simplify chroot option parsing

this is a partial revert, back to the original code

3 files changed, 20 insertions, 18 deletions

diff --git a/src/firejail/chroot.c b/src/firejail/chroot.c
index 8a57dee35..f5bb11a76 100644
--- a/src/firejail/chroot.c
+++ b/src/firejail/chroot.c
@@ -30,17 +30,17 @@
 #endif
 
 
-// exit if error, return resolved chroot path
-char *fs_check_chroot_dir(const char *rootdir) {
+// exit if error
+void fs_check_chroot_dir(void) {
         EUID_ASSERT();
-        assert(rootdir);
-        if (strstr(rootdir, "..") ||
-        is_link(rootdir) ||
-        !is_dir(rootdir))
+        assert(cfg.chrootdir);
+        if (strstr(cfg.chrootdir, "..") ||
+        is_link(cfg.chrootdir) ||
+        !is_dir(cfg.chrootdir))
                 goto errout;
 
         // check chroot dirname exists, chrooting into the root directory is not allowed
-        char *rpath = realpath(rootdir, NULL);
+        char *rpath = realpath(cfg.chrootdir, NULL);
         if (rpath == NULL || strcmp(rpath, "/") == 0)
                 goto errout;
 
@@ -52,10 +52,11 @@ char *fs_check_chroot_dir(const char *rootdir) {
                 exit(1);
         }
         free(overlay);
-        return rpath;
+        cfg.chrootdir = rpath;
+        return;
 
 errout:
-        fprintf(stderr, "Error: invalid chroot directory %s\n", rootdir);
+        fprintf(stderr, "Error: invalid chroot directory %s\n", cfg.chrootdir);
         exit(1);
 }
 
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index 487803770..fdbeb4691 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -398,9 +398,8 @@ void fs_private_cache(void);
 void fs_mnt(const int enforce);
 
 // chroot.c
-// returns resolved chroot directory path
-char *fs_check_chroot_dir(const char *rootdir);
 // chroot into an existing directory; mount existing /dev and update /etc/resolv.conf
+void fs_check_chroot_dir(void);
 void fs_chroot(const char *rootdir);
 
 // profile.c
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 5c83239ef..cbe3292ba 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -1659,21 +1659,23 @@ int main(int argc, char **argv) {
                                         fprintf(stderr, "Error: --chroot option is not available on Grsecurity systems\n");
                                         exit(1);
                                 }
-                                if (*(argv[i] + 9) == '\0') {
+                                // extract chroot dirname
+                                cfg.chrootdir = argv[i] + 9;
+                                if (*cfg.chrootdir == '\0') {
                                         fprintf(stderr, "Error: invalid chroot option\n");
                                         exit(1);
                                 }
-                                invalid_filename(argv[i] + 9, 0); // no globbing
+                                invalid_filename(cfg.chrootdir, 0); // no globbing
 
-                                // extract chroot dirname
-                                char *tmp = argv[i] + 9;
                                 // if the directory starts with ~, expand the home directory
-                                if (*(argv[i] + 9) == '~') {
-                                        if (asprintf(&tmp, "%s%s", cfg.homedir, argv[i] + 10) == -1)
+                                if (*cfg.chrootdir == '~') {
+                                        char *tmp;
+                                        if (asprintf(&tmp, "%s%s", cfg.homedir, cfg.chrootdir + 1) == -1)
                                                 errExit("asprintf");
+                                        cfg.chrootdir = tmp;
                                 }
                                 // check chroot directory
-                                cfg.chrootdir = fs_check_chroot_dir(tmp);
+                                fs_check_chroot_dir();
                         }
                         else
                                 exit_err_feature("chroot");