aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--Makefile.in21
-rw-r--r--RELNOTES1
-rwxr-xr-xconfigure3
-rw-r--r--configure.ac2
-rw-r--r--src/bash_completion/firecfg.bash_completion39
-rw-r--r--src/firecfg/Makefile.in38
-rw-r--r--src/firecfg/firecfg.config7
-rw-r--r--src/firecfg/main.c300
-rw-r--r--src/man/firecfg.txt70
-rw-r--r--src/man/firejail-config.txt1
-rw-r--r--src/man/firejail-login.txt1
-rw-r--r--src/man/firejail-profile.txt1
-rw-r--r--src/man/firejail.txt1
-rw-r--r--src/man/firemon.txt1
14 files changed, 480 insertions, 6 deletions
diff --git a/Makefile.in b/Makefile.in
index 90b238752..85df261aa 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1,6 +1,6 @@
1all: apps firejail.1 firemon.1 firejail-profile.5 firejail-login.5 firejail-config.5 1all: apps firejail.1 firemon.1 firecfg.1 firejail-profile.5 firejail-login.5 firejail-config.5
2MYLIBS = src/lib 2MYLIBS = src/lib
3APPS = src/firejail src/firemon src/libtrace src/libtracelog src/ftee 3APPS = src/firejail src/firemon src/firecfg src/libtrace src/libtracelog src/ftee
4 4
5prefix=@prefix@ 5prefix=@prefix@
6exec_prefix=@exec_prefix@ 6exec_prefix=@exec_prefix@
@@ -29,6 +29,8 @@ firemon.1: src/man/firemon.txt
29 ./mkman.sh $(VERSION) src/man/firemon.txt firemon.1 29 ./mkman.sh $(VERSION) src/man/firemon.txt firemon.1
30firejail.1: src/man/firejail.txt 30firejail.1: src/man/firejail.txt
31 ./mkman.sh $(VERSION) src/man/firejail.txt firejail.1 31 ./mkman.sh $(VERSION) src/man/firejail.txt firejail.1
32firecfg.1: src/man/firecfg.txt
33 ./mkman.sh $(VERSION) src/man/firecfg.txt firecfg.1
32firejail-profile.5: src/man/firejail-profile.txt 34firejail-profile.5: src/man/firejail-profile.txt
33 ./mkman.sh $(VERSION) src/man/firejail-profile.txt firejail-profile.5 35 ./mkman.sh $(VERSION) src/man/firejail-profile.txt firejail-profile.5
34firejail-login.5: src/man/firejail-login.txt 36firejail-login.5: src/man/firejail-login.txt
@@ -43,7 +45,7 @@ clean:
43 for dir in $(MYLIBS); do \ 45 for dir in $(MYLIBS); do \
44 $(MAKE) -C $$dir clean; \ 46 $(MAKE) -C $$dir clean; \
45 done 47 done
46 rm -f firejail.1 firejail.1.gz firemon.1 firemon.1.gz firejail-profile.5 firejail-profile.5.gz firejail-login.5 firejail-login.5.gz firejail-config.5 firejail-config.5.gz firejail*.rpm 48 rm -f firejail.1 firejail.1.gz firemon.1 firemon.1.gz firecfg.1 firecfg.gz firejail-profile.5 firejail-profile.5.gz firejail-login.5 firejail-login.5.gz firejail-config.5 firejail-config.5.gz firejail*.rpm
47 49
48distclean: clean 50distclean: clean
49 for dir in $(APPS); do \ 51 for dir in $(APPS); do \
@@ -61,12 +63,15 @@ realinstall:
61 chmod u+s $(DESTDIR)/$(bindir)/firejail 63 chmod u+s $(DESTDIR)/$(bindir)/firejail
62 # firemon executable 64 # firemon executable
63 install -c -m 0755 src/firemon/firemon $(DESTDIR)/$(bindir)/. 65 install -c -m 0755 src/firemon/firemon $(DESTDIR)/$(bindir)/.
66 # firecfg executable
67 install -c -m 0755 src/firecfg/firecfg $(DESTDIR)/$(bindir)/.
64 # libraries and plugins 68 # libraries and plugins
65 install -m 0755 -d $(DESTDIR)/$(libdir)/firejail 69 install -m 0755 -d $(DESTDIR)/$(libdir)/firejail
66 install -c -m 0644 src/libtrace/libtrace.so $(DESTDIR)/$(libdir)/firejail/. 70 install -c -m 0644 src/libtrace/libtrace.so $(DESTDIR)/$(libdir)/firejail/.
67 install -c -m 0644 src/libtracelog/libtracelog.so $(DESTDIR)/$(libdir)/firejail/. 71 install -c -m 0644 src/libtracelog/libtracelog.so $(DESTDIR)/$(libdir)/firejail/.
68 install -c -m 0755 src/ftee/ftee $(DESTDIR)/$(libdir)/firejail/. 72 install -c -m 0755 src/ftee/ftee $(DESTDIR)/$(libdir)/firejail/.
69 install -c -m 0755 src/fshaper/fshaper.sh $(DESTDIR)/$(libdir)/firejail/. 73 install -c -m 0755 src/fshaper/fshaper.sh $(DESTDIR)/$(libdir)/firejail/.
74 install -c -m 0644 src/firecfg/firecfg.config $(DESTDIR)/$(libdir)/firejail/.
70 # documents 75 # documents
71 install -m 0755 -d $(DESTDIR)/$(DOCDIR) 76 install -m 0755 -d $(DESTDIR)/$(DOCDIR)
72 install -c -m 0644 COPYING $(DESTDIR)/$(DOCDIR)/. 77 install -c -m 0644 COPYING $(DESTDIR)/$(DOCDIR)/.
@@ -159,6 +164,8 @@ realinstall:
159 gzip -9n firejail.1 164 gzip -9n firejail.1
160 rm -f firemon.1.gz 165 rm -f firemon.1.gz
161 gzip -9n firemon.1 166 gzip -9n firemon.1
167 rm -f firecfg.1.gz
168 gzip -9n firecfg.1
162 rm -f firejail-profile.5.gz 169 rm -f firejail-profile.5.gz
163 gzip -9n firejail-profile.5 170 gzip -9n firejail-profile.5
164 rm -f firejail-login.5.gz 171 rm -f firejail-login.5.gz
@@ -168,15 +175,17 @@ realinstall:
168 install -m 0755 -d $(DESTDIR)/$(mandir)/man1 175 install -m 0755 -d $(DESTDIR)/$(mandir)/man1
169 install -c -m 0644 firejail.1.gz $(DESTDIR)/$(mandir)/man1/. 176 install -c -m 0644 firejail.1.gz $(DESTDIR)/$(mandir)/man1/.
170 install -c -m 0644 firemon.1.gz $(DESTDIR)/$(mandir)/man1/. 177 install -c -m 0644 firemon.1.gz $(DESTDIR)/$(mandir)/man1/.
178 install -c -m 0644 firecfg.1.gz $(DESTDIR)/$(mandir)/man1/.
171 install -m 0755 -d $(DESTDIR)/$(mandir)/man5 179 install -m 0755 -d $(DESTDIR)/$(mandir)/man5
172 install -c -m 0644 firejail-profile.5.gz $(DESTDIR)/$(mandir)/man5/. 180 install -c -m 0644 firejail-profile.5.gz $(DESTDIR)/$(mandir)/man5/.
173 install -c -m 0644 firejail-login.5.gz $(DESTDIR)/$(mandir)/man5/. 181 install -c -m 0644 firejail-login.5.gz $(DESTDIR)/$(mandir)/man5/.
174 install -c -m 0644 firejail-config.5.gz $(DESTDIR)/$(mandir)/man5/. 182 install -c -m 0644 firejail-config.5.gz $(DESTDIR)/$(mandir)/man5/.
175 rm -f firejail.1.gz firemon.1.gz firejail-profile.5.gz firejail-login.5.gz firejail-config.5.gz 183 rm -f firejail.1.gz firemon.1.gz firecfg.1.gz firejail-profile.5.gz firejail-login.5.gz firejail-config.5.gz
176 # bash completion 184 # bash completion
177 install -m 0755 -d $(DESTDIR)/$(datarootdir)/bash-completion/completions 185 install -m 0755 -d $(DESTDIR)/$(datarootdir)/bash-completion/completions
178 install -c -m 0644 src/bash_completion/firejail.bash_completion $(DESTDIR)/$(datarootdir)/bash-completion/completions/firejail 186 install -c -m 0644 src/bash_completion/firejail.bash_completion $(DESTDIR)/$(datarootdir)/bash-completion/completions/firejail
179 install -c -m 0644 src/bash_completion/firemon.bash_completion $(DESTDIR)/$(datarootdir)/bash-completion/completions/firemon 187 install -c -m 0644 src/bash_completion/firemon.bash_completion $(DESTDIR)/$(datarootdir)/bash-completion/completions/firemon
188 install -c -m 0644 src/bash_completion/firecfg.bash_completion $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg
180 189
181 190
182install: all 191install: all
@@ -185,6 +194,7 @@ install: all
185install-strip: all 194install-strip: all
186 strip src/firejail/firejail 195 strip src/firejail/firejail
187 strip src/firemon/firemon 196 strip src/firemon/firemon
197 strip src/firecfg/firecfg
188 strip src/libtrace/libtrace.so 198 strip src/libtrace/libtrace.so
189 strip src/libtracelog/libtracelog.so 199 strip src/libtracelog/libtracelog.so
190 strip src/ftee/ftee 200 strip src/ftee/ftee
@@ -193,15 +203,18 @@ install-strip: all
193uninstall: 203uninstall:
194 rm -f $(DESTDIR)/$(bindir)/firejail 204 rm -f $(DESTDIR)/$(bindir)/firejail
195 rm -f $(DESTDIR)/$(bindir)/firemon 205 rm -f $(DESTDIR)/$(bindir)/firemon
206 rm -f $(DESTDIR)/$(bindir)/firecfg
196 rm -fr $(DESTDIR)/$(libdir)/firejail 207 rm -fr $(DESTDIR)/$(libdir)/firejail
197 rm -fr $(DESTDIR)/$(datarootdir)/doc/firejail 208 rm -fr $(DESTDIR)/$(datarootdir)/doc/firejail
198 rm -f $(DESTDIR)/$(mandir)/man1/firejail.1* 209 rm -f $(DESTDIR)/$(mandir)/man1/firejail.1*
199 rm -f $(DESTDIR)/$(mandir)/man1/firemon.1* 210 rm -f $(DESTDIR)/$(mandir)/man1/firemon.1*
211 rm -f $(DESTDIR)/$(mandir)/man1/firecfg.1*
200 rm -f $(DESTDIR)/$(mandir)/man5/firejail-profile.5* 212 rm -f $(DESTDIR)/$(mandir)/man5/firejail-profile.5*
201 rm -f $(DESTDIR)/$(mandir)/man5/firejail-login.5* 213 rm -f $(DESTDIR)/$(mandir)/man5/firejail-login.5*
202 rm -f $(DESTDIR)/$(mandir)/man5/firejail-config.5* 214 rm -f $(DESTDIR)/$(mandir)/man5/firejail-config.5*
203 rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firejail 215 rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firejail
204 rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firemon 216 rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firemon
217 rm -f $(DESTDIR)/$(datarootdir)/bash-completion/completions/firecfg
205 218
206dist: 219dist:
207 make distclean 220 make distclean
diff --git a/RELNOTES b/RELNOTES
index 03261ddf7..754866813 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -8,6 +8,7 @@ firejail (0.9.39) baseline; urgency=low
8 * --version also prints compile options 8 * --version also prints compile options
9 * added compile-time option to restrict --net= to root only 9 * added compile-time option to restrict --net= to root only
10 * run time config support, man firejail-config 10 * run time config support, man firejail-config
11 * added firecfg utility
11 * build rpm packages using "make rpms" 12 * build rpm packages using "make rpms"
12 * new profiles: lxterminal, Epiphany, cherrytree, Polari, Vivaldi, Atril 13 * new profiles: lxterminal, Epiphany, cherrytree, Polari, Vivaldi, Atril
13 * new profiles: qutebrowser, SlimJet 14 * new profiles: qutebrowser, SlimJet
diff --git a/configure b/configure
index 937ab8445..703df1b7d 100755
--- a/configure
+++ b/configure
@@ -3640,7 +3640,7 @@ if test "$prefix" = /usr; then
3640 sysconfdir="/etc" 3640 sysconfdir="/etc"
3641fi 3641fi
3642 3642
3643ac_config_files="$ac_config_files Makefile src/lib/Makefile src/firejail/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/ftee/Makefile" 3643ac_config_files="$ac_config_files Makefile src/lib/Makefile src/firejail/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/ftee/Makefile"
3644 3644
3645cat >confcache <<\_ACEOF 3645cat >confcache <<\_ACEOF
3646# This file is a shell script that caches the results of configure 3646# This file is a shell script that caches the results of configure
@@ -4355,6 +4355,7 @@ do
4355 "src/firemon/Makefile") CONFIG_FILES="$CONFIG_FILES src/firemon/Makefile" ;; 4355 "src/firemon/Makefile") CONFIG_FILES="$CONFIG_FILES src/firemon/Makefile" ;;
4356 "src/libtrace/Makefile") CONFIG_FILES="$CONFIG_FILES src/libtrace/Makefile" ;; 4356 "src/libtrace/Makefile") CONFIG_FILES="$CONFIG_FILES src/libtrace/Makefile" ;;
4357 "src/libtracelog/Makefile") CONFIG_FILES="$CONFIG_FILES src/libtracelog/Makefile" ;; 4357 "src/libtracelog/Makefile") CONFIG_FILES="$CONFIG_FILES src/libtracelog/Makefile" ;;
4358 "src/firecfg/Makefile") CONFIG_FILES="$CONFIG_FILES src/firecfg/Makefile" ;;
4358 "src/ftee/Makefile") CONFIG_FILES="$CONFIG_FILES src/ftee/Makefile" ;; 4359 "src/ftee/Makefile") CONFIG_FILES="$CONFIG_FILES src/ftee/Makefile" ;;
4359 4360
4360 *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; 4361 *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
diff --git a/configure.ac b/configure.ac
index c59f5a28b..c2beb0cc1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -90,7 +90,7 @@ if test "$prefix" = /usr; then
90 sysconfdir="/etc" 90 sysconfdir="/etc"
91fi 91fi
92 92
93AC_OUTPUT(Makefile src/lib/Makefile src/firejail/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/ftee/Makefile) 93AC_OUTPUT(Makefile src/lib/Makefile src/firejail/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/ftee/Makefile)
94 94
95echo 95echo
96echo "Configuration options:" 96echo "Configuration options:"
diff --git a/src/bash_completion/firecfg.bash_completion b/src/bash_completion/firecfg.bash_completion
new file mode 100644
index 000000000..79b74e49d
--- /dev/null
+++ b/src/bash_completion/firecfg.bash_completion
@@ -0,0 +1,39 @@
1# bash completion for firecfg -*- shell-script -*-
2#********************************************************************
3# Script based on completions/configure script in bash-completion package in
4# Debian. The original package is release under GPL v2 license, the webpage is
5# http://bash-completion.alioth.debian.org
6#*******************************************************************
7
8_firecfg()
9{
10 local cur prev words cword split
11 _init_completion -s || return
12
13 case $prev in
14 --help|--version)
15 return
16 ;;
17 esac
18
19 $split && return 0
20
21 # if $COMP_CONFIGURE_HINTS is not null, then completions of the form
22 # --option=SETTING will include 'SETTING' as a contextual hint
23 [[ "$cur" != -* ]] && return 0
24
25 if [[ -n $COMP_CONFIGURE_HINTS ]]; then
26 COMPREPLY=( $( compgen -W "$( $1 --help 2>&1 | \
27 awk '/^ --[A-Za-z]/ { print $1; \
28 if ($2 ~ /--[A-Za-z]/) print $2 }' | sed -e 's/[[,].*//g' )" \
29 -- "$cur" ) )
30 [[ $COMPREPLY == *=* ]] && compopt -o nospace
31 else
32 COMPREPLY=( $( compgen -W '$( _parse_help "$1" )' -- "$cur" ) )
33 [[ $COMPREPLY == *= ]] && compopt -o nospace
34 fi
35} &&
36complete -F _firecfg firecfg
37
38
39
diff --git a/src/firecfg/Makefile.in b/src/firecfg/Makefile.in
new file mode 100644
index 000000000..11f8b1e8d
--- /dev/null
+++ b/src/firecfg/Makefile.in
@@ -0,0 +1,38 @@
1all: firecfg
2
3prefix=@prefix@
4exec_prefix=@exec_prefix@
5libdir=@libdir@
6sysconfdir=@sysconfdir@
7
8VERSION=@PACKAGE_VERSION@
9NAME=@PACKAGE_NAME@
10HAVE_SECCOMP_H=@HAVE_SECCOMP_H@
11HAVE_SECCOMP=@HAVE_SECCOMP@
12HAVE_CHROOT=@HAVE_CHROOT@
13HAVE_BIND=@HAVE_BIND@
14HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@
15HAVE_NETWORK=@HAVE_NETWORK@
16HAVE_USERNS=@HAVE_USERNS@
17HAVE_X11=@HAVE_X11@
18HAVE_FILE_TRANSFER=@HAVE_FILE_TRANSFER@
19
20
21H_FILE_LIST = $(sort $(wildcard *.[h]))
22C_FILE_LIST = $(sort $(wildcard *.c))
23OBJS = $(C_FILE_LIST:.c=.o)
24BINOBJS = $(foreach file, $(OBJS), $file)
25CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_SECCOMP) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) $(HAVE_FILE_TRANSFER) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security
26LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
27
28%.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/libnetlink.h ../include/pid.h
29 $(CC) $(CFLAGS) $(INCLUDE) -c $< -o $@
30
31firecfg: $(OBJS) ../lib/common.o
32 $(CC) $(LDFLAGS) -o $@ $(OBJS) ../lib/common.o $(LIBS)
33
34clean:; rm -f *.o firecfg firecfg.1 firecfg.1.gz
35
36distclean: clean
37 rm -fr Makefile
38
diff --git a/src/firecfg/firecfg.config b/src/firecfg/firecfg.config
new file mode 100644
index 000000000..fb996966f
--- /dev/null
+++ b/src/firecfg/firecfg.config
@@ -0,0 +1,7 @@
1# /etc/firejail/firecfg.config - firecfg utility configuration file
2# This is the list of programs handled by firecfg utility
3#
4firefox
5iceweasel
6thunderbird
7vlc
diff --git a/src/firecfg/main.c b/src/firecfg/main.c
new file mode 100644
index 000000000..7465f2d3e
--- /dev/null
+++ b/src/firecfg/main.c
@@ -0,0 +1,300 @@
1/*
2 * Copyright (C) 2014-2016 netblue30 (netblue30@yahoo.com)
3 *
4 * This file is part of firejail project
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License along
17 * with this program; if not, write to the Free Software Foundation, Inc.,
18 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
19*/
20
21#include <sys/types.h>
22#include <dirent.h>
23#include <sys/types.h>
24#include <sys/stat.h>
25#include <unistd.h>
26#include "../include/common.h"
27
28static void usage(void) {
29 printf("firecfg - version %s\n\n", VERSION);
30 printf("Firecfg is the desktop configuration utility for Firejail software. The utility\n");
31 printf("creates several symbolic links to firejail executable. This allows the user to\n");
32 printf("sandbox applications automatically, just by clicking on a regular desktop\n");
33 printf("menues and icons.\n\n");
34 printf("The symbolic links are placed in /usr/local/bin. For more information, see\n");
35 printf("DESKTOP INTEGRATION section in man 1 firejail.\n\n");
36 printf("Usage: firecfg [OPTIONS]\n\n");
37 printf(" --clear - clear all firejail symbolic links\n\n");
38 printf(" --help, -? - this help screen.\n\n");
39 printf(" --list - list all firejail symbolic links\n\n");
40 printf(" --version - print program version and exit.\n\n");
41 printf("Example:\n\n");
42 printf(" $ sudo firecfg\n");
43 printf(" /usr/local/bin/firefox created\n");
44 printf(" /usr/local/bin/vlc created\n");
45 printf(" [...]\n");
46 printf(" $ firecfg --list\n");
47 printf(" /usr/local/bin/firefox\n");
48 printf(" /usr/local/bin/vlc\n");
49 printf(" [...]\n");
50 printf(" $ sudo firecfg --clear\n");
51 printf(" /usr/local/bin/firefox removed\n");
52 printf(" /usr/local/bin/vlc removed\n");
53 printf(" [...]\n");
54 printf("\n");
55 printf("License GPL version 2 or later\n");
56 printf("Homepage: http://firejail.wordpress.com\n\n");
57}
58
59// return 1 if the program is found
60static int find(const char *program, const char *directory) {
61 int retval = 0;
62
63 char *fname;
64 if (asprintf(&fname, "/%s/%s", directory, program) == -1)
65 errExit("asprintf");
66
67 struct stat s;
68 if (stat(fname, &s) == 0)
69 retval = 1;
70
71 free(fname);
72 return retval;
73}
74
75
76// return 1 if program is installed on the system
77static int which(const char *program) {
78 // check some well-known paths
79 if (find(program, "/bin") || find(program, "/usr/bin") ||
80 find(program, "/sbin") || find(program, "/usr/sbin"))
81 return 1;
82
83 // check environment
84 char *path1 = getenv("PATH");
85 if (path1) {
86 char *path2 = strdup(path1);
87 if (!path2)
88 errExit("strdup");
89
90 // use path2 to count the entries
91 char *ptr = strtok(path2, ":");
92 while (ptr) {
93 if (find(program, ptr)) {
94 free(path2);
95 return 1;
96 }
97 ptr = strtok(NULL, ":");
98 }
99 free(path2);
100 }
101
102 return 0;
103}
104
105// return 1 if the file is a link
106static int is_link(const char *fname) {
107 assert(fname);
108 if (*fname == '\0')
109 return 0;
110
111 struct stat s;
112 if (lstat(fname, &s) == 0) {
113 if (S_ISLNK(s.st_mode))
114 return 1;
115 }
116
117 return 0;
118}
119
120static void list(void) {
121 DIR *dir = opendir("/usr/local/bin");
122 if (!dir) {
123 fprintf(stderr, "Error: cannot open /usr/local/bin directory\n");
124 exit(1);
125 }
126
127 char *firejail_exec;
128 if (asprintf(&firejail_exec, "%s/bin/firejail", PREFIX) == -1)
129 errExit("asprintf");
130
131 struct dirent *entry;
132 while ((entry = readdir(dir)) != NULL) {
133 if (strcmp(entry->d_name, ".") == 0 || strcmp(entry->d_name, "..") == 0)
134 continue;
135
136 char *fullname;
137 if (asprintf(&fullname, "/usr/local/bin/%s", entry->d_name) == -1)
138 errExit("asprintf");
139
140 if (is_link(fullname)) {
141 char* fname = realpath(fullname, NULL);
142 if (fname) {
143 if (strcmp(fname, firejail_exec) == 0)
144 printf("%s\n", fullname);
145 free(fname);
146 }
147 }
148 free(fullname);
149 }
150
151 closedir(dir);
152 free(firejail_exec);
153}
154
155static void clear(void) {
156 if (getuid() != 0) {
157 fprintf(stderr, "Error: you need to be root to run this command\n");
158 exit(1);
159 }
160
161 DIR *dir = opendir("/usr/local/bin");
162 if (!dir) {
163 fprintf(stderr, "Error: cannot open /usr/local/bin directory\n");
164 exit(1);
165 }
166
167 char *firejail_exec;
168 if (asprintf(&firejail_exec, "%s/bin/firejail", PREFIX) == -1)
169 errExit("asprintf");
170
171 struct dirent *entry;
172 while ((entry = readdir(dir)) != NULL) {
173 if (strcmp(entry->d_name, ".") == 0 || strcmp(entry->d_name, "..") == 0)
174 continue;
175
176 char *fullname;
177 if (asprintf(&fullname, "/usr/local/bin/%s", entry->d_name) == -1)
178 errExit("asprintf");
179
180 if (is_link(fullname)) {
181 char* fname = realpath(fullname, NULL);
182 if (fname) {
183 if (strcmp(fname, firejail_exec) == 0) {
184 printf("%s removed\n", fullname);
185 unlink(fullname);
186 }
187 free(fname);
188 }
189 }
190 free(fullname);
191 }
192
193 closedir(dir);
194 free(firejail_exec);
195}
196
197static void set_file(const char *name, const char *firejail_exec) {
198 if (which(name) == 0)
199 return;
200
201 char *fname;
202 if (asprintf(&fname, "/usr/local/bin/%s", name) == -1)
203 errExit("asprintf");
204
205 struct stat s;
206 if (stat(fname, &s) == 0)
207 ; //printf("%s already present\n", fname);
208 else {
209 int rv = symlink(firejail_exec, fname);
210 if (rv) {
211 fprintf(stderr, "Error: cannot create %s symbolic link\n", fname);
212 perror("symlink");
213 }
214 else
215 printf("%s created\n", fname);
216 }
217
218 free(fname);
219}
220
221#define MAX_BUF 1024
222static void set(void) {
223 if (getuid() != 0) {
224 fprintf(stderr, "Error: you need to be root to run this command\n");
225 exit(1);
226 }
227
228 char *cfgfile;
229 if (asprintf(&cfgfile, "%s/firejail/firecfg.config", LIBDIR) == -1)
230 errExit("asprintf");
231
232 char *firejail_exec;
233 if (asprintf(&firejail_exec, "%s/bin/firejail", PREFIX) == -1)
234 errExit("asprintf");
235
236 FILE *fp = fopen(cfgfile, "r");
237 if (!fp) {
238 fprintf(stderr, "Error: cannot open %s\n", cfgfile);
239 exit(1);
240 }
241
242 char buf[MAX_BUF];
243 int lineno = 0;
244 while (fgets(buf, MAX_BUF,fp)) {
245 lineno++;
246 if (*buf == '#') // comments
247 continue;
248
249 // remove \n
250 char *ptr = strchr(buf, '\n');
251 if (ptr)
252 *ptr = '\0';
253
254 // do not accept .. and/or / in file name
255 if (strstr(buf, "..") || strchr(buf, '/')) {
256 fprintf(stderr, "Error: invalid line %d in %s\n", lineno, cfgfile);
257 exit(1);
258 }
259
260 set_file(buf, firejail_exec);
261 }
262
263 free(cfgfile);
264 free(firejail_exec);
265}
266
267int main(int argc, char **argv) {
268 int i;
269
270 for (i = 1; i < argc; i++) {
271 // default options
272 if (strcmp(argv[i], "--help") == 0 ||
273 strcmp(argv[i], "-?") == 0) {
274 usage();
275 return 0;
276 }
277 else if (strcmp(argv[i], "--version") == 0) {
278 printf("firecfg version %s\n\n", VERSION);
279 return 0;
280 }
281 else if (strcmp(argv[i], "--clear") == 0) {
282 clear();
283 return 0;
284 }
285 else if (strcmp(argv[i], "--list") == 0) {
286 list();
287 return 0;
288 }
289 else {
290 fprintf(stderr, "Error: invalid command line option\n");
291 usage();
292 return 1;
293 }
294 }
295
296 set();
297
298 return 0;
299}
300
diff --git a/src/man/firecfg.txt b/src/man/firecfg.txt
new file mode 100644
index 000000000..7d95892a4
--- /dev/null
+++ b/src/man/firecfg.txt
@@ -0,0 +1,70 @@
1.TH FIREMON 1 "MONTH YEAR" "VERSION" "firecfg man page"
2.SH NAME
3Firecfg \- Desktop configuration program for Firejail software.
4.SH SYNOPSIS
5firecfg [OPTIONS]
6.SH DESCRIPTION
7Firecfg is the desktop configuration utility for Firejail software. The utility
8creates several symbolic links to firejail executable. This allows the user to
9sandbox applications automatically, just by clicking on a regular desktop
10menues and icons.
11
12The symbolic links are placed in /usr/local/bin. For more information, see
13DESKTOP INTEGRATION section in man 1 firejail.
14
15.SH OPTIONS
16.TP
17\fB\-\-clear
18Clear all firejail symbolic links
19.TP
20\fB\-?\fR, \fB\-\-help\fR
21Print options end exit.
22.TP
23\fB\-\-list
24List all firejail symbolic links
25.TP
26\fB\-\-version
27Print program version and exit.
28
29
30.PP
31Example:
32.br
33
34.br
35$ sudo firecfg
36.br
37/usr/local/bin/firefox created
38.br
39/usr/local/bin/vlc created
40.br
41[...]
42.br
43$ firecfg --list
44.br
45/usr/local/bin/firefox
46.br
47/usr/local/bin/vlc
48.br
49[...]
50.br
51$ sudo firecfg --clear
52.br
53/usr/local/bin/firefox removed
54.br
55/usr/local/bin/vlc removed
56.br
57[...]
58
59.SH LICENSE
60This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
61.PP
62Homepage: http://firejail.wordpress.com
63.SH SEE ALSO
64\&\flfirejail\fR\|(1),
65\&\flfiremon\fR\|(1),
66\&\flfirejail-profile\fR\|(5),
67\&\flfirejail-login\fR\|(5)
68\&\flfirejail-config\fR\|(5)
69
70
diff --git a/src/man/firejail-config.txt b/src/man/firejail-config.txt
index 55c35181a..687aedf59 100644
--- a/src/man/firejail-config.txt
+++ b/src/man/firejail-config.txt
@@ -58,6 +58,7 @@ Homepage: http://firejail.wordpress.com
58.SH SEE ALSO 58.SH SEE ALSO
59\&\flfirejail\fR\|(1), 59\&\flfirejail\fR\|(1),
60\&\flfiremon\fR\|(1), 60\&\flfiremon\fR\|(1),
61\&\flfirecfg\fR\|(1),
61\&\flfirejail-profile\fR\|(5) 62\&\flfirejail-profile\fR\|(5)
62\&\flfirejail-login\fR\|(5) 63\&\flfirejail-login\fR\|(5)
63 64
diff --git a/src/man/firejail-login.txt b/src/man/firejail-login.txt
index 13d045ee4..2825ca4cf 100644
--- a/src/man/firejail-login.txt
+++ b/src/man/firejail-login.txt
@@ -32,6 +32,7 @@ Homepage: http://firejail.wordpress.com
32.SH SEE ALSO 32.SH SEE ALSO
33\&\flfirejail\fR\|(1), 33\&\flfirejail\fR\|(1),
34\&\flfiremon\fR\|(1), 34\&\flfiremon\fR\|(1),
35\&\flfirecfg\fR\|(1),
35\&\flfirejail-profile\fR\|(5) 36\&\flfirejail-profile\fR\|(5)
36\&\flfirejail-config\fR\|(5) 37\&\flfirejail-config\fR\|(5)
37 38
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index 82a0d2503..b135ee615 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -351,6 +351,7 @@ Homepage: http://firejail.wordpress.com
351.SH SEE ALSO 351.SH SEE ALSO
352\&\flfirejail\fR\|(1), 352\&\flfirejail\fR\|(1),
353\&\flfiremon\fR\|(1), 353\&\flfiremon\fR\|(1),
354\&\flfirecfg\fR\|(1),
354\&\flfirejail-login\fR\|(5) 355\&\flfirejail-login\fR\|(5)
355\&\flfirejail-config\fR\|(5) 356\&\flfirejail-config\fR\|(5)
356 357
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index 99a9429c7..806a68c3c 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -1838,6 +1838,7 @@ This program is free software; you can redistribute it and/or modify it under th
1838Homepage: http://firejail.wordpress.com 1838Homepage: http://firejail.wordpress.com
1839.SH SEE ALSO 1839.SH SEE ALSO
1840\&\flfiremon\fR\|(1), 1840\&\flfiremon\fR\|(1),
1841\&\flfirecfg\fR\|(1),
1841\&\flfirejail-profile\fR\|(5), 1842\&\flfirejail-profile\fR\|(5),
1842\&\flfirejail-login\fR\|(5) 1843\&\flfirejail-login\fR\|(5)
1843\&\flfirejail-config\fR\|(5) 1844\&\flfirejail-config\fR\|(5)
diff --git a/src/man/firemon.txt b/src/man/firemon.txt
index 78a6dd5ea..906b5cd9a 100644
--- a/src/man/firemon.txt
+++ b/src/man/firemon.txt
@@ -105,6 +105,7 @@ This program is free software; you can redistribute it and/or modify it under th
105Homepage: http://firejail.wordpress.com 105Homepage: http://firejail.wordpress.com
106.SH SEE ALSO 106.SH SEE ALSO
107\&\flfirejail\fR\|(1), 107\&\flfirejail\fR\|(1),
108\&\flfirecfg\fR\|(1),
108\&\flfirejail-profile\fR\|(5), 109\&\flfirejail-profile\fR\|(5),
109\&\flfirejail-login\fR\|(5) 110\&\flfirejail-login\fR\|(5)
110\&\flfirejail-config\fR\|(5) 111\&\flfirejail-config\fR\|(5)
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-02 17:35:39 +0000