diff options
-rw-r--r-- | .gitignore | 4 | ||||
-rw-r--r-- | Makefile.in | 7 | ||||
-rwxr-xr-x | configure | 3 | ||||
-rw-r--r-- | configure.ac | 2 | ||||
-rw-r--r-- | src/common.mk.in | 3 | ||||
-rw-r--r-- | src/man/Makefile.in | 17 | ||||
-rw-r--r-- | src/man/preproc.c | 146 |
7 files changed, 175 insertions, 7 deletions
diff --git a/.gitignore b/.gitignore index 8142985b3..74f719ebc 100644 --- a/.gitignore +++ b/.gitignore | |||
@@ -8,6 +8,7 @@ | |||
8 | *.gcno | 8 | *.gcno |
9 | *.DS_Store | 9 | *.DS_Store |
10 | .directory | 10 | .directory |
11 | *.man | ||
11 | Makefile | 12 | Makefile |
12 | autom4te.cache/ | 13 | autom4te.cache/ |
13 | config.log | 14 | config.log |
@@ -35,7 +36,8 @@ src/fsec-optimize/fsec-optimize | |||
35 | src/fcopy/fcopy | 36 | src/fcopy/fcopy |
36 | src/fldd/fldd | 37 | src/fldd/fldd |
37 | src/fbuilder/fbuilder | 38 | src/fbuilder/fbuilder |
38 | etc/profstats | 39 | src/profstats/profstats |
40 | src/man/preproc | ||
39 | uids.h | 41 | uids.h |
40 | seccomp | 42 | seccomp |
41 | seccomp.debug | 43 | seccomp.debug |
diff --git a/Makefile.in b/Makefile.in index 3e500413d..fcaa9c42d 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -16,7 +16,7 @@ BUSYBOX_WORKAROUND=@BUSYBOX_WORKAROUND@ | |||
16 | HAVE_SUID=@HAVE_SUID@ | 16 | HAVE_SUID=@HAVE_SUID@ |
17 | 17 | ||
18 | all: all_items man filters | 18 | all: all_items man filters |
19 | APPS = src/firecfg/firecfg src/firejail/firejail src/firemon/firemon src/profstats/profstats | 19 | APPS = src/firecfg/firecfg src/firejail/firejail src/firemon/firemon src/profstats/profstats src/man/preproc |
20 | SBOX_APPS = src/faudit/faudit src/fbuilder/fbuilder src/ftee/ftee | 20 | SBOX_APPS = src/faudit/faudit src/fbuilder/fbuilder src/ftee/ftee |
21 | SBOX_APPS_NON_DUMPABLE = src/fcopy/fcopy src/fldd/fldd src/fnet/fnet src/fnetfilter/fnetfilter | 21 | SBOX_APPS_NON_DUMPABLE = src/fcopy/fcopy src/fldd/fldd src/fnet/fnet src/fnetfilter/fnetfilter |
22 | MYDIRS = src/lib | 22 | MYDIRS = src/lib |
@@ -36,8 +36,9 @@ mydirs: mydirs $(MYDIRS) | |||
36 | $(MYDIRS): | 36 | $(MYDIRS): |
37 | $(MAKE) -C $@ | 37 | $(MAKE) -C $@ |
38 | 38 | ||
39 | $(MANPAGES): $(wildcard src/man/*.txt) | 39 | |
40 | ./mkman.sh $(VERSION) src/man/$(basename $@).txt $@ | 40 | $(MANPAGES): $(wildcard src/man/*.man) |
41 | ./mkman.sh $(VERSION) src/man/$(basename $@).man $@ | ||
41 | 42 | ||
42 | man: $(MANPAGES) | 43 | man: $(MANPAGES) |
43 | 44 | ||
@@ -4170,7 +4170,7 @@ fi | |||
4170 | 4170 | ||
4171 | ac_config_files="$ac_config_files mkdeb.sh" | 4171 | ac_config_files="$ac_config_files mkdeb.sh" |
4172 | 4172 | ||
4173 | ac_config_files="$ac_config_files Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile src/ftee/Makefile src/faudit/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile src/profstats/Makefile" | 4173 | ac_config_files="$ac_config_files Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile src/ftee/Makefile src/faudit/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile src/profstats/Makefile src/man/Makefile" |
4174 | 4174 | ||
4175 | cat >confcache <<\_ACEOF | 4175 | cat >confcache <<\_ACEOF |
4176 | # This file is a shell script that caches the results of configure | 4176 | # This file is a shell script that caches the results of configure |
@@ -4900,6 +4900,7 @@ do | |||
4900 | "src/libpostexecseccomp/Makefile") CONFIG_FILES="$CONFIG_FILES src/libpostexecseccomp/Makefile" ;; | 4900 | "src/libpostexecseccomp/Makefile") CONFIG_FILES="$CONFIG_FILES src/libpostexecseccomp/Makefile" ;; |
4901 | "src/fsec-optimize/Makefile") CONFIG_FILES="$CONFIG_FILES src/fsec-optimize/Makefile" ;; | 4901 | "src/fsec-optimize/Makefile") CONFIG_FILES="$CONFIG_FILES src/fsec-optimize/Makefile" ;; |
4902 | "src/profstats/Makefile") CONFIG_FILES="$CONFIG_FILES src/profstats/Makefile" ;; | 4902 | "src/profstats/Makefile") CONFIG_FILES="$CONFIG_FILES src/profstats/Makefile" ;; |
4903 | "src/man/Makefile") CONFIG_FILES="$CONFIG_FILES src/man/Makefile" ;; | ||
4903 | 4904 | ||
4904 | *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; | 4905 | *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; |
4905 | esac | 4906 | esac |
diff --git a/configure.ac b/configure.ac index 0524651fb..241865968 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -199,7 +199,7 @@ AC_CONFIG_FILES([mkdeb.sh], [chmod +x mkdeb.sh]) | |||
199 | AC_OUTPUT(Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile \ | 199 | AC_OUTPUT(Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile \ |
200 | src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile \ | 200 | src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile \ |
201 | src/ftee/Makefile src/faudit/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile \ | 201 | src/ftee/Makefile src/faudit/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile \ |
202 | src/profstats/Makefile) | 202 | src/profstats/Makefile src/man/Makefile) |
203 | 203 | ||
204 | echo | 204 | echo |
205 | echo "Configuration options:" | 205 | echo "Configuration options:" |
diff --git a/src/common.mk.in b/src/common.mk.in index 4c4d0862c..22c25c6aa 100644 --- a/src/common.mk.in +++ b/src/common.mk.in | |||
@@ -32,7 +32,8 @@ BINOBJS = $(foreach file, $(OBJS), $file) | |||
32 | CFLAGS = @CFLAGS@ | 32 | CFLAGS = @CFLAGS@ |
33 | CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) | 33 | CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' $(HAVE_GCOV) |
34 | CFLAGS += -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' -DBINDIR='"$(bindir)"' | 34 | CFLAGS += -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' -DBINDIR='"$(bindir)"' |
35 | CFLAGS += $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_FIRETUNNEL) $(HAVE_GLOBALCFG) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) $(HAVE_SELINUX) | 35 | MANFLAGS = $(HAVE_X11) $(HAVE_PRIVATE_HOME) $(HAVE_APPARMOR) $(HAVE_OVERLAYFS) $(HAVE_FIRETUNNEL) $(HAVE_GLOBALCFG) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_FILE_TRANSFER) $(HAVE_WHITELIST) $(HAVE_SELINUX) |
36 | CFLAGS += $(MANFLAGS) | ||
36 | CFLAGS += -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security | 37 | CFLAGS += -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security |
37 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread | 38 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread |
38 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ | 39 | EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@ |
diff --git a/src/man/Makefile.in b/src/man/Makefile.in new file mode 100644 index 000000000..0180baee5 --- /dev/null +++ b/src/man/Makefile.in | |||
@@ -0,0 +1,17 @@ | |||
1 | all: firecfg.man firejail.man firejail-login.man firejail-users.man firejail-profile.man firemon.man | ||
2 | |||
3 | include ../common.mk | ||
4 | |||
5 | %.o : %.c $(H_FILE_LIST) | ||
6 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ | ||
7 | |||
8 | preproc: $(OBJS) | ||
9 | $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) | ||
10 | |||
11 | %.man: %.txt preproc | ||
12 | ./preproc $(MANFLAGS) $< | ||
13 | |||
14 | clean:; rm -fr *.o preproc *.gcov *.gcda *.gcno *.plist *.man alldone | ||
15 | |||
16 | distclean: clean | ||
17 | rm -fr Makefile | ||
diff --git a/src/man/preproc.c b/src/man/preproc.c new file mode 100644 index 000000000..34a49d335 --- /dev/null +++ b/src/man/preproc.c | |||
@@ -0,0 +1,146 @@ | |||
1 | #include <stdio.h> | ||
2 | #include <stdlib.h> | ||
3 | #include <string.h> | ||
4 | #include <assert.h> | ||
5 | |||
6 | #define MAXBUF 4096 | ||
7 | #define MAXMACROS 64 | ||
8 | static char *macro[MAXMACROS] = {NULL}; | ||
9 | |||
10 | static void add_macro(char *m) { | ||
11 | assert(m); | ||
12 | int i; | ||
13 | for (i = 0; i < MAXMACROS && macro[i]; i++); | ||
14 | if (i == MAXMACROS) { | ||
15 | fprintf(stderr, "Error: maximum number of marcros (%d) exceeded\n", MAXMACROS); | ||
16 | exit(1); | ||
17 | } | ||
18 | |||
19 | macro[i] = m; | ||
20 | } | ||
21 | |||
22 | static char *find_macro(char *m) { | ||
23 | assert(m); | ||
24 | int i = 0; | ||
25 | while (i < MAXMACROS && macro[i]) { | ||
26 | if (strcmp(macro[i], m) == 0) | ||
27 | return m; | ||
28 | i++; | ||
29 | } | ||
30 | |||
31 | return NULL; | ||
32 | } | ||
33 | |||
34 | static void usage(void) { | ||
35 | printf("Simple preprocessor for man pages. It supports:\n"); | ||
36 | printf("\t#if 0 ... #endif\n"); | ||
37 | printf("\t#ifdef macro ... #endif\n"); | ||
38 | printf("Usage: preproc [--help] [-Dmacro] manpage.txt\n"); | ||
39 | return; | ||
40 | } | ||
41 | |||
42 | |||
43 | int main(int argc, char **argv) { | ||
44 | if (argc == 1) { | ||
45 | fprintf(stderr, "Error: no files/arguments provided\n"); | ||
46 | usage(); | ||
47 | exit(1); | ||
48 | } | ||
49 | |||
50 | int i; | ||
51 | for (i = 1; i < argc; i++) { | ||
52 | if (strncmp(argv[i], "-D", 2) == 0) | ||
53 | add_macro(argv[i] + 2); | ||
54 | else if (strcmp(argv[i], "--help") == 0) { | ||
55 | usage(); | ||
56 | return 0; | ||
57 | } | ||
58 | else if (*argv[i] == '-') { | ||
59 | fprintf(stderr, "Error: invalid argument %s\n", argv[i]); | ||
60 | exit(1); | ||
61 | } | ||
62 | else | ||
63 | break; | ||
64 | } | ||
65 | |||
66 | char *ptr = strstr(argv[i], ".txt"); | ||
67 | if (!ptr || strlen(ptr) != 4) { | ||
68 | fprintf(stderr, "Error: input file needs to have a .txt extension\n"), | ||
69 | exit(1); | ||
70 | } | ||
71 | |||
72 | FILE *fp = fopen(argv[i], "r"); | ||
73 | if (!fp) { | ||
74 | fprintf(stderr, "Error: cannot open %s\n", argv[i]); | ||
75 | exit(1); | ||
76 | } | ||
77 | char *outfile = strdup(argv[i]); | ||
78 | if (!outfile) | ||
79 | goto errout; | ||
80 | ptr = strstr(outfile, ".txt"); | ||
81 | assert(ptr); | ||
82 | strcpy(ptr, ".man"); | ||
83 | FILE *fpout = fopen(outfile, "w"); | ||
84 | if (!fpout) | ||
85 | goto errout; | ||
86 | |||
87 | char buf[MAXBUF]; | ||
88 | int disabled = 0; | ||
89 | int enabled = 0; | ||
90 | int line = 0;; | ||
91 | while (fgets(buf, MAXBUF, fp)) { | ||
92 | line++; | ||
93 | if (disabled && strncmp(buf, "#if", 3) == 0) { | ||
94 | fprintf(stderr, "Error %d: already in a #if block on line %d\n", __LINE__, line); | ||
95 | exit(1); | ||
96 | } | ||
97 | if ((!disabled && !enabled) && strncmp(buf, "#endif", 6) == 0) { | ||
98 | fprintf(stderr, "Error %d: unmatched #endif on line %d\n", __LINE__, line); | ||
99 | exit(1); | ||
100 | } | ||
101 | |||
102 | char *ptr = strchr(buf, '\n'); | ||
103 | if (ptr) | ||
104 | *ptr = '\0'; | ||
105 | |||
106 | if (strncmp(buf, "#if 0", 5) == 0) { | ||
107 | disabled = 1; | ||
108 | continue; | ||
109 | } | ||
110 | if (strncmp(buf, "#ifdef", 6) == 0) { | ||
111 | char *ptr = buf + 6; | ||
112 | if (*ptr != ' ' && *ptr != '\t') { | ||
113 | fprintf(stderr, "Error %d: invalid macro on line %d\n", __LINE__, line); | ||
114 | exit(1); | ||
115 | } | ||
116 | |||
117 | while (*ptr == ' ' || *ptr == '\t') | ||
118 | ptr++; | ||
119 | |||
120 | if (!find_macro(ptr)) | ||
121 | disabled = 1; | ||
122 | else | ||
123 | enabled = 1; | ||
124 | continue; | ||
125 | } | ||
126 | |||
127 | if (strncmp(buf, "#endif", 6) == 0) { | ||
128 | disabled = 0; | ||
129 | enabled = 1; | ||
130 | continue; | ||
131 | } | ||
132 | |||
133 | if (!disabled) { | ||
134 | // printf("%s\n", buf); | ||
135 | fprintf(fpout, "%s\n", buf); | ||
136 | } | ||
137 | } | ||
138 | fclose(fp); | ||
139 | |||
140 | return 0; | ||
141 | |||
142 | errout: | ||
143 | fclose(fp); | ||
144 | fprintf(stderr, "Error: cannot open output file\n"); | ||
145 | exit(1); | ||
146 | } | ||