diff options
| author |  Glenn Washburn <development@efficientek.com> | 2018-10-09 05:41:17 -0500 |
|---|---|---|
| committer | Glenn Washburn <development@efficientek.com> | 2018-10-15 23:47:44 -0500 |
| commit | ffd51a5c78549839465085ab6480bd5b6642d637 (patch) | |
| tree | 12fd33bfca7100fd2ace3d5c5a3c00b3e117ab6a /src/firejail/profile.c | |
| parent | rename expand_home -> expand_macros to better reflect usage and remove unneed... (diff) | |
| download | firejail-ffd51a5c78549839465085ab6480bd5b6642d637.tar.gz firejail-ffd51a5c78549839465085ab6480bd5b6642d637.tar.zst firejail-ffd51a5c78549839465085ab6480bd5b6642d637.zip | |
Allow specifying a profile "name" with the profile option (eg. --profile=firefox).
Diffstat (limited to 'src/firejail/profile.c')
| -rw-r--r-- | src/firejail/profile.c | 33 |
1 files changed, 26 insertions, 7 deletions
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index f70c0c9d1..4fc710f39 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
| @@ -25,26 +25,29 @@ extern char *xephyr_screen; | |||
| 25 | #define MAX_READ 8192 // line buffer for profile files | 25 | #define MAX_READ 8192 // line buffer for profile files |
| 26 | 26 | ||
| 27 | // find and read the profile specified by name from dir directory | 27 | // find and read the profile specified by name from dir directory |
| 28 | int profile_find(const char *name, const char *dir) { | 28 | int profile_find(const char *name, const char *dir, int add_ext) { |
| 29 | EUID_ASSERT(); | 29 | EUID_ASSERT(); |
| 30 | assert(name); | 30 | assert(name); |
| 31 | assert(dir); | 31 | assert(dir); |
| 32 | 32 | ||
| 33 | int rv = 0; | 33 | int rv = 0; |
| 34 | DIR *dp; | 34 | DIR *dp; |
| 35 | char *pname; | 35 | char *pname = NULL; |
| 36 | if (asprintf(&pname, "%s.profile", name) == -1) | 36 | if (add_ext) |
| 37 | errExit("asprintf"); | 37 | if (asprintf(&pname, "%s.profile", name) == -1) |
| 38 | errExit("asprintf"); | ||
| 39 | else | ||
| 40 | name = pname; | ||
| 38 | 41 | ||
| 39 | dp = opendir (dir); | 42 | dp = opendir (dir); |
| 40 | if (dp != NULL) { | 43 | if (dp != NULL) { |
| 41 | struct dirent *ep; | 44 | struct dirent *ep; |
| 42 | while ((ep = readdir(dp)) != NULL) { | 45 | while ((ep = readdir(dp)) != NULL) { |
| 43 | if (strcmp(ep->d_name, pname) == 0) { | 46 | if (strcmp(ep->d_name, name) == 0) { |
| 44 | if (arg_debug) | 47 | if (arg_debug) |
| 45 | printf("Found %s profile in %s directory\n", name, dir); | 48 | printf("Found %s profile in %s directory\n", name, dir); |
| 46 | char *etcpname; | 49 | char *etcpname; |
| 47 | if (asprintf(&etcpname, "%s/%s", dir, pname) == -1) | 50 | if (asprintf(&etcpname, "%s/%s", dir, name) == -1) |
| 48 | errExit("asprintf"); | 51 | errExit("asprintf"); |
| 49 | profile_read(etcpname); | 52 | profile_read(etcpname); |
| 50 | free(etcpname); | 53 | free(etcpname); |
| @@ -55,10 +58,26 @@ int profile_find(const char *name, const char *dir) { | |||
| 55 | (void) closedir (dp); | 58 | (void) closedir (dp); |
| 56 | } | 59 | } |
| 57 | 60 | ||
| 58 | free(pname); | 61 | if (pname) |
| 62 | free(pname); | ||
| 59 | return rv; | 63 | return rv; |
| 60 | } | 64 | } |
| 61 | 65 | ||
| 66 | // search and read the profile specified by name from firejail directories | ||
| 67 | int profile_find_firejail(const char *name, int add_ext) { | ||
| 68 | // look for a profile in ~/.config/firejail directory | ||
| 69 | char *usercfgdir; | ||
| 70 | if (asprintf(&usercfgdir, "%s/.config/firejail", cfg.homedir) == -1) | ||
| 71 | errExit("asprintf"); | ||
| 72 | int rv = profile_find(name, usercfgdir, add_ext); | ||
| 73 | free(usercfgdir); | ||
| 74 | |||
| 75 | if (!rv) | ||
| 76 | // look for a user profile in /etc/firejail directory | ||
| 77 | rv = profile_find(name, SYSCONFDIR, add_ext); | ||
| 78 | |||
| 79 | return rv; | ||
| 80 | } | ||
| 62 | 81 | ||
| 63 | //*************************************************** | 82 | //*************************************************** |
| 64 | // run-time profiles | 83 | // run-time profiles |