diff options
author | netblue30 <netblue30@yahoo.com> | 2017-10-22 11:09:50 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-10-22 11:09:50 -0400 |
commit | ba231088e6bd8e4c52e372f7a4d2928ee7bf223a (patch) | |
tree | 614f1fbcbdaa6ae5ac6a2148bd13cb6073b263e7 /src/fbuilder/main.c | |
parent | --build fixes (diff) | |
download | firejail-ba231088e6bd8e4c52e372f7a4d2928ee7bf223a.tar.gz firejail-ba231088e6bd8e4c52e372f7a4d2928ee7bf223a.tar.zst firejail-ba231088e6bd8e4c52e372f7a4d2928ee7bf223a.zip |
--build: save the resulting profile in a file
Diffstat (limited to 'src/fbuilder/main.c')
-rw-r--r-- | src/fbuilder/main.c | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/src/fbuilder/main.c b/src/fbuilder/main.c index 83217ef98..1b997ccdb 100644 --- a/src/fbuilder/main.c +++ b/src/fbuilder/main.c | |||
@@ -22,7 +22,7 @@ int arg_debug = 0; | |||
22 | 22 | ||
23 | static void usage(void) { | 23 | static void usage(void) { |
24 | printf("Firejail profile builder\n"); | 24 | printf("Firejail profile builder\n"); |
25 | printf("Usage: firejail [--debug] --build program-and-arguments\n"); | 25 | printf("Usage: firejail [--debug] --build[=profile-file] program-and-arguments\n"); |
26 | } | 26 | } |
27 | 27 | ||
28 | int main(int argc, char **argv) { | 28 | int main(int argc, char **argv) { |
@@ -38,6 +38,8 @@ printf("\n"); | |||
38 | 38 | ||
39 | int i; | 39 | int i; |
40 | int prog_index = 0; | 40 | int prog_index = 0; |
41 | FILE *fp = stdout; | ||
42 | int prof_file = 0; | ||
41 | 43 | ||
42 | // parse arguments and extract program index | 44 | // parse arguments and extract program index |
43 | for (i = 1; i < argc; i++) { | 45 | for (i = 1; i < argc; i++) { |
@@ -49,6 +51,22 @@ printf("\n"); | |||
49 | arg_debug = 1; | 51 | arg_debug = 1; |
50 | else if (strcmp(argv[i], "--build") == 0) | 52 | else if (strcmp(argv[i], "--build") == 0) |
51 | ; // do nothing, this is passed down from firejail | 53 | ; // do nothing, this is passed down from firejail |
54 | else if (strncmp(argv[i], "--build=", 8) == 0) { | ||
55 | // this option is only supported for non-root users | ||
56 | if (getuid() == 0) { | ||
57 | fprintf(stderr, "Error fbuild: --build=profile-name is not supported for root user.\n"); | ||
58 | exit(1); | ||
59 | } | ||
60 | |||
61 | // check file access | ||
62 | fp = fopen(argv[i] + 8, "w"); | ||
63 | if (!fp) { | ||
64 | fprintf(stderr, "Error fbuild: cannot open profile file.\n"); | ||
65 | exit(1); | ||
66 | } | ||
67 | prof_file = 1; | ||
68 | // do nothing, this is passed down from firejail | ||
69 | } | ||
52 | else { | 70 | else { |
53 | if (*argv[i] == '-') { | 71 | if (*argv[i] == '-') { |
54 | fprintf(stderr, "Error fbuilder: invalid program\n"); | 72 | fprintf(stderr, "Error fbuilder: invalid program\n"); |
@@ -63,9 +81,13 @@ printf("\n"); | |||
63 | if (prog_index == 0) { | 81 | if (prog_index == 0) { |
64 | fprintf(stderr, "Error fbuilder: program and arguments required\n"); | 82 | fprintf(stderr, "Error fbuilder: program and arguments required\n"); |
65 | usage(); | 83 | usage(); |
84 | if (prof_file) | ||
85 | fclose(fp); | ||
66 | exit(1); | 86 | exit(1); |
67 | } | 87 | } |
68 | 88 | ||
69 | build_profile(argc, argv, prog_index); | 89 | build_profile(argc, argv, prog_index, fp); |
90 | if (prof_file) | ||
91 | fclose(fp); | ||
70 | return 0; | 92 | return 0; |
71 | } | 93 | } |