diff options
author | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2021-03-03 12:39:08 +0100 |
---|---|---|
committer | rusty-snake <41237666+rusty-snake@users.noreply.github.com> | 2021-03-03 12:39:08 +0100 |
commit | c30a9031a735f43984051bca79f23a4732ce33b7 (patch) | |
tree | e3691e49e05a2ceb2a901a9a9c601abc4c858ffa /src | |
parent | Merge pull request #4035 from Tomin1/few_fixes (diff) | |
download | firejail-c30a9031a735f43984051bca79f23a4732ce33b7.tar.gz firejail-c30a9031a735f43984051bca79f23a4732ce33b7.tar.zst firejail-c30a9031a735f43984051bca79f23a4732ce33b7.zip |
Add new condition ?HAS_PRIVATE:
Idea from @vinc17fr
https://github.com/netblue30/firejail/issues/4026#issuecomment-789178572
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/profile.c | 5 | ||||
-rw-r--r-- | src/man/firejail-profile.txt | 2 |
2 files changed, 6 insertions, 1 deletions
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index f3266c23e..351b760df 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
@@ -157,6 +157,10 @@ static int check_nosound(void) { | |||
157 | return arg_nosound != 0; | 157 | return arg_nosound != 0; |
158 | } | 158 | } |
159 | 159 | ||
160 | static int check_private(void) { | ||
161 | return arg_private; | ||
162 | } | ||
163 | |||
160 | static int check_x11(void) { | 164 | static int check_x11(void) { |
161 | return (arg_x11_block || arg_x11_xorg || env_get("FIREJAIL_X11")); | 165 | return (arg_x11_block || arg_x11_xorg || env_get("FIREJAIL_X11")); |
162 | } | 166 | } |
@@ -174,6 +178,7 @@ Cond conditionals[] = { | |||
174 | {"HAS_NET", check_netoptions}, | 178 | {"HAS_NET", check_netoptions}, |
175 | {"HAS_NODBUS", check_nodbus}, | 179 | {"HAS_NODBUS", check_nodbus}, |
176 | {"HAS_NOSOUND", check_nosound}, | 180 | {"HAS_NOSOUND", check_nosound}, |
181 | {"HAS_PRIVATE", check_private}, | ||
177 | {"HAS_X11", check_x11}, | 182 | {"HAS_X11", check_x11}, |
178 | {"BROWSER_DISABLE_U2F", check_disable_u2f}, | 183 | {"BROWSER_DISABLE_U2F", check_disable_u2f}, |
179 | {"BROWSER_ALLOW_DRM", check_allow_drm}, | 184 | {"BROWSER_ALLOW_DRM", check_allow_drm}, |
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index b25fc9181..b0b390507 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
@@ -103,7 +103,7 @@ Example: "?HAS_APPIMAGE: whitelist ${HOME}/special/appimage/dir" | |||
103 | 103 | ||
104 | This example will load the whitelist profile line only if the \-\-appimage option has been specified on the command line. | 104 | This example will load the whitelist profile line only if the \-\-appimage option has been specified on the command line. |
105 | 105 | ||
106 | Currently the only conditionals supported this way are HAS_APPIMAGE, HAS_NET, HAS_NODBUS, HAS_NOSOUND and HAS_X11. The conditionals BROWSER_DISABLE_U2F and BROWSER_ALLOW_DRM | 106 | Currently the only conditionals supported this way are HAS_APPIMAGE, HAS_NET, HAS_NODBUS, HAS_NOSOUND, HAS_PRIVATE and HAS_X11. The conditionals BROWSER_DISABLE_U2F and BROWSER_ALLOW_DRM |
107 | can be enabled or disabled globally in Firejail's configuration file. | 107 | can be enabled or disabled globally in Firejail's configuration file. |
108 | 108 | ||
109 | The profile line may be any profile line that you would normally use in a profile \fBexcept\fR for "quiet" and "include" lines. | 109 | The profile line may be any profile line that you would normally use in a profile \fBexcept\fR for "quiet" and "include" lines. |