-common.inc", "whitelist ${HOME}/");
        // find user home directory
        struct passwd *pw = getpwuid(getuid());
@@ -168,7 +168,7 @@ void build_home(const char *fname, FILE *fp) {
        // print the out list if any
        if (db_out) {
-                filedb_print(db_out, "allow ${HOME}/", fp);
+                filedb_print(db_out, "whitelist ${HOME}/", fp);
                fprintf(fp, "include whitelist-common.inc\n");
        }
        else
author	Kelvin M. Klann <kmk3.code@protonmail.com>	2021-10-05 17:54:03 -0300
committer	Kelvin M. Klann <kmk3.code@protonmail.com>	2021-10-06 15:19:52 -0300
commit	a7e4b9b9b20bc62985e03435e2eee41dd62e0318 (patch)
tree	94653e21cfae01b7d1f607d46be46ff088e02f0c /src/fbuilder/build_home.c
parent	build_profile.c: fix typo of "begins" (diff)
download	firejail-a7e4b9b9b20bc62985e03435e2eee41dd62e0318.tar.gz firejail-a7e4b9b9b20bc62985e03435e2eee41dd62e0318.tar.zst firejail-a7e4b9b9b20bc62985e03435e2eee41dd62e0318.zip

diff --git a/src/fbuilder/build_home.c b/src/fbuilder/build_home.c index c85474779..0fe0ffef6 100644 --- a/src/fbuilder/build_home.c +++ b/src/fbuilder/build_home.c
@@ -140,7 +140,7 @@ void build_home(const char fname, FILE fp) {
140	assert(fname);	140	assert(fname);
141		141
142	// load whitelist common	142	// load whitelist common
143	db_skip = filedb_load_whitelist(db_skip, "whitelist-common.inc", "allow ${HOME}/");	143	db_skip = filedb_load_whitelist(db_skip, "whitelist-common.inc", "whitelist ${HOME}/");
144		144
145	// find user home directory	145	// find user home directory
146	struct passwd *pw = getpwuid(getuid());	146	struct passwd *pw = getpwuid(getuid());
@@ -168,7 +168,7 @@ void build_home(const char fname, FILE fp) {
168		168
169	// print the out list if any	169	// print the out list if any
170	if (db_out) {	170	if (db_out) {
171	filedb_print(db_out, "allow ${HOME}/", fp);	171	filedb_print(db_out, "whitelist ${HOME}/", fp);
172	fprintf(fp, "include whitelist-common.inc\n");	172	fprintf(fp, "include whitelist-common.inc\n");
173	}	173	}
174	else	174	else