diff options
| -rw-r--r-- | src/firejail/main.c | 3 | ||||
| -rw-r--r-- | src/firejail/profile.c | 3 | ||||
| -rw-r--r-- | src/man/firejail.txt | 4 | ||||
| -rwxr-xr-x | test/fscheck-privatekeep.exp | 18 | ||||
| -rwxr-xr-x | test/invalid_filename.exp | 2 | ||||
| -rw-r--r-- | todo | 2 |
6 files changed, 12 insertions, 20 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index 7f6d3a1f8..37bf22cae 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
| @@ -798,8 +798,7 @@ int main(int argc, char **argv) { | |||
| 798 | fs_check_private_dir(); | 798 | fs_check_private_dir(); |
| 799 | arg_private = 1; | 799 | arg_private = 1; |
| 800 | } | 800 | } |
| 801 | else if ((strncmp(argv[i], "--private.keep=", 15) == 0) | 801 | else if (strncmp(argv[i], "--private-home=", 15) == 0) { |
| 802 | || (strncmp(argv[i], "--private-home=", 15) == 0)) { | ||
| 803 | if (cfg.home_private) { | 802 | if (cfg.home_private) { |
| 804 | fprintf(stderr, "Error: a private home directory was already defined with --private option.\n"); | 803 | fprintf(stderr, "Error: a private home directory was already defined with --private option.\n"); |
| 805 | exit(1); | 804 | exit(1); |
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 73407d9c0..caa43288b 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
| @@ -262,8 +262,7 @@ int profile_check_line(char *ptr, int lineno) { | |||
| 262 | } | 262 | } |
| 263 | 263 | ||
| 264 | // private home list of files and directories | 264 | // private home list of files and directories |
| 265 | if ((strncmp(ptr, "private.keep ", 13) == 0) | 265 | if (strncmp(ptr, "private-home ", 13) == 0) { |
| 266 | || (strncmp(ptr, "private-home ", 13) == 0)) { | ||
| 267 | cfg.home_private_keep = ptr + 13; | 266 | cfg.home_private_keep = ptr + 13; |
| 268 | fs_check_home_list(); | 267 | fs_check_home_list(); |
| 269 | arg_private = 1; | 268 | arg_private = 1; |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 2a0c9eb47..46129fdb2 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
| @@ -818,10 +818,6 @@ $ ls /bin | |||
| 818 | bash cat ls sed | 818 | bash cat ls sed |
| 819 | 819 | ||
| 820 | .TP | 820 | .TP |
| 821 | \fB\-\-private-keep=file,directory | ||
| 822 | This option is deprecated, use private-home instead | ||
| 823 | |||
| 824 | .TP | ||
| 825 | \fB\-\-private-home=file,directory | 821 | \fB\-\-private-home=file,directory |
| 826 | Build a new user home in a temporary | 822 | Build a new user home in a temporary |
| 827 | filesystem, and copy the files and directories in the list in the | 823 | filesystem, and copy the files and directories in the list in the |
diff --git a/test/fscheck-privatekeep.exp b/test/fscheck-privatekeep.exp index 513dcc37a..cda9408ed 100755 --- a/test/fscheck-privatekeep.exp +++ b/test/fscheck-privatekeep.exp | |||
| @@ -5,7 +5,7 @@ spawn $env(SHELL) | |||
| 5 | match_max 100000 | 5 | match_max 100000 |
| 6 | 6 | ||
| 7 | # dir | 7 | # dir |
| 8 | #send -- "firejail --net=br0 --private.keep=fscheck-dir\r" | 8 | #send -- "firejail --net=br0 --private-home=fscheck-dir\r" |
| 9 | #expect { | 9 | #expect { |
| 10 | # timeout {puts "TESTING ERROR 0\n";exit} | 10 | # timeout {puts "TESTING ERROR 0\n";exit} |
| 11 | # "Error" | 11 | # "Error" |
| @@ -13,7 +13,7 @@ match_max 100000 | |||
| 13 | #after 100 | 13 | #after 100 |
| 14 | 14 | ||
| 15 | # .. | 15 | # .. |
| 16 | send -- "firejail --net=br0 --private.keep=../test/fscheck-dir\r" | 16 | send -- "firejail --net=br0 --private-home=../test/fscheck-dir\r" |
| 17 | expect { | 17 | expect { |
| 18 | timeout {puts "TESTING ERROR 0.1\n";exit} | 18 | timeout {puts "TESTING ERROR 0.1\n";exit} |
| 19 | "Error" | 19 | "Error" |
| @@ -21,7 +21,7 @@ expect { | |||
| 21 | after 100 | 21 | after 100 |
| 22 | 22 | ||
| 23 | # dir link | 23 | # dir link |
| 24 | send -- "firejail --net=br0 --private.keep=fscheck-dir-link\r" | 24 | send -- "firejail --net=br0 --private-home=fscheck-dir-link\r" |
| 25 | expect { | 25 | expect { |
| 26 | timeout {puts "TESTING ERROR 1\n";exit} | 26 | timeout {puts "TESTING ERROR 1\n";exit} |
| 27 | "Error" | 27 | "Error" |
| @@ -29,7 +29,7 @@ expect { | |||
| 29 | after 100 | 29 | after 100 |
| 30 | 30 | ||
| 31 | # .. | 31 | # .. |
| 32 | send -- "firejail --net=br0 --private.keep=../test/fscheck-dir-link\r" | 32 | send -- "firejail --net=br0 --private-home=../test/fscheck-dir-link\r" |
| 33 | expect { | 33 | expect { |
| 34 | timeout {puts "TESTING ERROR 1.1\n";exit} | 34 | timeout {puts "TESTING ERROR 1.1\n";exit} |
| 35 | "Error" | 35 | "Error" |
| @@ -37,7 +37,7 @@ expect { | |||
| 37 | after 100 | 37 | after 100 |
| 38 | 38 | ||
| 39 | # file link | 39 | # file link |
| 40 | send -- "firejail --net=br0 --private.keep=fscheck-file-link\r" | 40 | send -- "firejail --net=br0 --private-home=fscheck-file-link\r" |
| 41 | expect { | 41 | expect { |
| 42 | timeout {puts "TESTING ERROR 2\n";exit} | 42 | timeout {puts "TESTING ERROR 2\n";exit} |
| 43 | "Error" | 43 | "Error" |
| @@ -45,7 +45,7 @@ expect { | |||
| 45 | after 100 | 45 | after 100 |
| 46 | 46 | ||
| 47 | # file | 47 | # file |
| 48 | #send -- "firejail --net=br0 --private.keep=fscheck-file\r" | 48 | #send -- "firejail --net=br0 --private-home=fscheck-file\r" |
| 49 | #expect { | 49 | #expect { |
| 50 | # timeout {puts "TESTING ERROR 2.1\n";exit} | 50 | # timeout {puts "TESTING ERROR 2.1\n";exit} |
| 51 | # "Error" | 51 | # "Error" |
| @@ -53,7 +53,7 @@ after 100 | |||
| 53 | #after 100 | 53 | #after 100 |
| 54 | 54 | ||
| 55 | # .. | 55 | # .. |
| 56 | send -- "firejail --net=br0 --private.keep=../test/fscheck-file\r" | 56 | send -- "firejail --net=br0 --private-home=../test/fscheck-file\r" |
| 57 | expect { | 57 | expect { |
| 58 | timeout {puts "TESTING ERROR 2.2\n";exit} | 58 | timeout {puts "TESTING ERROR 2.2\n";exit} |
| 59 | "Error" | 59 | "Error" |
| @@ -61,7 +61,7 @@ expect { | |||
| 61 | after 100 | 61 | after 100 |
| 62 | 62 | ||
| 63 | # no dir | 63 | # no dir |
| 64 | send -- "firejail --net=br0 --private.keep=../test/nodir\r" | 64 | send -- "firejail --net=br0 --private-home=../test/nodir\r" |
| 65 | expect { | 65 | expect { |
| 66 | timeout {puts "TESTING ERROR 3\n";exit} | 66 | timeout {puts "TESTING ERROR 3\n";exit} |
| 67 | "Error" | 67 | "Error" |
| @@ -69,7 +69,7 @@ expect { | |||
| 69 | after 100 | 69 | after 100 |
| 70 | 70 | ||
| 71 | # no file | 71 | # no file |
| 72 | send -- "firejail --net=br0 --private.keep=../test/nofile\r" | 72 | send -- "firejail --net=br0 --private-home=../test/nofile\r" |
| 73 | expect { | 73 | expect { |
| 74 | timeout {puts "TESTING ERROR 3.1\n";exit} | 74 | timeout {puts "TESTING ERROR 3.1\n";exit} |
| 75 | "Error" | 75 | "Error" |
diff --git a/test/invalid_filename.exp b/test/invalid_filename.exp index ca35262f8..93beff8a1 100755 --- a/test/invalid_filename.exp +++ b/test/invalid_filename.exp | |||
| @@ -10,7 +10,7 @@ | |||
| 10 | #--output - output.c | 10 | #--output - output.c |
| 11 | #--private - fs_home.c | 11 | #--private - fs_home.c |
| 12 | #--privte-bin (list) - fs_bin.c | 12 | #--privte-bin (list) - fs_bin.c |
| 13 | #--private-keep/--private-home (list) - fs_home.c | 13 | #--private-home (list) - fs_home.c |
| 14 | #--private-etc (list) - fs_etc.c | 14 | #--private-etc (list) - fs_etc.c |
| 15 | #--profile - main.c | 15 | #--profile - main.c |
| 16 | #--read_only - profile.c | 16 | #--read_only - profile.c |
| @@ -27,8 +27,6 @@ Warning: failed to unmount /sys | |||
| 27 | Child process initialized | 27 | Child process initialized |
| 28 | $ | 28 | $ |
| 29 | 29 | ||
| 30 | 3. Remove private.keep in 0.9.34 release (deprecated in 0.9.30) | ||
| 31 | |||
| 32 | 4. Remove exclude-token from profile include in 0.9.34 (deprecated in 0.9.30) | 30 | 4. Remove exclude-token from profile include in 0.9.34 (deprecated in 0.9.30) |
| 33 | 31 | ||
| 34 | 5. Add IRC clients: KVIrc (KDE), BitchX (CLI), Smuxi, Konversation (KDE), HexChat, Irssi (CLI), WeeChat (CLI) | 32 | 5. Add IRC clients: KVIrc (KDE), BitchX (CLI), Smuxi, Konversation (KDE), HexChat, Irssi (CLI), WeeChat (CLI) |