diff options
-rw-r--r-- | Makefile.in | 2 | ||||
-rwxr-xr-x | configure | 3 | ||||
-rw-r--r-- | configure.ac | 2 | ||||
-rwxr-xr-x | src/firecfg/firejail-welcome.sh | 11 | ||||
-rw-r--r-- | src/firecfg/main.c | 6 | ||||
-rw-r--r-- | src/fzenity/Makefile.in | 17 | ||||
-rw-r--r-- | src/fzenity/main.c | 176 |
7 files changed, 209 insertions, 8 deletions
diff --git a/Makefile.in b/Makefile.in index b73e996d9..945e30e84 100644 --- a/Makefile.in +++ b/Makefile.in | |||
@@ -27,7 +27,7 @@ COMPLETIONDIRS = src/zsh_completion src/bash_completion | |||
27 | all: all_items mydirs $(MAN_TARGET) filters | 27 | all: all_items mydirs $(MAN_TARGET) filters |
28 | APPS = src/firecfg/firecfg src/firejail/firejail src/firemon/firemon src/profstats/profstats src/jailcheck/jailcheck | 28 | APPS = src/firecfg/firecfg src/firejail/firejail src/firemon/firemon src/profstats/profstats src/jailcheck/jailcheck |
29 | SBOX_APPS = src/fbuilder/fbuilder src/ftee/ftee src/fids/fids | 29 | SBOX_APPS = src/fbuilder/fbuilder src/ftee/ftee src/fids/fids |
30 | SBOX_APPS_NON_DUMPABLE = src/fcopy/fcopy src/fldd/fldd src/fnet/fnet src/fnetfilter/fnetfilter | 30 | SBOX_APPS_NON_DUMPABLE = src/fcopy/fcopy src/fldd/fldd src/fnet/fnet src/fnetfilter/fnetfilter src/fzenity/fzenity |
31 | SBOX_APPS_NON_DUMPABLE += src/fsec-optimize/fsec-optimize src/fsec-print/fsec-print src/fseccomp/fseccomp | 31 | SBOX_APPS_NON_DUMPABLE += src/fsec-optimize/fsec-optimize src/fsec-print/fsec-print src/fseccomp/fseccomp |
32 | SBOX_APPS_NON_DUMPABLE += src/fnettrace/fnettrace src/fnettrace-dns/fnettrace-dns src/fnettrace-sni/fnettrace-sni | 32 | SBOX_APPS_NON_DUMPABLE += src/fnettrace/fnettrace src/fnettrace-dns/fnettrace-dns src/fnettrace-sni/fnettrace-sni |
33 | MYDIRS = src/lib $(MAN_SRC) $(COMPLETIONDIRS) | 33 | MYDIRS = src/lib $(MAN_SRC) $(COMPLETIONDIRS) |
@@ -4288,7 +4288,7 @@ fi | |||
4288 | 4288 | ||
4289 | ac_config_files="$ac_config_files mkdeb.sh" | 4289 | ac_config_files="$ac_config_files mkdeb.sh" |
4290 | 4290 | ||
4291 | ac_config_files="$ac_config_files Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile src/ftee/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile src/profstats/Makefile src/man/Makefile src/zsh_completion/Makefile src/bash_completion/Makefile test/Makefile src/jailcheck/Makefile src/fids/Makefile src/fnettrace/Makefile src/fnettrace-dns/Makefile src/fnettrace-sni/Makefile" | 4291 | ac_config_files="$ac_config_files Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile src/ftee/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile src/fzenity/Makefile src/profstats/Makefile src/man/Makefile src/zsh_completion/Makefile src/bash_completion/Makefile test/Makefile src/jailcheck/Makefile src/fids/Makefile src/fnettrace/Makefile src/fnettrace-dns/Makefile src/fnettrace-sni/Makefile" |
4292 | 4292 | ||
4293 | cat >confcache <<\_ACEOF | 4293 | cat >confcache <<\_ACEOF |
4294 | # This file is a shell script that caches the results of configure | 4294 | # This file is a shell script that caches the results of configure |
@@ -5016,6 +5016,7 @@ do | |||
5016 | "src/fldd/Makefile") CONFIG_FILES="$CONFIG_FILES src/fldd/Makefile" ;; | 5016 | "src/fldd/Makefile") CONFIG_FILES="$CONFIG_FILES src/fldd/Makefile" ;; |
5017 | "src/libpostexecseccomp/Makefile") CONFIG_FILES="$CONFIG_FILES src/libpostexecseccomp/Makefile" ;; | 5017 | "src/libpostexecseccomp/Makefile") CONFIG_FILES="$CONFIG_FILES src/libpostexecseccomp/Makefile" ;; |
5018 | "src/fsec-optimize/Makefile") CONFIG_FILES="$CONFIG_FILES src/fsec-optimize/Makefile" ;; | 5018 | "src/fsec-optimize/Makefile") CONFIG_FILES="$CONFIG_FILES src/fsec-optimize/Makefile" ;; |
5019 | "src/fzenity/Makefile") CONFIG_FILES="$CONFIG_FILES src/fzenity/Makefile" ;; | ||
5019 | "src/profstats/Makefile") CONFIG_FILES="$CONFIG_FILES src/profstats/Makefile" ;; | 5020 | "src/profstats/Makefile") CONFIG_FILES="$CONFIG_FILES src/profstats/Makefile" ;; |
5020 | "src/man/Makefile") CONFIG_FILES="$CONFIG_FILES src/man/Makefile" ;; | 5021 | "src/man/Makefile") CONFIG_FILES="$CONFIG_FILES src/man/Makefile" ;; |
5021 | "src/zsh_completion/Makefile") CONFIG_FILES="$CONFIG_FILES src/zsh_completion/Makefile" ;; | 5022 | "src/zsh_completion/Makefile") CONFIG_FILES="$CONFIG_FILES src/zsh_completion/Makefile" ;; |
diff --git a/configure.ac b/configure.ac index 071dea228..4066618e0 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -279,7 +279,7 @@ AC_CONFIG_FILES([mkdeb.sh], [chmod +x mkdeb.sh]) | |||
279 | AC_CONFIG_FILES([Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile \ | 279 | AC_CONFIG_FILES([Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile \ |
280 | src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile \ | 280 | src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile \ |
281 | src/ftee/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile \ | 281 | src/ftee/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile \ |
282 | src/profstats/Makefile src/man/Makefile src/zsh_completion/Makefile src/bash_completion/Makefile test/Makefile \ | 282 | src/fzenity/Makefile src/profstats/Makefile src/man/Makefile src/zsh_completion/Makefile src/bash_completion/Makefile test/Makefile \ |
283 | src/jailcheck/Makefile src/fids/Makefile src/fnettrace/Makefile src/fnettrace-dns/Makefile src/fnettrace-sni/Makefile]) | 283 | src/jailcheck/Makefile src/fids/Makefile src/fnettrace/Makefile src/fnettrace-dns/Makefile src/fnettrace-sni/Makefile]) |
284 | AC_OUTPUT | 284 | AC_OUTPUT |
285 | 285 | ||
diff --git a/src/firecfg/firejail-welcome.sh b/src/firecfg/firejail-welcome.sh index 7183b74e1..a7e74ebc3 100755 --- a/src/firecfg/firejail-welcome.sh +++ b/src/firecfg/firejail-welcome.sh | |||
@@ -36,12 +36,13 @@ enable_nonewprivs=false | |||
36 | read -r -d $'\0' MSG_INTRO <<EOM | 36 | read -r -d $'\0' MSG_INTRO <<EOM |
37 | <big><b>Welcome to Firejail!</b></big> | 37 | <big><b>Welcome to Firejail!</b></big> |
38 | 38 | ||
39 | This guide will walk you through some of the most common sandbox customizations. At the end of the | 39 | This guide will walk you through some of the most common sandbox customizations. |
40 | guide you'll have the option to save your changes in Firejail's global config file at | 40 | At the end of the guide you'll have the option to save your changes in Firejail's |
41 | <b>/etc/firejail/firejail.config</b>. A copy of the original file is stored as | 41 | global config file at <b>/etc/firejail/firejail.config</b>. A copy of the original file is saved |
42 | <b>/etc/firejal/firejail.config-</b>. | 42 | as <b>/etc/firejal/firejail.config-</b>. |
43 | 43 | ||
44 | Please note that running this script a second time can set new options, but does not clear options set in a previous run. | 44 | Please note that running this script a second time can set new options, but does |
45 | not clear options set in a previous run. | ||
45 | 46 | ||
46 | Press OK to continue, or close this window to stop the program. | 47 | Press OK to continue, or close this window to stop the program. |
47 | 48 | ||
diff --git a/src/firecfg/main.c b/src/firecfg/main.c index 0c81f69bd..07e30415b 100644 --- a/src/firecfg/main.c +++ b/src/firecfg/main.c | |||
@@ -444,8 +444,14 @@ int main(int argc, char **argv) { | |||
444 | 444 | ||
445 | if (arg_guide) { | 445 | if (arg_guide) { |
446 | char *cmd; | 446 | char *cmd; |
447 | if (arg_debug) { | ||
448 | if (asprintf(&cmd, "sudo %s/firejail/firejail-welcome.sh /usr/lib/firejail/fzenity %s %s", LIBDIR, SYSCONFDIR, user) == -1) | ||
449 | errExit("asprintf"); | ||
450 | } | ||
451 | else { | ||
447 | if (asprintf(&cmd, "sudo %s/firejail/firejail-welcome.sh /usr/bin/zenity %s %s", LIBDIR, SYSCONFDIR, user) == -1) | 452 | if (asprintf(&cmd, "sudo %s/firejail/firejail-welcome.sh /usr/bin/zenity %s %s", LIBDIR, SYSCONFDIR, user) == -1) |
448 | errExit("asprintf"); | 453 | errExit("asprintf"); |
454 | } | ||
449 | int status = system(cmd); | 455 | int status = system(cmd); |
450 | if (status == -1) { | 456 | if (status == -1) { |
451 | fprintf(stderr, "Error: cannot run firejail-welcome.sh\n"); | 457 | fprintf(stderr, "Error: cannot run firejail-welcome.sh\n"); |
diff --git a/src/fzenity/Makefile.in b/src/fzenity/Makefile.in new file mode 100644 index 000000000..d9f976165 --- /dev/null +++ b/src/fzenity/Makefile.in | |||
@@ -0,0 +1,17 @@ | |||
1 | .PHONY: all | ||
2 | all: fzenity | ||
3 | |||
4 | include ../common.mk | ||
5 | |||
6 | %.o : %.c $(H_FILE_LIST) ../include/common.h | ||
7 | $(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@ | ||
8 | |||
9 | fzenity: $(OBJS) | ||
10 | $(CC) $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS) | ||
11 | |||
12 | .PHONY: clean | ||
13 | clean:; rm -fr *.o fzenity *.gcov *.gcda *.gcno *.plist | ||
14 | |||
15 | .PHONY: distclean | ||
16 | distclean: clean | ||
17 | rm -fr Makefile | ||
diff --git a/src/fzenity/main.c b/src/fzenity/main.c new file mode 100644 index 000000000..4a0d3abac --- /dev/null +++ b/src/fzenity/main.c | |||
@@ -0,0 +1,176 @@ | |||
1 | #include "../include/common.h" | ||
2 | #include <sys/ioctl.h> | ||
3 | |||
4 | static char *arg_title = NULL; | ||
5 | static char *arg_text = NULL; | ||
6 | static int arg_info = 0; | ||
7 | static int arg_question = 0; | ||
8 | |||
9 | static inline void ansi_topleft(void) { | ||
10 | char str[] = {0x1b, '[', '1', ';', '1', 'H', '\0'}; | ||
11 | printf("%s", str); | ||
12 | fflush(0); | ||
13 | } | ||
14 | |||
15 | static inline void ansi_clrscr(void) { | ||
16 | ansi_topleft(); | ||
17 | char str[] = {0x1b, '[', '0', 'J', '\0'}; | ||
18 | printf("%s", str); | ||
19 | fflush(0); | ||
20 | } | ||
21 | |||
22 | char *remove_markup(char *in) { | ||
23 | char *out = malloc(strlen(in) + 1); | ||
24 | if (!out) | ||
25 | errExit("malloc"); | ||
26 | memset(out, 0, strlen(in) + 1); | ||
27 | |||
28 | char *ptr = in; | ||
29 | char *outptr = out; | ||
30 | while (*ptr != '\0') { | ||
31 | // skip <> markup | ||
32 | if (*ptr == '<') { | ||
33 | while (*ptr != '\0' && *ptr != '>') | ||
34 | ptr++; | ||
35 | if (*ptr == '\0') { | ||
36 | fprintf(stderr, "Error: invalid markup\n"); | ||
37 | exit(0); | ||
38 | } | ||
39 | ptr++; | ||
40 | } | ||
41 | // replace literal \n with char '\n' | ||
42 | else if (*ptr == '\\' && *(ptr + 1) == 'n') { | ||
43 | ptr += 2; | ||
44 | *outptr++ = '\n'; | ||
45 | continue; | ||
46 | } | ||
47 | // replace '/n' with ' ' | ||
48 | else if (*ptr == '\n') { | ||
49 | if (*(ptr + 1) == '\n') { | ||
50 | *outptr++ = '\n'; | ||
51 | *outptr++ = '\n'; | ||
52 | ptr += 2; | ||
53 | } | ||
54 | else { | ||
55 | *outptr++ = ' '; | ||
56 | ptr++; | ||
57 | } | ||
58 | } | ||
59 | else | ||
60 | *outptr++ = *ptr++; | ||
61 | } | ||
62 | |||
63 | return out; | ||
64 | } | ||
65 | |||
66 | char *print_line(char *in, int col) { | ||
67 | char *ptr = in; | ||
68 | int i = 0; | ||
69 | while (*ptr != '\n' && *ptr != '\0' && i < col) { | ||
70 | ptr++; | ||
71 | i++; | ||
72 | } | ||
73 | |||
74 | if (*ptr == '\n') { | ||
75 | *ptr++ = '\0'; | ||
76 | printf("%s\n", in); | ||
77 | return ptr++; | ||
78 | } | ||
79 | else if (i == col) { | ||
80 | while (*ptr != ' ' && ptr != in) | ||
81 | ptr--; | ||
82 | *ptr++ = '\0'; | ||
83 | printf("%s\n", in); | ||
84 | return ptr; | ||
85 | } | ||
86 | assert(0); | ||
87 | return NULL; | ||
88 | } | ||
89 | |||
90 | void paginate(char *in) { | ||
91 | struct winsize w; | ||
92 | int col = 80; | ||
93 | if (ioctl(0, TIOCGWINSZ, &w) == 0) | ||
94 | col = w.ws_col; | ||
95 | |||
96 | char *ptr = in; | ||
97 | while (*ptr != '\0') { | ||
98 | if (strlen(ptr) < col) { | ||
99 | printf("%s", ptr); | ||
100 | return; | ||
101 | } | ||
102 | ptr =print_line(ptr, col); | ||
103 | } | ||
104 | |||
105 | return; | ||
106 | } | ||
107 | |||
108 | static void info(void) { | ||
109 | ansi_clrscr(); | ||
110 | if (arg_text == NULL) { | ||
111 | fprintf(stderr, "Error: --text argument required\n"); | ||
112 | exit(1); | ||
113 | } | ||
114 | |||
115 | if (arg_title) | ||
116 | printf("%s\n\n", arg_title); | ||
117 | |||
118 | char *ptr = strstr(arg_text, "Press OK to continue"); | ||
119 | if (ptr) | ||
120 | *ptr = '\0'; | ||
121 | char *out = remove_markup(arg_text); | ||
122 | paginate(out); | ||
123 | free(out); | ||
124 | |||
125 | printf("\nContinue? (Y/N): "); | ||
126 | |||
127 | int c = getchar(); | ||
128 | if (c == 'y' || c == 'Y') | ||
129 | exit(0); | ||
130 | exit(1); | ||
131 | } | ||
132 | |||
133 | static void question(void) { | ||
134 | ansi_clrscr(); | ||
135 | if (arg_text == NULL) { | ||
136 | fprintf(stderr, "Error: --text argument required\n"); | ||
137 | exit(1); | ||
138 | } | ||
139 | |||
140 | if (arg_title) | ||
141 | printf("%s\n\n", arg_title); | ||
142 | |||
143 | char *ptr = strstr(arg_text, "Press OK to continue"); | ||
144 | if (ptr) | ||
145 | *ptr = '\0'; | ||
146 | char *out = remove_markup(arg_text); | ||
147 | paginate(out); | ||
148 | free(out); | ||
149 | |||
150 | printf("\n\n(Y/N): "); | ||
151 | |||
152 | int c = getchar(); | ||
153 | if (c == 'y' || c == 'Y') | ||
154 | exit(0); | ||
155 | exit(1); | ||
156 | } | ||
157 | |||
158 | int main(int argc, char **argv) { | ||
159 | int i; | ||
160 | for (i = 1; i < argc; i++) { | ||
161 | //printf("argv %d: #%s#\n", i, argv[i]); | ||
162 | if (strcmp(argv[i], "--info") == 0) | ||
163 | arg_info = 1; | ||
164 | else if (strcmp(argv[i], "--question") == 0) | ||
165 | arg_question = 1; | ||
166 | else if (strncmp(argv[i], "--text=", 7) == 0) | ||
167 | arg_text = argv[i] + 7; | ||
168 | } | ||
169 | |||
170 | if (arg_question) | ||
171 | question(); | ||
172 | else if (arg_info) | ||
173 | info(); | ||
174 | |||
175 | return 0; | ||
176 | } | ||