diff options
author | netblue30 <netblue30@yahoo.com> | 2018-09-01 08:48:19 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2018-09-01 08:48:19 -0400 |
commit | ba2e5f55ed8b3bd83b15fc51ae5ef6050b8f8dca (patch) | |
tree | 4ffcb6a31c62c3c7ea8a1b8135bed8d8fa949fe7 /src | |
parent | --chroot fixes (Debian problem) (diff) | |
download | firejail-ba2e5f55ed8b3bd83b15fc51ae5ef6050b8f8dca.tar.gz firejail-ba2e5f55ed8b3bd83b15fc51ae5ef6050b8f8dca.tar.zst firejail-ba2e5f55ed8b3bd83b15fc51ae5ef6050b8f8dca.zip |
chroot problem: default profile not configured by default
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/main.c | 57 |
1 files changed, 24 insertions, 33 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index b5d46808a..f50774379 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -2232,12 +2232,12 @@ int main(int argc, char **argv) { | |||
2232 | // check user namespace (--noroot) options | 2232 | // check user namespace (--noroot) options |
2233 | if (arg_noroot) { | 2233 | if (arg_noroot) { |
2234 | if (arg_overlay) { | 2234 | if (arg_overlay) { |
2235 | fprintf(stderr, "Error: --overlay and --noroot are mutually exclusive.\n"); | 2235 | fwarning("--overlay and --noroot are mutually exclusive, --noroot disabled...\n"); |
2236 | exit(1); | 2236 | arg_noroot = 0; |
2237 | } | 2237 | } |
2238 | else if (cfg.chrootdir) { | 2238 | else if (cfg.chrootdir) { |
2239 | fprintf(stderr, "Error: --chroot and --noroot are mutually exclusive.\n"); | 2239 | fwarning("--chroot and --noroot are mutually exclusive, --noroot disabled...\n"); |
2240 | exit(1); | 2240 | arg_noroot = 0; |
2241 | } | 2241 | } |
2242 | } | 2242 | } |
2243 | 2243 | ||
@@ -2311,39 +2311,30 @@ int main(int argc, char **argv) { | |||
2311 | 2311 | ||
2312 | // use default.profile as the default | 2312 | // use default.profile as the default |
2313 | if (!custom_profile && !arg_noprofile) { | 2313 | if (!custom_profile && !arg_noprofile) { |
2314 | if (cfg.chrootdir) { | 2314 | char *profile_name = DEFAULT_USER_PROFILE; |
2315 | fwarning("default profile disabled by --chroot option\n"); | 2315 | if (getuid() == 0) |
2316 | } | 2316 | profile_name = DEFAULT_ROOT_PROFILE; |
2317 | // else if (arg_overlay) { | 2317 | if (arg_debug) |
2318 | // fwarning("default profile disabled by --overlay option\n"); | 2318 | printf("Attempting to find %s.profile...\n", profile_name); |
2319 | // } | ||
2320 | else { | ||
2321 | // try to load a default profile | ||
2322 | char *profile_name = DEFAULT_USER_PROFILE; | ||
2323 | if (getuid() == 0) | ||
2324 | profile_name = DEFAULT_ROOT_PROFILE; | ||
2325 | if (arg_debug) | ||
2326 | printf("Attempting to find %s.profile...\n", profile_name); | ||
2327 | |||
2328 | // look for the profile in ~/.config/firejail directory | ||
2329 | char *usercfgdir; | ||
2330 | if (asprintf(&usercfgdir, "%s/.config/firejail", cfg.homedir) == -1) | ||
2331 | errExit("asprintf"); | ||
2332 | custom_profile = profile_find(profile_name, usercfgdir); | ||
2333 | free(usercfgdir); | ||
2334 | 2319 | ||
2335 | if (!custom_profile) | 2320 | // look for the profile in ~/.config/firejail directory |
2336 | // look for the profile in /etc/firejail directory | 2321 | char *usercfgdir; |
2337 | custom_profile = profile_find(profile_name, SYSCONFDIR); | 2322 | if (asprintf(&usercfgdir, "%s/.config/firejail", cfg.homedir) == -1) |
2323 | errExit("asprintf"); | ||
2324 | custom_profile = profile_find(profile_name, usercfgdir); | ||
2325 | free(usercfgdir); | ||
2338 | 2326 | ||
2339 | if (!custom_profile) { | 2327 | if (!custom_profile) |
2340 | fprintf(stderr, "Error: no default.profile installed\n"); | 2328 | // look for the profile in /etc/firejail directory |
2341 | exit(1); | 2329 | custom_profile = profile_find(profile_name, SYSCONFDIR); |
2342 | } | ||
2343 | 2330 | ||
2344 | if (custom_profile) | 2331 | if (!custom_profile) { |
2345 | fmessage("\n** Note: you can use --noprofile to disable %s.profile **\n\n", profile_name); | 2332 | fprintf(stderr, "Error: no default.profile installed\n"); |
2333 | exit(1); | ||
2346 | } | 2334 | } |
2335 | |||
2336 | if (custom_profile) | ||
2337 | fmessage("\n** Note: you can use --noprofile to disable %s.profile **\n\n", profile_name); | ||
2347 | } | 2338 | } |
2348 | EUID_ASSERT(); | 2339 | EUID_ASSERT(); |
2349 | 2340 | ||