deprecated --git-install and --git-uninstall

author: netblue30 <netblue30@yahoo.com> 2018-04-04 07:41:17 -0400
committer: netblue30 <netblue30@yahoo.com> 2018-04-04 07:41:17 -0400
commit: 23d10c8fa0bc1dface09d71cc9d6475d53c42645 (patch)
tree: 5a5a3b39c1a64d956e31b295990b768795780974 /src/firejail
parent: Merge branch 'master' of http://github.com/netblue30/firejail (diff)
download: firejail-23d10c8fa0bc1dface09d71cc9d6475d53c42645.tar.gz
firejail-23d10c8fa0bc1dface09d71cc9d6475d53c42645.tar.zst
firejail-23d10c8fa0bc1dface09d71cc9d6475d53c42645.zip
4 files changed, 0 insertions, 112 deletions
diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c
index 20845270e..7b0ae30b6 100644
--- a/src/firejail/checkcfg.c
+++ b/src/firejail/checkcfg.c
@@ -450,14 +450,6 @@ void print_compiletime_support(void) {
 #endif
                );
-        printf("\t- git install support is %s\n",
-#ifdef HAVE_GIT_INSTALL
-                "enabled"
-#else
-                "disabled"
-#endif
-                );
        printf("\t- networking support is %s\n",
 #ifdef HAVE_NETWORK
                "enabled"
diff --git a/src/firejail/git.c b/src/firejail/git.c
deleted file mode 100644
index d6525aa89..000000000
--- a/src/firejail/git.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/*
- * Copyright (C) 2014-2018 Firejail Authors
- *
- * This file is part of firejail project
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
- */
-#ifdef HAVE_GIT_INSTALL
-#include "firejail.h"
-#include <sys/utsname.h>
-#include <sched.h>
-#include <sys/mount.h>
-// install a very simple mount namespace sandbox with a tmpfs on top of /tmp
-// and drop privileges
-static void sbox_ns(void) {
-        if (unshare(CLONE_NEWNS) < 0)
-                errExit("unshare");
-        // mount events are not forwarded between the host the sandbox
-        if (mount(NULL, "/", NULL, MS_SLAVE | MS_REC, NULL) < 0) {
-                errExit("mount");
-        }
-        // mount a tmpfs on top of /tmp
-        if (mount(NULL, "/tmp", "tmpfs", 0, NULL) < 0)
-                errExit("mount");
-        // drop privileges
-        if (setgid(getgid()) < 0)
-                errExit("setgid/getgid");
-        if (setuid(getuid()) < 0)
-                errExit("setuid/getuid");
-        assert(getenv("LD_PRELOAD") == NULL);
-        printf("Running as "); fflush(0);
-        int rv = system("whoami");
-        (void) rv;
-        printf("/tmp directory: "); fflush(0);
-        rv = system("ls -l /tmp");
-        (void) rv;
-}
-void git_install(void) {
-        // redirect to "/usr/bin/firejail --noprofile --private-tmp /usr/lib/firejail/fgit-install.sh"
-        EUID_ASSERT();
-        EUID_ROOT();
-        // install a mount namespace with a tmpfs on top of /tmp
-        sbox_ns();
-        // run command
-        const char *cmd = LIBDIR "/firejail/fgit-install.sh";
-        int rv = system(cmd);
-        (void) rv;
-        exit(0);
-}
-void git_uninstall(void) {
-        // redirect to "/usr/bin/firejail --noprofile --private-tmp /usr/lib/firejail/fgit-install.sh"
-        EUID_ASSERT();
-        EUID_ROOT();
-        // install a mount namespace with a tmpfs on top of /tmp
-        sbox_ns();
-        // run command
-        const char *cmd = LIBDIR "/firejail/fgit-uninstall.sh";
-        int rv = system(cmd);
-        (void) rv;
-        exit(0);
-}
-#endif // HAVE_GIT_INSTALL
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 0d53a24a8..f34d2eb79 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -890,15 +890,6 @@ int main(int argc, char **argv) {
                profile_add(cmd);
        }
-#ifdef HAVE_GIT_INSTALL
-        // process git-install and git-uninstall
-        if (check_arg(argc, argv, "--git-install", 1))
-                git_install(); // this function will not return
-        if (check_arg(argc, argv, "--git-uninstall", 1))
-                git_uninstall(); // this function will not return
-#endif
        // profile builder
        if (check_arg(argc, argv, "--build", 0)) // supports both --build and --build=filename
                run_builder(argc, argv); // this function will not return
diff --git a/src/firejail/usage.c b/src/firejail/usage.c
index 542747efc..effbf3751 100644
--- a/src/firejail/usage.c
+++ b/src/firejail/usage.c
@@ -78,11 +78,6 @@ static char *usage_str =
        "    --env=name=value - set environment variable.\n"
        "    --fs.print=name|pid - print the filesystem log.\n"
        "    --get=name|pid filename - get a file from sandbox container.\n"
-#ifdef HAVE_GIT_INSTALL
-        "    --git-install - download, compile and install mainline git version\n"
-        "\tof Firejail.\n"
-        "    --git-uninstall - uninstall mainline git version of Firejail\n"
-#endif
        "    --help, -? - this help screen.\n"
        "    --hostname=name - set sandbox hostname.\n"
        "    --hosts-file=file - use file as /etc/hosts.\n"
author	netblue30 <netblue30@yahoo.com>	2018-04-04 07:41:17 -0400
committer	netblue30 <netblue30@yahoo.com>	2018-04-04 07:41:17 -0400
commit	23d10c8fa0bc1dface09d71cc9d6475d53c42645 (patch)
tree	5a5a3b39c1a64d956e31b295990b768795780974 /src/firejail
parent	Merge branch 'master' of http://github.com/netblue30/firejail (diff)
download	firejail-23d10c8fa0bc1dface09d71cc9d6475d53c42645.tar.gz firejail-23d10c8fa0bc1dface09d71cc9d6475d53c42645.tar.zst firejail-23d10c8fa0bc1dface09d71cc9d6475d53c42645.zip

diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c index 20845270e..7b0ae30b6 100644 --- a/src/firejail/checkcfg.c +++ b/src/firejail/checkcfg.c
@@ -450,14 +450,6 @@ void print_compiletime_support(void) {
450	#endif	450	#endif
451	);	451	);
452		452
453	printf("\t- git install support is %s\n",
454	#ifdef HAVE_GIT_INSTALL
455	"enabled"
456	#else
457	"disabled"
458	#endif
459	);
460
461	printf("\t- networking support is %s\n",	453	printf("\t- networking support is %s\n",
462	#ifdef HAVE_NETWORK	454	#ifdef HAVE_NETWORK
463	"enabled"	455	"enabled"


diff --git a/src/firejail/git.c b/src/firejail/git.c deleted file mode 100644 index d6525aa89..000000000 --- a/src/firejail/git.c +++ /dev/null
@@ -1,90 +0,0 @@
1	/*
2	* Copyright (C) 2014-2018 Firejail Authors
3	*
4	* This file is part of firejail project
5	*
6	* This program is free software; you can redistribute it and/or modify
7	* it under the terms of the GNU General Public License as published by
8	* the Free Software Foundation; either version 2 of the License, or
9	* (at your option) any later version.
10	*
11	* This program is distributed in the hope that it will be useful,
12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14	* GNU General Public License for more details.
15	*
16	* You should have received a copy of the GNU General Public License along
17	* with this program; if not, write to the Free Software Foundation, Inc.,
18	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
19	*/
20
21	#ifdef HAVE_GIT_INSTALL
22
23	#include "firejail.h"
24	#include <sys/utsname.h>
25	#include <sched.h>
26	#include <sys/mount.h>
27
28	// install a very simple mount namespace sandbox with a tmpfs on top of /tmp
29	// and drop privileges
30	static void sbox_ns(void) {
31	if (unshare(CLONE_NEWNS) < 0)
32	errExit("unshare");
33
34	// mount events are not forwarded between the host the sandbox
35	if (mount(NULL, "/", NULL, MS_SLAVE \| MS_REC, NULL) < 0) {
36	errExit("mount");
37	}
38
39	// mount a tmpfs on top of /tmp
40	if (mount(NULL, "/tmp", "tmpfs", 0, NULL) < 0)
41	errExit("mount");
42
43
44	// drop privileges
45	if (setgid(getgid()) < 0)
46	errExit("setgid/getgid");
47	if (setuid(getuid()) < 0)
48	errExit("setuid/getuid");
49	assert(getenv("LD_PRELOAD") == NULL);
50
51	printf("Running as "); fflush(0);
52	int rv = system("whoami");
53	(void) rv;
54	printf("/tmp directory: "); fflush(0);
55	rv = system("ls -l /tmp");
56	(void) rv;
57	}
58
59
60	void git_install(void) {
61	// redirect to "/usr/bin/firejail --noprofile --private-tmp /usr/lib/firejail/fgit-install.sh"
62	EUID_ASSERT();
63	EUID_ROOT();
64
65	// install a mount namespace with a tmpfs on top of /tmp
66	sbox_ns();
67
68	// run command
69	const char *cmd = LIBDIR "/firejail/fgit-install.sh";
70	int rv = system(cmd);
71	(void) rv;
72	exit(0);
73	}
74
75	void git_uninstall(void) {
76	// redirect to "/usr/bin/firejail --noprofile --private-tmp /usr/lib/firejail/fgit-install.sh"
77	EUID_ASSERT();
78	EUID_ROOT();
79
80	// install a mount namespace with a tmpfs on top of /tmp
81	sbox_ns();
82
83	// run command
84	const char *cmd = LIBDIR "/firejail/fgit-uninstall.sh";
85	int rv = system(cmd);
86	(void) rv;
87	exit(0);
88	}
89
90	#endif // HAVE_GIT_INSTALL


diff --git a/src/firejail/main.c b/src/firejail/main.c index 0d53a24a8..f34d2eb79 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c
@@ -890,15 +890,6 @@ int main(int argc, char **argv) {
890	profile_add(cmd);	890	profile_add(cmd);
891	}	891	}
892		892
893
894	#ifdef HAVE_GIT_INSTALL
895	// process git-install and git-uninstall
896	if (check_arg(argc, argv, "--git-install", 1))
897	git_install(); // this function will not return
898	if (check_arg(argc, argv, "--git-uninstall", 1))
899	git_uninstall(); // this function will not return
900	#endif
901
902	// profile builder	893	// profile builder
903	if (check_arg(argc, argv, "--build", 0)) // supports both --build and --build=filename	894	if (check_arg(argc, argv, "--build", 0)) // supports both --build and --build=filename
904	run_builder(argc, argv); // this function will not return	895	run_builder(argc, argv); // this function will not return


diff --git a/src/firejail/usage.c b/src/firejail/usage.c index 542747efc..effbf3751 100644 --- a/src/firejail/usage.c +++ b/src/firejail/usage.c
@@ -78,11 +78,6 @@ static char *usage_str =
78	" --env=name=value - set environment variable.\n"	78	" --env=name=value - set environment variable.\n"
79	" --fs.print=name\|pid - print the filesystem log.\n"	79	" --fs.print=name\|pid - print the filesystem log.\n"
80	" --get=name\|pid filename - get a file from sandbox container.\n"	80	" --get=name\|pid filename - get a file from sandbox container.\n"
81	#ifdef HAVE_GIT_INSTALL
82	" --git-install - download, compile and install mainline git version\n"
83	"\tof Firejail.\n"
84	" --git-uninstall - uninstall mainline git version of Firejail\n"
85	#endif
86	" --help, -? - this help screen.\n"	81	" --help, -? - this help screen.\n"
87	" --hostname=name - set sandbox hostname.\n"	82	" --hostname=name - set sandbox hostname.\n"
88	" --hosts-file=file - use file as /etc/hosts.\n"	83	" --hosts-file=file - use file as /etc/hosts.\n"