diff options
author | netblue30 <netblue30@protonmail.com> | 2023-02-05 07:53:06 -0500 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2023-02-05 07:53:06 -0500 |
commit | f64a9cccec5d386bc3ce1454d907b998b915e656 (patch) | |
tree | ab13de496b84fe0c5b4e4aafbef06152f4dbe8e2 /src/tools/cleanup_etc.c | |
parent | RELNOTES: add build items (diff) | |
download | firejail-f64a9cccec5d386bc3ce1454d907b998b915e656.tar.gz firejail-f64a9cccec5d386bc3ce1454d907b998b915e656.tar.zst firejail-f64a9cccec5d386bc3ce1454d907b998b915e656.zip |
private-etc: cleanup tool
Diffstat (limited to 'src/tools/cleanup_etc.c')
-rw-r--r-- | src/tools/cleanup_etc.c | 231 |
1 files changed, 231 insertions, 0 deletions
diff --git a/src/tools/cleanup_etc.c b/src/tools/cleanup_etc.c new file mode 100644 index 000000000..5c926a8c6 --- /dev/null +++ b/src/tools/cleanup_etc.c | |||
@@ -0,0 +1,231 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2014-2022 Firejail Authors | ||
3 | * | ||
4 | * This file is part of firejail project | ||
5 | * | ||
6 | * This program is free software; you can redistribute it and/or modify | ||
7 | * it under the terms of the GNU General Public License as published by | ||
8 | * the Free Software Foundation; either version 2 of the License, or | ||
9 | * (at your option) any later version. | ||
10 | * | ||
11 | * This program is distributed in the hope that it will be useful, | ||
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
14 | * GNU General Public License for more details. | ||
15 | * | ||
16 | * You should have received a copy of the GNU General Public License along | ||
17 | * with this program; if not, write to the Free Software Foundation, Inc., | ||
18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | ||
19 | */ | ||
20 | |||
21 | #include <stdio.h> | ||
22 | #include <stdlib.h> | ||
23 | #include <string.h> | ||
24 | #include <stdarg.h> | ||
25 | #include <assert.h> | ||
26 | #include "../include/etc_groups.h" | ||
27 | #define errExit(msg) do { char msgout[500]; sprintf(msgout, "Error %s:%s(%d)", msg, __FUNCTION__, __LINE__); perror(msgout); exit(1);} while (0) | ||
28 | |||
29 | |||
30 | |||
31 | #define MAX_BUF 4098 | ||
32 | #define MAX_ARR 1024 | ||
33 | char *arr[MAX_ARR] = {NULL}; | ||
34 | int arr_cnt = 0; | ||
35 | |||
36 | static int arr_tls_ca = 0; | ||
37 | static int arr_x11 = 0; | ||
38 | static int arr_games = 0; | ||
39 | static char outbuf[256 * 1024]; | ||
40 | static char *outptr; | ||
41 | |||
42 | void outprintf(char* fmt, ...) { | ||
43 | va_list args; | ||
44 | va_start(args,fmt); | ||
45 | outptr += vsprintf(outptr, fmt, args); | ||
46 | va_end(args); | ||
47 | } | ||
48 | |||
49 | |||
50 | |||
51 | static int arr_check(const char *fname, char **pptr) { | ||
52 | assert(fname); | ||
53 | assert(pptr); | ||
54 | |||
55 | while (*pptr != NULL) { | ||
56 | if (strcmp(fname, *pptr) == 0) | ||
57 | return 1; | ||
58 | pptr++; | ||
59 | } | ||
60 | |||
61 | return 0; | ||
62 | } | ||
63 | |||
64 | |||
65 | |||
66 | static void arr_add(const char *fname) { | ||
67 | assert(fname); | ||
68 | assert(arr_cnt < MAX_ARR); | ||
69 | |||
70 | int i; | ||
71 | for (i = 0; i < arr_cnt; i++) | ||
72 | if (strcmp(arr[i], fname) == 0) | ||
73 | return; | ||
74 | |||
75 | arr[arr_cnt] = strdup(fname); | ||
76 | if (!arr[arr_cnt]) | ||
77 | errExit("strdup"); | ||
78 | arr_cnt++; | ||
79 | } | ||
80 | |||
81 | static void arr_clean(void) { | ||
82 | int i; | ||
83 | for (i = 0; i < arr_cnt; i++) { | ||
84 | free(arr[i]); | ||
85 | arr[i] = NULL; | ||
86 | } | ||
87 | |||
88 | arr_cnt = 0; | ||
89 | arr_games = 0; | ||
90 | arr_tls_ca = 0; | ||
91 | arr_x11 = 0; | ||
92 | } | ||
93 | |||
94 | static void arr_print(void) { | ||
95 | printf("private-etc "); | ||
96 | outprintf("private-etc "); | ||
97 | |||
98 | if (arr_games) { | ||
99 | printf("@games,"); | ||
100 | outprintf("@games,"); | ||
101 | } | ||
102 | if (arr_tls_ca) { | ||
103 | printf("@tls-ca,"); | ||
104 | outprintf("@tls-ca,"); | ||
105 | } | ||
106 | if (arr_x11) { | ||
107 | printf("@x11,"); | ||
108 | outprintf("@x11,"); | ||
109 | } | ||
110 | int i; | ||
111 | for (i = 0; i < arr_cnt; i++) { | ||
112 | printf("%s,", arr[i]); | ||
113 | outprintf("%s,", arr[i]); | ||
114 | } | ||
115 | printf("\n"); | ||
116 | outprintf("\n"); | ||
117 | } | ||
118 | |||
119 | static void process_file(const char *fname) { | ||
120 | assert(fname); | ||
121 | |||
122 | FILE *fp = fopen(fname, "r"); | ||
123 | if (!fp) { | ||
124 | fprintf(stderr, "Error: cannot open profile file\n"); | ||
125 | exit(1); | ||
126 | } | ||
127 | |||
128 | outptr = outbuf; | ||
129 | *outptr = '\0'; | ||
130 | |||
131 | char line[MAX_BUF]; | ||
132 | char orig_line[MAX_BUF]; | ||
133 | int cnt = 0; | ||
134 | int print = 0; | ||
135 | while (fgets(line, MAX_BUF, fp)) { | ||
136 | cnt++; | ||
137 | if (strncmp(line, "private-etc ", 12) != 0) { | ||
138 | sprintf(outptr, "%s", line); | ||
139 | outptr += strlen(outptr); | ||
140 | continue; | ||
141 | } | ||
142 | char *ptr = strchr(line, '\n'); | ||
143 | if (ptr) | ||
144 | *ptr = '\0'; | ||
145 | |||
146 | print = 1; | ||
147 | strcpy(orig_line,line); | ||
148 | |||
149 | ptr = line + 12; | ||
150 | while (*ptr == ' ' || *ptr == '\t') | ||
151 | ptr++; | ||
152 | |||
153 | // check for blanks and tabs | ||
154 | char *ptr2 = ptr; | ||
155 | while (*ptr2 != '\0') { | ||
156 | if (*ptr2 == ' ' || *ptr2 == '\t') { | ||
157 | fprintf(stderr, "Error: invlid private-etc line %s:%d\n", fname, cnt); | ||
158 | exit(1); | ||
159 | } | ||
160 | ptr2++; | ||
161 | } | ||
162 | |||
163 | ptr = strtok(ptr, ","); | ||
164 | while (ptr) { | ||
165 | if (arr_check(ptr, &etc_list[0])); | ||
166 | else if (arr_check(ptr, &etc_group_sound[0])); | ||
167 | else if (arr_check(ptr, &etc_group_network[0])); | ||
168 | else if (strcmp(ptr, "@games") == 0) | ||
169 | arr_games = 1; | ||
170 | else if (strcmp(ptr, "@tls-ca") == 0) | ||
171 | arr_tls_ca = 1; | ||
172 | else if (strcmp(ptr, "@x11") == 0) | ||
173 | arr_x11 = 1; | ||
174 | else if (arr_check(ptr, &etc_group_games[0])) | ||
175 | arr_games = 1; | ||
176 | else if (arr_check(ptr, &etc_group_tls_ca[0])) | ||
177 | arr_tls_ca = 1; | ||
178 | else if (arr_check(ptr, &etc_group_x11[0])) | ||
179 | arr_x11 = 1; | ||
180 | else | ||
181 | arr_add(ptr); | ||
182 | |||
183 | ptr = strtok(NULL, ","); | ||
184 | } | ||
185 | |||
186 | printf("\n%s: %s\n%s: ", fname, orig_line, fname); | ||
187 | arr_print(); | ||
188 | arr_clean(); | ||
189 | } | ||
190 | |||
191 | fclose(fp); | ||
192 | |||
193 | if (print) { | ||
194 | printf("Replace %s file? (Y/N): ", fname); | ||
195 | fgets(line, MAX_BUF, stdin); | ||
196 | if (*line == 'y' || *line == 'Y') { | ||
197 | fp = fopen(fname, "w"); | ||
198 | if (!fp) { | ||
199 | fprintf(stderr, "Error: cannot open profile file\n"); | ||
200 | exit(1); | ||
201 | } | ||
202 | fprintf(fp, "%s", outbuf); | ||
203 | fclose(fp); | ||
204 | } | ||
205 | } | ||
206 | } | ||
207 | |||
208 | static void usage(void) { | ||
209 | printf("usage: cleanup-etc file.profile\n"); | ||
210 | } | ||
211 | |||
212 | int main(int argc, char **argv) { | ||
213 | if (argc < 2) { | ||
214 | fprintf(stderr, "Error: invalid number of parameters\n"); | ||
215 | usage(); | ||
216 | return 1; | ||
217 | } | ||
218 | |||
219 | int i; | ||
220 | for (i = 1; i < argc; i++) { | ||
221 | if (strcmp(argv[i], "-h") == 0) { | ||
222 | usage(); | ||
223 | return 0; | ||
224 | } | ||
225 | } | ||
226 | |||
227 | for (i = 1; i < argc; i++) | ||
228 | process_file(argv[i]); | ||
229 | |||
230 | return 0; | ||
231 | } \ No newline at end of file | ||