update --build

The profile generated by --build are quite outdated. There are still a lot of things left to do. - fix #2150 (whitelist-common.inc is still opened from /etc/firejail) - include wusc and wvc (todo: remove whitelists in wusc/wvc from the generated profile.) - fix parsing wc / use ${HOME} macro instead of ~ - update profile headers - include all disable includes (mustly commented) in the output - reorder the filesystem section
author: rusty-snake <41237666+rusty-snake@users.noreply.github.com> 2020-04-21 19:59:08 +0200
committer: rusty-snake <41237666+rusty-snake@users.noreply.github.com> 2020-04-21 20:07:48 +0200
commit: e09724f53dad4dce14966f746bc18ce359133e51 (patch)
tree: d5c507880b5451b569895722385169e151666d21 /src/fbuilder/build_home.c
parent: update issue template + add ICEauthority to wruc (diff)
download: firejail-e09724f53dad4dce14966f746bc18ce359133e51.tar.gz
firejail-e09724f53dad4dce14966f746bc18ce359133e51.tar.zst
firejail-e09724f53dad4dce14966f746bc18ce359133e51.zip
1 files changed, 4 insertions, 4 deletions
diff --git a/src/fbuilder/build_home.c b/src/fbuilder/build_home.c
index 8db17a942..fca3396c4 100644
--- a/src/fbuilder/build_home.c
+++ b/src/fbuilder/build_home.c
@@ -32,9 +32,9 @@ static void load_whitelist_common(void) {
        char buf[MAX_BUF];
        while (fgets(buf, MAX_BUF, fp)) {
-                if (strncmp(buf, "whitelist ~/", 12) != 0)
+                if (strncmp(buf, "whitelist ${HOME}/", 18) != 0)
                        continue;
-                char *fn = buf + 12;
+                char *fn = buf + 18;
                char *ptr = strchr(buf, '\n');
                if (!ptr)
                        continue;
@@ -190,8 +190,8 @@ void build_home(const char *fname, FILE *fp) {
        // print the out list if any
        if (db_out) {
-                filedb_print(db_out, "whitelist ~/", fp);
+                filedb_print(db_out, "whitelist ${HOME}/", fp);
-                fprintf(fp, "include /etc/firejail/whitelist-common.inc\n");
+                fprintf(fp, "include whitelist-common.inc\n");
        }
        else
                fprintf(fp, "private\n");
author	rusty-snake <41237666+rusty-snake@users.noreply.github.com>	2020-04-21 19:59:08 +0200
committer	rusty-snake <41237666+rusty-snake@users.noreply.github.com>	2020-04-21 20:07:48 +0200
commit	e09724f53dad4dce14966f746bc18ce359133e51 (patch)
tree	d5c507880b5451b569895722385169e151666d21 /src/fbuilder/build_home.c
parent	update issue template + add ICEauthority to wruc (diff)
download	firejail-e09724f53dad4dce14966f746bc18ce359133e51.tar.gz firejail-e09724f53dad4dce14966f746bc18ce359133e51.tar.zst firejail-e09724f53dad4dce14966f746bc18ce359133e51.zip

diff --git a/src/fbuilder/build_home.c b/src/fbuilder/build_home.c index 8db17a942..fca3396c4 100644 --- a/src/fbuilder/build_home.c +++ b/src/fbuilder/build_home.c
@@ -32,9 +32,9 @@ static void load_whitelist_common(void) {
32		32
33	char buf[MAX_BUF];	33	char buf[MAX_BUF];
34	while (fgets(buf, MAX_BUF, fp)) {	34	while (fgets(buf, MAX_BUF, fp)) {
35	if (strncmp(buf, "whitelist ~/", 12) != 0)	35	if (strncmp(buf, "whitelist ${HOME}/", 18) != 0)
36	continue;	36	continue;
37	char *fn = buf + 12;	37	char *fn = buf + 18;
38	char *ptr = strchr(buf, '\n');	38	char *ptr = strchr(buf, '\n');
39	if (!ptr)	39	if (!ptr)
40	continue;	40	continue;
@@ -190,8 +190,8 @@ void build_home(const char fname, FILE fp) {
190		190
191	// print the out list if any	191	// print the out list if any
192	if (db_out) {	192	if (db_out) {
193	filedb_print(db_out, "whitelist ~/", fp);	193	filedb_print(db_out, "whitelist ${HOME}/", fp);
194	fprintf(fp, "include /etc/firejail/whitelist-common.inc\n");	194	fprintf(fp, "include whitelist-common.inc\n");
195	}	195	}
196	else	196	else
197	fprintf(fp, "private\n");	197	fprintf(fp, "private\n");