diff options
author | smitsohu <smitsohu@gmail.com> | 2022-03-12 16:52:34 +0100 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2022-03-12 17:00:31 +0100 |
commit | e68440e4a3882dea2ed754ff19a9d1a2bbc19813 (patch) | |
tree | ab47cbb6da2742a7dfb51eb3f7a999ccc6884b89 /src | |
parent | fbuilder: fix Electron apps (diff) | |
download | firejail-e68440e4a3882dea2ed754ff19a9d1a2bbc19813.tar.gz firejail-e68440e4a3882dea2ed754ff19a9d1a2bbc19813.tar.zst firejail-e68440e4a3882dea2ed754ff19a9d1a2bbc19813.zip |
fbuilder: don't consider flatpak/snapd directories
Diffstat (limited to 'src')
-rw-r--r-- | src/fbuilder/build_fs.c | 2 | ||||
-rw-r--r-- | src/fbuilder/build_home.c | 3 | ||||
-rw-r--r-- | src/fbuilder/filedb.c | 2 |
3 files changed, 6 insertions, 1 deletions
diff --git a/src/fbuilder/build_fs.c b/src/fbuilder/build_fs.c index d3bf247f1..ede96c9b4 100644 --- a/src/fbuilder/build_fs.c +++ b/src/fbuilder/build_fs.c | |||
@@ -183,6 +183,8 @@ void build_var(const char *fname, FILE *fp) { | |||
183 | assert(fname); | 183 | assert(fname); |
184 | 184 | ||
185 | var_skip = filedb_load_whitelist(var_skip, "whitelist-var-common.inc", "whitelist /var/"); | 185 | var_skip = filedb_load_whitelist(var_skip, "whitelist-var-common.inc", "whitelist /var/"); |
186 | var_skip = filedb_add(var_skip, "lib/flatpak"); | ||
187 | var_skip = filedb_add(var_skip, "lib/snapd"); | ||
186 | process_files(fname, "/var", var_callback); | 188 | process_files(fname, "/var", var_callback); |
187 | 189 | ||
188 | // always whitelist /var | 190 | // always whitelist /var |
diff --git a/src/fbuilder/build_home.c b/src/fbuilder/build_home.c index d6d421259..00f227c95 100644 --- a/src/fbuilder/build_home.c +++ b/src/fbuilder/build_home.c | |||
@@ -95,6 +95,9 @@ void process_home(const char *fname, char *home, int home_len) { | |||
95 | strcmp(ptr, ".bashrc") == 0) | 95 | strcmp(ptr, ".bashrc") == 0) |
96 | continue; | 96 | continue; |
97 | 97 | ||
98 | // skip flatpak files | ||
99 | if (strncmp(ptr, ".local/share/flatpak", 20) == 0) | ||
100 | continue; | ||
98 | 101 | ||
99 | // try to find the relevant directory for this file | 102 | // try to find the relevant directory for this file |
100 | char *dir = extract_dir(ptr); | 103 | char *dir = extract_dir(ptr); |
diff --git a/src/fbuilder/filedb.c b/src/fbuilder/filedb.c index 454b9f40b..569095785 100644 --- a/src/fbuilder/filedb.c +++ b/src/fbuilder/filedb.c | |||
@@ -96,7 +96,7 @@ FileDB *filedb_load_whitelist(FileDB *head, const char *fname, const char *prefi | |||
96 | errExit("asprintf"); | 96 | errExit("asprintf"); |
97 | FILE *fp = fopen(f, "r"); | 97 | FILE *fp = fopen(f, "r"); |
98 | if (!fp) { | 98 | if (!fp) { |
99 | fprintf(stderr, "Error: cannot open whitelist-common.inc\n"); | 99 | fprintf(stderr, "Error: cannot open %s\n", f); |
100 | free(f); | 100 | free(f); |
101 | exit(1); | 101 | exit(1); |
102 | } | 102 | } |