aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--config.mk.in1
-rwxr-xr-xconfigure1
-rw-r--r--configure.ac1
-rw-r--r--etc/profile-a-l/lbry-viewer-gtk.profile14
-rw-r--r--etc/profile-a-l/lobster.profile2
-rw-r--r--etc/profile-m-z/pipe-viewer-gtk.profile14
-rw-r--r--etc/profile-m-z/youtube-viewer-gtk.profile14
-rw-r--r--src/firecfg/desktop_files.c27
-rw-r--r--src/firecfg/firecfg.config3
-rw-r--r--src/firecfg/firecfg.h2
-rw-r--r--src/firecfg/main.c61
-rw-r--r--src/man/firecfg.1.in2
-rw-r--r--src/prog.mk2
-rw-r--r--src/so.mk2
14 files changed, 117 insertions, 29 deletions
diff --git a/config.mk.in b/config.mk.in
index 493a1f96f..63d7fb981 100644
--- a/config.mk.in
+++ b/config.mk.in
@@ -76,6 +76,7 @@ MANFLAGS = \
76# https://www.gnu.org/software/automake/manual/1.16.5/html_node/User-Variables.html 76# https://www.gnu.org/software/automake/manual/1.16.5/html_node/User-Variables.html
77CC=@CC@ 77CC=@CC@
78CFLAGS=@CFLAGS@ 78CFLAGS=@CFLAGS@
79CPPFLAGS=@CPPFLAGS@
79LDFLAGS=@LDFLAGS@ 80LDFLAGS=@LDFLAGS@
80 81
81# Project variables 82# Project variables
diff --git a/configure b/configure
index 6bc68741e..767d1da00 100755
--- a/configure
+++ b/configure
@@ -5308,6 +5308,7 @@ cat <<EOF
5308Compile options: 5308Compile options:
5309 CC: $CC 5309 CC: $CC
5310 CFLAGS: $CFLAGS 5310 CFLAGS: $CFLAGS
5311 CPPFLAGS: $CPPFLAGS
5311 LDFLAGS: $LDFLAGS 5312 LDFLAGS: $LDFLAGS
5312 EXTRA_CFLAGS: $EXTRA_CFLAGS 5313 EXTRA_CFLAGS: $EXTRA_CFLAGS
5313 EXTRA_LDFLAGS: $EXTRA_LDFLAGS 5314 EXTRA_LDFLAGS: $EXTRA_LDFLAGS
diff --git a/configure.ac b/configure.ac
index fc99820de..d3b05d839 100644
--- a/configure.ac
+++ b/configure.ac
@@ -276,6 +276,7 @@ cat <<EOF
276Compile options: 276Compile options:
277 CC: $CC 277 CC: $CC
278 CFLAGS: $CFLAGS 278 CFLAGS: $CFLAGS
279 CPPFLAGS: $CPPFLAGS
279 LDFLAGS: $LDFLAGS 280 LDFLAGS: $LDFLAGS
280 EXTRA_CFLAGS: $EXTRA_CFLAGS 281 EXTRA_CFLAGS: $EXTRA_CFLAGS
281 EXTRA_LDFLAGS: $EXTRA_LDFLAGS 282 EXTRA_LDFLAGS: $EXTRA_LDFLAGS
diff --git a/etc/profile-a-l/lbry-viewer-gtk.profile b/etc/profile-a-l/lbry-viewer-gtk.profile
new file mode 100644
index 000000000..8d0b7e8a0
--- /dev/null
+++ b/etc/profile-a-l/lbry-viewer-gtk.profile
@@ -0,0 +1,14 @@
1# Firejail profile for lbry-viewer-gtk
2# Description: GTK front-end to lbry-viewer
3# This file is overwritten after every install/update
4# Persistent local customizations
5include lbry-viewer-gtk.local
6# added by included profile
7#include globals.local
8
9private-bin lbry-viewer-gtk
10
11include gtk-youtube-viewers-common.profile
12
13# Redirect
14include lbry-viewer.profile
diff --git a/etc/profile-a-l/lobster.profile b/etc/profile-a-l/lobster.profile
index 367f69743..b46a689e8 100644
--- a/etc/profile-a-l/lobster.profile
+++ b/etc/profile-a-l/lobster.profile
@@ -42,7 +42,7 @@ noprinters
42notv 42notv
43 43
44disable-mnt 44disable-mnt
45private-bin base64,bash,cat,command,curl,cut,date,dirname,echo,ffmpeg,ffprobe,find,fzf,grep,head,hxunent,ln,lobster,ls,mkdir,mkfifo,nano,nohup,openssl,patch,pgrep,ps,rm,rofi,sed,sh,sleep,socat,tail,tee,tput,tr,ueberzugpp,uname,uuidgen,vim,wc 45private-bin base64,basename,bash,cat,curl,cut,date,dirname,echo,ffmpeg,ffprobe,find,fzf,grep,head,hxunent,ln,lobster,ls,mkdir,mkfifo,nano,nohup,openssl,patch,pgrep,ps,rm,rofi,sed,sh,sleep,socat,tail,tee,tput,tr,ueberzugpp,uname,uuidgen,vim,wc
46#private-cache 46#private-cache
47private-etc X11,alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,pango,pki,protocols,pulse,resolv.conf,rpc,services,ssl,xdg 47private-etc X11,alsa,alternatives,asound.conf,ca-certificates,crypto-policies,fonts,host.conf,hostname,hosts,ld.so.cache,ld.so.conf,ld.so.conf.d,ld.so.preload,locale,locale.alias,locale.conf,localtime,machine-id,mime.types,nsswitch.conf,pango,pki,protocols,pulse,resolv.conf,rpc,services,ssl,xdg
48private-tmp 48private-tmp
diff --git a/etc/profile-m-z/pipe-viewer-gtk.profile b/etc/profile-m-z/pipe-viewer-gtk.profile
new file mode 100644
index 000000000..790dbfe25
--- /dev/null
+++ b/etc/profile-m-z/pipe-viewer-gtk.profile
@@ -0,0 +1,14 @@
1# Firejail profile for pipe-viewer-gtk
2# Description: GTK front-end to pipe-viewer
3# This file is overwritten after every install/update
4# Persistent local customizations
5include pipe-viewer-gtk.local
6# added by included profile
7#include globals.local
8
9private-bin pipe-viewer-gtk
10
11include gtk-youtube-viewers-common.profile
12
13# Redirect
14include pipe-viewer.profile
diff --git a/etc/profile-m-z/youtube-viewer-gtk.profile b/etc/profile-m-z/youtube-viewer-gtk.profile
new file mode 100644
index 000000000..cd5b0219a
--- /dev/null
+++ b/etc/profile-m-z/youtube-viewer-gtk.profile
@@ -0,0 +1,14 @@
1# Firejail profile for youtube-viewer-gtk
2# Description: GTK front-end to youtube-viewer
3# This file is overwritten after every install/update
4# Persistent local customizations
5include youtube-viewer-gtk.local
6# added by included profile
7#include globals.local
8
9private-bin youtube-viewer-gtk
10
11include gtk-youtube-viewers-common.profile
12
13# Redirect
14include youtube-viewer.profile
diff --git a/src/firecfg/desktop_files.c b/src/firecfg/desktop_files.c
index 8918b8a95..ecb18a60e 100644
--- a/src/firecfg/desktop_files.c
+++ b/src/firecfg/desktop_files.c
@@ -118,6 +118,9 @@ void fix_desktop_files(const char *homedir) {
118 exit(1); 118 exit(1);
119 } 119 }
120 120
121 // build ignorelist
122 parse_config_all(0);
123
121 // destination 124 // destination
122 // create ~/.local/share/applications directory if necessary 125 // create ~/.local/share/applications directory if necessary
123 char *user_apps_dir; 126 char *user_apps_dir;
@@ -163,7 +166,8 @@ void fix_desktop_files(const char *homedir) {
163 // copy 166 // copy
164 struct dirent *entry; 167 struct dirent *entry;
165 while ((entry = readdir(dir)) != NULL) { 168 while ((entry = readdir(dir)) != NULL) {
166 if (strcmp(entry->d_name, ".") == 0 || strcmp(entry->d_name, "..") == 0) 169 const char *filename = entry->d_name;
170 if (strcmp(filename, ".") == 0 || strcmp(filename, "..") == 0)
167 continue; 171 continue;
168 172
169 // skip if not regular file or link 173 // skip if not regular file or link
@@ -172,10 +176,25 @@ void fix_desktop_files(const char *homedir) {
172 continue; 176 continue;
173 177
174 // skip if not .desktop file 178 // skip if not .desktop file
175 if (strstr(entry->d_name,".desktop") != (entry->d_name+strlen(entry->d_name)-8)) 179 char *exec = strdup(filename);
180 if (!exec)
181 errExit("strdup");
182 char *ptr = strstr(exec, ".desktop");
183 if (ptr == NULL || *(ptr + 8) != '\0') {
184 printf(" %s skipped (not a .desktop file)\n", exec);
185 free(exec);
176 continue; 186 continue;
187 }
188
189 // skip if program is in ignorelist
190 *ptr = '\0';
191 if (in_ignorelist(exec)) {
192 printf(" %s ignored\n", exec);
193 free(exec);
194 continue;
195 }
177 196
178 char *filename = entry->d_name; 197 free(exec);
179 198
180 // skip links - Discord on Arch #4235 seems to be a symlink to /opt directory 199 // skip links - Discord on Arch #4235 seems to be a symlink to /opt directory
181// if (is_link(filename)) 200// if (is_link(filename))
@@ -221,7 +240,7 @@ void fix_desktop_files(const char *homedir) {
221 } 240 }
222 241
223 // get executable name 242 // get executable name
224 char *ptr = strstr(buf,"\nExec="); 243 ptr = strstr(buf,"\nExec=");
225 if (!ptr || strlen(ptr) < 7) { 244 if (!ptr || strlen(ptr) < 7) {
226 if (arg_debug) 245 if (arg_debug)
227 printf(" %s - skipped: wrong format?\n", filename); 246 printf(" %s - skipped: wrong format?\n", filename);
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
index d54661b33..f007638f8 100644
--- a/src/firecfg/firecfg.config
+++ b/src/firecfg/firecfg.config
@@ -480,6 +480,7 @@ kube
480#kwin_x11 480#kwin_x11
481kwrite 481kwrite
482lbry-viewer 482lbry-viewer
483lbry-viewer-gtk
483leafpad 484leafpad
484#less # breaks man 485#less # breaks man
485lettura 486lettura
@@ -684,6 +685,7 @@ pingus
684pinta 685pinta
685pioneer 686pioneer
686pipe-viewer 687pipe-viewer
688pipe-viewer-gtk
687pithos 689pithos
688pitivi 690pitivi
689pix 691pix
@@ -979,6 +981,7 @@ youtube
979youtube-dl 981youtube-dl
980youtube-dl-gui 982youtube-dl-gui
981youtube-viewer 983youtube-viewer
984youtube-viewer-gtk
982youtubemusic-nativefier 985youtubemusic-nativefier
983yt-dlp 986yt-dlp
984ytmdesktop 987ytmdesktop
diff --git a/src/firecfg/firecfg.h b/src/firecfg/firecfg.h
index 4379c0d44..d5996461e 100644
--- a/src/firecfg/firecfg.h
+++ b/src/firecfg/firecfg.h
@@ -50,6 +50,8 @@
50 50
51// main.c 51// main.c
52extern int arg_debug; 52extern int arg_debug;
53int in_ignorelist(const char *const str);
54void parse_config_all(int do_symlink);
53 55
54// util.c 56// util.c
55int which(const char *program); 57int which(const char *program);
diff --git a/src/firecfg/main.c b/src/firecfg/main.c
index 5677c5d37..74a9c0fef 100644
--- a/src/firecfg/main.c
+++ b/src/firecfg/main.c
@@ -25,6 +25,7 @@
25int arg_debug = 0; 25int arg_debug = 0;
26char *arg_bindir = "/usr/local/bin"; 26char *arg_bindir = "/usr/local/bin";
27int arg_guide = 0; 27int arg_guide = 0;
28int done_config = 0;
28 29
29static const char *const usage_str = 30static const char *const usage_str =
30 "Firecfg is the desktop configuration utility for Firejail software. The utility\n" 31 "Firecfg is the desktop configuration utility for Firejail software. The utility\n"
@@ -166,7 +167,7 @@ static int append_ignorelist(const char *const str) {
166 return 1; 167 return 1;
167} 168}
168 169
169static int in_ignorelist(const char *const str) { 170int in_ignorelist(const char *const str) {
170 assert(str); 171 assert(str);
171 int i; 172 int i;
172 for (i = 0; i < ignorelist_len; i++) { 173 for (i = 0; i < ignorelist_len; i++) {
@@ -202,8 +203,11 @@ static void set_file(const char *name, const char *firejail_exec) {
202} 203}
203 204
204// parse a single config file 205// parse a single config file
205static void set_links_firecfg(const char *cfgfile) { 206static void parse_config_file(const char *cfgfile, int do_symlink) {
206 printf("Configuring symlinks in %s based on %s\n", arg_bindir, cfgfile); 207 if (do_symlink)
208 printf("Configuring symlinks in %s\n", arg_bindir);
209
210 printf("Parsing %s\n", cfgfile);
207 211
208 FILE *fp = fopen(cfgfile, "r"); 212 FILE *fp = fopen(cfgfile, "r");
209 if (!fp) { 213 if (!fp) {
@@ -246,11 +250,15 @@ static void set_links_firecfg(const char *cfgfile) {
246 continue; 250 continue;
247 } 251 }
248 252
253 // skip ignored programs
254 if (in_ignorelist(start)) {
255 printf(" %s ignored\n", start);
256 continue;
257 }
258
249 // set link 259 // set link
250 if (!in_ignorelist(start)) 260 if (do_symlink)
251 set_file(start, FIREJAIL_EXEC); 261 set_file(start, FIREJAIL_EXEC);
252 else
253 printf(" %s ignored\n", start);
254 } 262 }
255 263
256 fclose(fp); 264 fclose(fp);
@@ -258,7 +266,7 @@ static void set_links_firecfg(const char *cfgfile) {
258} 266}
259 267
260// parse all config files matching pattern 268// parse all config files matching pattern
261static void set_links_firecfg_glob(const char *pattern) { 269static void parse_config_glob(const char *pattern, int do_symlink) {
262 printf("Looking for config files in %s\n", pattern); 270 printf("Looking for config files in %s\n", pattern);
263 271
264 glob_t globbuf; 272 glob_t globbuf;
@@ -274,11 +282,23 @@ static void set_links_firecfg_glob(const char *pattern) {
274 282
275 size_t i; 283 size_t i;
276 for (i = 0; i < globbuf.gl_pathc; i++) 284 for (i = 0; i < globbuf.gl_pathc; i++)
277 set_links_firecfg(globbuf.gl_pathv[i]); 285 parse_config_file(globbuf.gl_pathv[i], do_symlink);
278out: 286out:
279 globfree(&globbuf); 287 globfree(&globbuf);
280} 288}
281 289
290// parse all config files
291// do_symlink 0 just builds the ignorelist, 1 creates the symlinks
292void parse_config_all(int do_symlink) {
293 if (done_config)
294 return;
295
296 parse_config_glob(FIRECFG_CONF_GLOB, do_symlink);
297 parse_config_file(FIRECFG_CFGFILE, do_symlink);
298
299 done_config = 1;
300}
301
282// parse ~/.config/firejail/ directory 302// parse ~/.config/firejail/ directory
283static void set_links_homedir(const char *homedir) { 303static void set_links_homedir(const char *homedir) {
284 assert(homedir); 304 assert(homedir);
@@ -314,17 +334,19 @@ static void set_links_homedir(const char *homedir) {
314 if (!exec) 334 if (!exec)
315 errExit("strdup"); 335 errExit("strdup");
316 char *ptr = strrchr(exec, '.'); 336 char *ptr = strrchr(exec, '.');
317 if (!ptr) { 337 if (!ptr)
318 free(exec); 338 goto next;
319 continue; 339 if (strcmp(ptr, ".profile") != 0)
320 } 340 goto next;
321 if (strcmp(ptr, ".profile") != 0) {
322 free(exec);
323 continue;
324 }
325 341
326 *ptr = '\0'; 342 *ptr = '\0';
343 if (in_ignorelist(exec)) {
344 printf(" %s ignored\n", exec);
345 goto next;
346 }
347
327 set_file(exec, FIREJAIL_EXEC); 348 set_file(exec, FIREJAIL_EXEC);
349next:
328 free(exec); 350 free(exec);
329 } 351 }
330 closedir(dir); 352 closedir(dir);
@@ -518,11 +540,8 @@ int main(int argc, char **argv) {
518 // clear all symlinks 540 // clear all symlinks
519 clean(); 541 clean();
520 542
521 // set new symlinks based on .conf files 543 // set new symlinks based on config files
522 set_links_firecfg_glob(FIRECFG_CONF_GLOB); 544 parse_config_all(1);
523
524 // set new symlinks based on firecfg.config
525 set_links_firecfg(FIRECFG_CFGFILE);
526 545
527 if (getuid() == 0) { 546 if (getuid() == 0) {
528 // add user to firejail access database - only for root 547 // add user to firejail access database - only for root
diff --git a/src/man/firecfg.1.in b/src/man/firecfg.1.in
index e43a573de..79802156c 100644
--- a/src/man/firecfg.1.in
+++ b/src/man/firecfg.1.in
@@ -168,7 +168,7 @@ Configuration file syntax:
168A line that starts with \fB#\fR is considered a comment. 168A line that starts with \fB#\fR is considered a comment.
169.br 169.br
170A line that starts with \fB!PROGRAM\fR means to ignore "PROGRAM" when creating 170A line that starts with \fB!PROGRAM\fR means to ignore "PROGRAM" when creating
171symlinks. 171symlinks and fixing .desktop files.
172.br 172.br
173A line that starts with anything else is considered to be the name of an 173A line that starts with anything else is considered to be the name of an
174executable and firecfg will attempt to create a symlink for it. 174executable and firecfg will attempt to create a symlink for it.
diff --git a/src/prog.mk b/src/prog.mk
index 7797f56b6..87e1806a8 100644
--- a/src/prog.mk
+++ b/src/prog.mk
@@ -13,7 +13,7 @@ OBJS := $(SRCS:.c=.o) $(EXTRA_OBJS)
13all: $(TARGET) 13all: $(TARGET)
14 14
15%.o : %.c $(HDRS) $(ROOT)/config.mk 15%.o : %.c $(HDRS) $(ROOT)/config.mk
16 $(CC) $(PROG_CFLAGS) $(CFLAGS) $(INCLUDE) -c $< -o $@ 16 $(CC) $(PROG_CFLAGS) $(CFLAGS) $(CPPFLAGS) -c $< -o $@
17 17
18$(PROG): $(OBJS) $(ROOT)/config.mk 18$(PROG): $(OBJS) $(ROOT)/config.mk
19 $(CC) $(PROG_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) 19 $(CC) $(PROG_LDFLAGS) $(LDFLAGS) -o $@ $(OBJS) $(LIBS)
diff --git a/src/so.mk b/src/so.mk
index ceee9021f..deb0a6175 100644
--- a/src/so.mk
+++ b/src/so.mk
@@ -13,7 +13,7 @@ OBJS := $(SRCS:.c=.o) $(EXTRA_OBJS)
13all: $(TARGET) 13all: $(TARGET)
14 14
15%.o : %.c $(HDRS) $(ROOT)/config.mk 15%.o : %.c $(HDRS) $(ROOT)/config.mk
16 $(CC) $(SO_CFLAGS) $(CFLAGS) $(INCLUDE) -c $< -o $@ 16 $(CC) $(SO_CFLAGS) $(CFLAGS) $(CPPFLAGS) -c $< -o $@
17 17
18$(SO): $(OBJS) $(ROOT)/config.mk 18$(SO): $(OBJS) $(ROOT)/config.mk
19 $(CC) $(SO_LDFLAGS) -shared $(LDFLAGS) -o $@ $(OBJS) -ldl 19 $(CC) $(SO_LDFLAGS) -shared $(LDFLAGS) -o $@ $(OBJS) -ldl
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-09-03 21:51:33 +0000