diff options
author | netblue30 <netblue30@protonmail.com> | 2021-11-30 08:23:01 -0500 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2021-11-30 08:23:01 -0500 |
commit | 8f93df99f16820d0b54a05e98abbcd8fcd1b83f1 (patch) | |
tree | b22face0e67d7a27fc0b679f6c74ae3a5b67820d /src/profstats/main.c | |
parent | Merge pull request #4712 from kmk3/configure-improvements2 (diff) | |
download | firejail-8f93df99f16820d0b54a05e98abbcd8fcd1b83f1.tar.gz firejail-8f93df99f16820d0b54a05e98abbcd8fcd1b83f1.tar.zst firejail-8f93df99f16820d0b54a05e98abbcd8fcd1b83f1.zip |
install profstats in /etc/firejail directory - undocumented, used only for development
Diffstat (limited to 'src/profstats/main.c')
-rw-r--r-- | src/profstats/main.c | 24 |
1 files changed, 22 insertions, 2 deletions
diff --git a/src/profstats/main.c b/src/profstats/main.c index 10e44bd65..72c0710fe 100644 --- a/src/profstats/main.c +++ b/src/profstats/main.c | |||
@@ -67,11 +67,11 @@ static int arg_dbus_system_none = 0; | |||
67 | static int arg_dbus_user_none = 0; | 67 | static int arg_dbus_user_none = 0; |
68 | static int arg_whitelisthome = 0; | 68 | static int arg_whitelisthome = 0; |
69 | static int arg_noroot = 0; | 69 | static int arg_noroot = 0; |
70 | 70 | static int arg_print_blacklist = 0; | |
71 | static int arg_print_whitelist = 0; | ||
71 | 72 | ||
72 | static char *profile = NULL; | 73 | static char *profile = NULL; |
73 | 74 | ||
74 | |||
75 | static void usage(void) { | 75 | static void usage(void) { |
76 | printf("proftool - print profile statistics\n"); | 76 | printf("proftool - print profile statistics\n"); |
77 | printf("Usage: proftool [options] file[s]\n"); | 77 | printf("Usage: proftool [options] file[s]\n"); |
@@ -87,6 +87,8 @@ static void usage(void) { | |||
87 | printf(" --private-dev - print profiles without private-dev\n"); | 87 | printf(" --private-dev - print profiles without private-dev\n"); |
88 | printf(" --private-etc - print profiles without private-etc\n"); | 88 | printf(" --private-etc - print profiles without private-etc\n"); |
89 | printf(" --private-tmp - print profiles without private-tmp\n"); | 89 | printf(" --private-tmp - print profiles without private-tmp\n"); |
90 | printf(" --print-blacklist - print all blacklists for a profile\n"); | ||
91 | printf(" --print-whitelist - print all whitelists for a profile\n"); | ||
90 | printf(" --seccomp - print profiles without seccomp\n"); | 92 | printf(" --seccomp - print profiles without seccomp\n"); |
91 | printf(" --memory-deny-write-execute - profile without \"memory-deny-write-execute\"\n"); | 93 | printf(" --memory-deny-write-execute - profile without \"memory-deny-write-execute\"\n"); |
92 | printf(" --whitelist-home - print profiles whitelisting home directory\n"); | 94 | printf(" --whitelist-home - print profiles whitelisting home directory\n"); |
@@ -125,6 +127,17 @@ void process_file(const char *fname) { | |||
125 | if (*ptr == '\n' || *ptr == '#') | 127 | if (*ptr == '\n' || *ptr == '#') |
126 | continue; | 128 | continue; |
127 | 129 | ||
130 | if (arg_print_blacklist) { | ||
131 | if (strncmp(ptr, "blacklist", 9) == 0 || | ||
132 | strncmp(ptr, "noblacklist", 11) == 0) | ||
133 | printf("%s: %s\n", fname, ptr); | ||
134 | } | ||
135 | else if (arg_print_whitelist) { | ||
136 | if (strncmp(ptr, "whitelist", 9) == 0 || | ||
137 | strncmp(ptr, "nowhitelist", 11) == 0) | ||
138 | printf("%s: %s\n", fname, ptr); | ||
139 | } | ||
140 | |||
128 | if (strncmp(ptr, "seccomp", 7) == 0) | 141 | if (strncmp(ptr, "seccomp", 7) == 0) |
129 | cnt_seccomp++; | 142 | cnt_seccomp++; |
130 | else if (strncmp(ptr, "caps", 4) == 0) | 143 | else if (strncmp(ptr, "caps", 4) == 0) |
@@ -227,6 +240,10 @@ int main(int argc, char **argv) { | |||
227 | arg_privatetmp = 1; | 240 | arg_privatetmp = 1; |
228 | else if (strcmp(argv[i], "--private-etc") == 0) | 241 | else if (strcmp(argv[i], "--private-etc") == 0) |
229 | arg_privateetc = 1; | 242 | arg_privateetc = 1; |
243 | else if (strcmp(argv[i], "--print-blacklist") == 0) | ||
244 | arg_print_blacklist = 1; | ||
245 | else if (strcmp(argv[i], "--print-whitelist") == 0) | ||
246 | arg_print_whitelist = 1; | ||
230 | else if (strcmp(argv[i], "--whitelist-home") == 0) | 247 | else if (strcmp(argv[i], "--whitelist-home") == 0) |
231 | arg_whitelisthome = 1; | 248 | arg_whitelisthome = 1; |
232 | else if (strcmp(argv[i], "--whitelist-var") == 0) | 249 | else if (strcmp(argv[i], "--whitelist-var") == 0) |
@@ -347,6 +364,9 @@ int main(int argc, char **argv) { | |||
347 | assert(level == 0); | 364 | assert(level == 0); |
348 | } | 365 | } |
349 | 366 | ||
367 | if (arg_print_blacklist || arg_print_whitelist) | ||
368 | return 0; | ||
369 | |||
350 | printf("\n"); | 370 | printf("\n"); |
351 | printf("Stats:\n"); | 371 | printf("Stats:\n"); |
352 | printf(" profiles\t\t\t%d\n", cnt_profiles); | 372 | printf(" profiles\t\t\t%d\n", cnt_profiles); |