diff options
author | 2018-10-09 05:41:17 -0500 | |
---|---|---|
committer | 2018-10-15 23:47:44 -0500 | |
commit | ffd51a5c78549839465085ab6480bd5b6642d637 (patch) | |
tree | 12fd33bfca7100fd2ace3d5c5a3c00b3e117ab6a /src/firejail/profile.c | |
parent | rename expand_home -> expand_macros to better reflect usage and remove unneed... (diff) | |
download | firejail-ffd51a5c78549839465085ab6480bd5b6642d637.tar.gz firejail-ffd51a5c78549839465085ab6480bd5b6642d637.tar.zst firejail-ffd51a5c78549839465085ab6480bd5b6642d637.zip |
Allow specifying a profile "name" with the profile option (eg. --profile=firefox).
Diffstat (limited to 'src/firejail/profile.c')
-rw-r--r-- | src/firejail/profile.c | 33 |
1 files changed, 26 insertions, 7 deletions
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index f70c0c9d1..4fc710f39 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
@@ -25,26 +25,29 @@ extern char *xephyr_screen; | |||
25 | #define MAX_READ 8192 // line buffer for profile files | 25 | #define MAX_READ 8192 // line buffer for profile files |
26 | 26 | ||
27 | // find and read the profile specified by name from dir directory | 27 | // find and read the profile specified by name from dir directory |
28 | int profile_find(const char *name, const char *dir) { | 28 | int profile_find(const char *name, const char *dir, int add_ext) { |
29 | EUID_ASSERT(); | 29 | EUID_ASSERT(); |
30 | assert(name); | 30 | assert(name); |
31 | assert(dir); | 31 | assert(dir); |
32 | 32 | ||
33 | int rv = 0; | 33 | int rv = 0; |
34 | DIR *dp; | 34 | DIR *dp; |
35 | char *pname; | 35 | char *pname = NULL; |
36 | if (asprintf(&pname, "%s.profile", name) == -1) | 36 | if (add_ext) |
37 | errExit("asprintf"); | 37 | if (asprintf(&pname, "%s.profile", name) == -1) |
38 | errExit("asprintf"); | ||
39 | else | ||
40 | name = pname; | ||
38 | 41 | ||
39 | dp = opendir (dir); | 42 | dp = opendir (dir); |
40 | if (dp != NULL) { | 43 | if (dp != NULL) { |
41 | struct dirent *ep; | 44 | struct dirent *ep; |
42 | while ((ep = readdir(dp)) != NULL) { | 45 | while ((ep = readdir(dp)) != NULL) { |
43 | if (strcmp(ep->d_name, pname) == 0) { | 46 | if (strcmp(ep->d_name, name) == 0) { |
44 | if (arg_debug) | 47 | if (arg_debug) |
45 | printf("Found %s profile in %s directory\n", name, dir); | 48 | printf("Found %s profile in %s directory\n", name, dir); |
46 | char *etcpname; | 49 | char *etcpname; |
47 | if (asprintf(&etcpname, "%s/%s", dir, pname) == -1) | 50 | if (asprintf(&etcpname, "%s/%s", dir, name) == -1) |
48 | errExit("asprintf"); | 51 | errExit("asprintf"); |
49 | profile_read(etcpname); | 52 | profile_read(etcpname); |
50 | free(etcpname); | 53 | free(etcpname); |
@@ -55,10 +58,26 @@ int profile_find(const char *name, const char *dir) { | |||
55 | (void) closedir (dp); | 58 | (void) closedir (dp); |
56 | } | 59 | } |
57 | 60 | ||
58 | free(pname); | 61 | if (pname) |
62 | free(pname); | ||
59 | return rv; | 63 | return rv; |
60 | } | 64 | } |
61 | 65 | ||
66 | // search and read the profile specified by name from firejail directories | ||
67 | int profile_find_firejail(const char *name, int add_ext) { | ||
68 | // look for a profile in ~/.config/firejail directory | ||
69 | char *usercfgdir; | ||
70 | if (asprintf(&usercfgdir, "%s/.config/firejail", cfg.homedir) == -1) | ||
71 | errExit("asprintf"); | ||
72 | int rv = profile_find(name, usercfgdir, add_ext); | ||
73 | free(usercfgdir); | ||
74 | |||
75 | if (!rv) | ||
76 | // look for a user profile in /etc/firejail directory | ||
77 | rv = profile_find(name, SYSCONFDIR, add_ext); | ||
78 | |||
79 | return rv; | ||
80 | } | ||
62 | 81 | ||
63 | //*************************************************** | 82 | //*************************************************** |
64 | // run-time profiles | 83 | // run-time profiles |