1 files changed, 56 insertions, 35 deletions

diff --git a/contrib/sort.py b/contrib/sort.py
index 6f21370ec..638f14516 100755
--- a/contrib/sort.py
+++ b/contrib/sort.py
@@ -2,48 +2,61 @@
 # This file is part of Firejail project
 # Copyright (C) 2014-2022 Firejail Authors
 # License GPL v2
-"""
-Sort the items of multi-item options in profiles, the following options are supported:
-  private-bin, private-etc, private-lib, caps.drop, caps.keep, seccomp.drop, seccomp.drop, protocol
 
-Usage:
-    $ ./sort.py /path/to/profile [ /path/to/profile2 /path/to/profile3 ... ]
+# Requirements:
+#  python >= 3.6
+from os import path
+from sys import argv, exit as sys_exit, stderr
+
+__doc__ = f"""\
+Sort the arguments of commands in profiles.
+
+Usage: {path.basename(argv[0])} [/path/to/profile ...]
+
+The following commands are supported:
+
+    private-bin, private-etc, private-lib, caps.drop, caps.keep, seccomp.drop,
+    seccomp.drop, protocol
+
+Note that this is only applicable to commands that support multiple arguments.
+
 Keep in mind that this will overwrite your profile(s).
 
 Examples:
-    $ ./sort.py MyAwesomeProfile.profile
-    $ ./sort.py new_profile.profile second_new_profile.profile
-    $ ./sort.py ~/.config/firejail/*.{profile,inc,local}
-    $ sudo ./sort.py /etc/firejail/*.{profile,inc,local}
-
-Exit-Codes:
-  0: No Error; No Profile Fixed.
-  1: Error, one or more profiles were not processed correctly.
-  101: No Error; One or more profile were fixed.
+    $ {argv[0]} MyAwesomeProfile.profile
+    $ {argv[0]} new_profile.profile second_new_profile.profile
+    $ {argv[0]} ~/.config/firejail/*.{{profile,inc,local}}
+    $ sudo {argv[0]} /etc/firejail/*.{{profile,inc,local}}
+
+Exit Codes:
+  0: Success: No profiles needed fixing.
+  1: Error: One or more profiles could not be processed correctly.
+  2: Error: Missing arguments.
+  101: Info: One or more profiles were fixed.
 """
 
-# Requirements:
-#  python >= 3.6
-from sys import argv, exit as sys_exit
-
 
-def sort_alphabetical(raw_items):
-    items = raw_items.split(",")
-    items.sort(key=lambda s: s.casefold())
+def sort_alphabetical(original_items):
+    items = original_items.split(",")
+    items.sort(key=str.casefold)
     return ",".join(items)
 
 
-def sort_protocol(protocols):
-    """sort the given protocols into this scheme: unix,inet,inet6,netlink,packet,bluetooth"""
+def sort_protocol(original_protocols):
+    """
+    Sort the given protocols into the following order:
+
+        unix,inet,inet6,netlink,packet,bluetooth
+    """
 
     # shortcut for common protocol lines
-    if protocols in ("unix", "unix,inet,inet6"):
-        return protocols
+    if original_protocols in ("unix", "unix,inet,inet6"):
+        return original_protocols
 
     fixed_protocols = ""
     for protocol in ("unix", "inet", "inet6", "netlink", "packet", "bluetooth"):
         for prefix in ("", "-", "+", "="):
-            if f",{prefix}{protocol}," in f",{protocols},":
+            if f",{prefix}{protocol}," in f",{original_protocols},":
                 fixed_protocols += f"{prefix}{protocol},"
     return fixed_protocols[:-1]
 
@@ -53,7 +66,7 @@ def fix_profile(filename):
         lines = profile.read().split("\n")
         was_fixed = False
         fixed_profile = []
-        for lineno, line in enumerate(lines):
+        for lineno, line in enumerate(lines, 1):
             if line[:12] in ("private-bin ", "private-etc ", "private-lib "):
                 fixed_line = f"{line[:12]}{sort_alphabetical(line[12:])}"
             elif line[:13] in ("seccomp.drop ", "seccomp.keep "):
@@ -69,8 +82,8 @@ def fix_profile(filename):
             if fixed_line != line:
                 was_fixed = True
                 print(
-                    f"{filename}:{lineno + 1}:-{line}\n"
-                    f"{filename}:{lineno + 1}:+{fixed_line}"
+                    f"{filename}:{lineno}:-{line}\n"
+                    f"{filename}:{lineno}:+{fixed_line}"
                 )
             fixed_profile.append(fixed_line)
         if was_fixed:
@@ -84,22 +97,30 @@ def fix_profile(filename):
 
 
 def main(args):
+    if len(args) < 1:
+        print(__doc__, file=stderr)
+        return 2
+
+    print(f"sort.py: checking {len(args)} profile(s)...")
+
     exit_code = 0
-    print(f"sort.py: checking {len(args)} {'profiles' if len(args) != 1 else 'profile'}...")
     for filename in args:
         try:
             if exit_code not in (1, 101):
                 exit_code = fix_profile(filename)
             else:
                 fix_profile(filename)
-        except FileNotFoundError:
-            print(f"[ Error ] Can't find `{filename}'")
+        except FileNotFoundError as err:
+            print(f"[ Error ] {err}", file=stderr)
             exit_code = 1
-        except PermissionError:
-            print(f"[ Error ] Can't read/write `{filename}'")
+        except PermissionError as err:
+            print(f"[ Error ] {err}", file=stderr)
             exit_code = 1
         except Exception as err:
-            print(f"[ Error ] An error occurred while processing `{filename}': {err}")
+            print(
+                f"[ Error ] An error occurred while processing '{filename}': {err}",
+                file=stderr,
+            )
             exit_code = 1
     return exit_code