diff options
-rw-r--r-- | src/include/rundefs.h | 144 |
1 files changed, 72 insertions, 72 deletions
diff --git a/src/include/rundefs.h b/src/include/rundefs.h index 67c693dce..6cc931faf 100644 --- a/src/include/rundefs.h +++ b/src/include/rundefs.h | |||
@@ -21,82 +21,82 @@ | |||
21 | #ifndef RUNDEFS_H | 21 | #ifndef RUNDEFS_H |
22 | #define RUNDEFS_H | 22 | #define RUNDEFS_H |
23 | // filesystem | 23 | // filesystem |
24 | #define RUN_FIREJAIL_BASEDIR "/run" | 24 | #define RUN_FIREJAIL_BASEDIR "/run" |
25 | #define RUN_FIREJAIL_DIR "/run/firejail" | 25 | #define RUN_FIREJAIL_DIR RUN_FIREJAIL_BASEDIR "/firejail" |
26 | #define RUN_FIREJAIL_APPIMAGE_DIR "/run/firejail/appimage" | 26 | #define RUN_FIREJAIL_APPIMAGE_DIR RUN_FIREJAIL_DIR "/appimage" |
27 | #define RUN_FIREJAIL_NAME_DIR "/run/firejail/name" // also used in src/lib/pid.c - todo: move it in a common place | 27 | #define RUN_FIREJAIL_NAME_DIR RUN_FIREJAIL_DIR "/name" // also used in src/lib/pid.c - todo: move it in a common place |
28 | #define RUN_FIREJAIL_LIB_DIR "/run/firejail/lib" | 28 | #define RUN_FIREJAIL_LIB_DIR RUN_FIREJAIL_DIR "/lib" |
29 | #define RUN_FIREJAIL_X11_DIR "/run/firejail/x11" | 29 | #define RUN_FIREJAIL_X11_DIR RUN_FIREJAIL_DIR "/x11" |
30 | #define RUN_FIREJAIL_NETWORK_DIR "/run/firejail/network" | 30 | #define RUN_FIREJAIL_NETWORK_DIR RUN_FIREJAIL_DIR "/network" |
31 | #define RUN_FIREJAIL_BANDWIDTH_DIR "/run/firejail/bandwidth" | 31 | #define RUN_FIREJAIL_BANDWIDTH_DIR RUN_FIREJAIL_DIR "/bandwidth" |
32 | #define RUN_FIREJAIL_PROFILE_DIR "/run/firejail/profile" | 32 | #define RUN_FIREJAIL_PROFILE_DIR RUN_FIREJAIL_DIR "/profile" |
33 | #define RUN_NETWORK_LOCK_FILE "/run/firejail/firejail-network.lock" | 33 | #define RUN_NETWORK_LOCK_FILE RUN_FIREJAIL_DIR "/firejail-network.lock" |
34 | #define RUN_DIRECTORY_LOCK_FILE "/run/firejail/firejail-run.lock" | 34 | #define RUN_DIRECTORY_LOCK_FILE RUN_FIREJAIL_DIR "/firejail-run.lock" |
35 | #define RUN_RO_DIR "/run/firejail/firejail.ro.dir" | 35 | #define RUN_RO_DIR RUN_FIREJAIL_DIR "/firejail.ro.dir" |
36 | #define RUN_RO_FILE "/run/firejail/firejail.ro.file" | 36 | #define RUN_RO_FILE RUN_FIREJAIL_DIR "/firejail.ro.file" |
37 | #define RUN_MNT_DIR "/run/firejail/mnt" // a tmpfs is mounted on this directory before any of the files below are created | 37 | #define RUN_MNT_DIR RUN_FIREJAIL_DIR "/mnt" // a tmpfs is mounted on this directory before any of the files below are created |
38 | #define RUN_CGROUP_CFG "/run/firejail/mnt/cgroup" | 38 | #define RUN_CGROUP_CFG RUN_MNT_DIR "/cgroup" |
39 | #define RUN_CPU_CFG "/run/firejail/mnt/cpu" | 39 | #define RUN_CPU_CFG RUN_MNT_DIR "/cpu" |
40 | #define RUN_GROUPS_CFG "/run/firejail/mnt/groups" | 40 | #define RUN_GROUPS_CFG RUN_MNT_DIR "/groups" |
41 | #define RUN_PROTOCOL_CFG "/run/firejail/mnt/protocol" | 41 | #define RUN_PROTOCOL_CFG RUN_MNT_DIR "/protocol" |
42 | #define RUN_NONEWPRIVS_CFG "/run/firejail/mnt/nonewprivs" | 42 | #define RUN_NONEWPRIVS_CFG RUN_MNT_DIR "/nonewprivs" |
43 | #define RUN_HOME_DIR "/run/firejail/mnt/home" | 43 | #define RUN_HOME_DIR RUN_MNT_DIR "/home" |
44 | #define RUN_ETC_DIR "/run/firejail/mnt/etc" | 44 | #define RUN_ETC_DIR RUN_MNT_DIR "/etc" |
45 | #define RUN_OPT_DIR "/run/firejail/mnt/opt" | 45 | #define RUN_OPT_DIR RUN_MNT_DIR "/opt" |
46 | #define RUN_SRV_DIR "/run/firejail/mnt/srv" | 46 | #define RUN_SRV_DIR RUN_MNT_DIR "/srv" |
47 | #define RUN_BIN_DIR "/run/firejail/mnt/bin" | 47 | #define RUN_BIN_DIR RUN_MNT_DIR "/bin" |
48 | #define RUN_PULSE_DIR "/run/firejail/mnt/pulse" | 48 | #define RUN_PULSE_DIR RUN_MNT_DIR "/pulse" |
49 | #define RUN_LIB_DIR "/run/firejail/mnt/lib" | 49 | #define RUN_LIB_DIR RUN_MNT_DIR "/lib" |
50 | #define RUN_LIB_FILE "/run/firejail/mnt/libfiles" | 50 | #define RUN_LIB_FILE RUN_MNT_DIR "/libfiles" |
51 | #define RUN_DNS_ETC "/run/firejail/mnt/dns-etc" | 51 | #define RUN_DNS_ETC RUN_MNT_DIR "/dns-etc" |
52 | 52 | ||
53 | #define RUN_SECCOMP_DIR "/run/firejail/mnt/seccomp" | 53 | #define RUN_SECCOMP_DIR RUN_MNT_DIR "/seccomp" |
54 | #define RUN_SECCOMP_LIST (RUN_SECCOMP_DIR "/seccomp.list") // list of seccomp files installed | 54 | #define RUN_SECCOMP_LIST RUN_SECCOMP_DIR "/seccomp.list" // list of seccomp files installed |
55 | #define RUN_SECCOMP_PROTOCOL (RUN_SECCOMP_DIR "/seccomp.protocol") // protocol filter | 55 | #define RUN_SECCOMP_PROTOCOL RUN_SECCOMP_DIR "/seccomp.protocol" // protocol filter |
56 | #define RUN_SECCOMP_CFG (RUN_SECCOMP_DIR "/seccomp") // configured filter | 56 | #define RUN_SECCOMP_CFG RUN_SECCOMP_DIR "/seccomp" // configured filter |
57 | #define RUN_SECCOMP_32 (RUN_SECCOMP_DIR "/seccomp.32") // 32bit arch filter installed on 64bit architectures | 57 | #define RUN_SECCOMP_32 RUN_SECCOMP_DIR "/seccomp.32" // 32bit arch filter installed on 64bit architectures |
58 | #define RUN_SECCOMP_MDWX (RUN_SECCOMP_DIR "/seccomp.mdwx") // filter for memory-deny-write-execute | 58 | #define RUN_SECCOMP_MDWX RUN_SECCOMP_DIR "/seccomp.mdwx" // filter for memory-deny-write-execute |
59 | #define RUN_SECCOMP_BLOCK_SECONDARY (RUN_SECCOMP_DIR "/seccomp.block_secondary") // secondary arch blocking filter | 59 | #define RUN_SECCOMP_BLOCK_SECONDARY RUN_SECCOMP_DIR "/seccomp.block_secondary" // secondary arch blocking filter |
60 | #define RUN_SECCOMP_POSTEXEC (RUN_SECCOMP_DIR "/seccomp.postexec") // filter for post-exec library | 60 | #define RUN_SECCOMP_POSTEXEC RUN_SECCOMP_DIR "/seccomp.postexec" // filter for post-exec library |
61 | #define PATH_SECCOMP_DEFAULT (LIBDIR "/firejail/seccomp") // default filter built during make | 61 | #define PATH_SECCOMP_DEFAULT LIBDIR "/firejail/seccomp" // default filter built during make |
62 | #define PATH_SECCOMP_DEFAULT_DEBUG (LIBDIR "/firejail/seccomp.debug") // default filter built during make | 62 | #define PATH_SECCOMP_DEFAULT_DEBUG LIBDIR "/firejail/seccomp.debug" // default filter built during make |
63 | #define PATH_SECCOMP_32 (LIBDIR "/firejail/seccomp.32") // 32bit arch filter built during make | 63 | #define PATH_SECCOMP_32 LIBDIR "/firejail/seccomp.32" // 32bit arch filter built during make |
64 | #define PATH_SECCOMP_MDWX (LIBDIR "/firejail/seccomp.mdwx") // filter for memory-deny-write-execute built during make | 64 | #define PATH_SECCOMP_MDWX LIBDIR "/firejail/seccomp.mdwx" // filter for memory-deny-write-execute built during make |
65 | #define PATH_SECCOMP_BLOCK_SECONDARY (LIBDIR "/firejail/seccomp.block_secondary") // secondary arch blocking filter built during make | 65 | #define PATH_SECCOMP_BLOCK_SECONDARY LIBDIR "/firejail/seccomp.block_secondary" // secondary arch blocking filter built during make |
66 | 66 | ||
67 | 67 | ||
68 | #define RUN_DEV_DIR "/run/firejail/mnt/dev" | 68 | #define RUN_DEV_DIR RUN_MNT_DIR "/dev" |
69 | #define RUN_DEVLOG_FILE "/run/firejail/mnt/devlog" | 69 | #define RUN_DEVLOG_FILE RUN_MNT_DIR "/devlog" |
70 | 70 | ||
71 | #define RUN_WHITELIST_X11_DIR "/run/firejail/mnt/orig-x11" | 71 | #define RUN_WHITELIST_X11_DIR RUN_MNT_DIR "/orig-x11" |
72 | #define RUN_WHITELIST_HOME_DIR "/run/firejail/mnt/orig-home" // default home directory masking | 72 | #define RUN_WHITELIST_HOME_DIR RUN_MNT_DIR "/orig-home" // default home directory masking |
73 | #define RUN_WHITELIST_RUN_DIR "/run/firejail/mnt/orig-run" // default run directory masking | 73 | #define RUN_WHITELIST_RUN_DIR RUN_MNT_DIR "/orig-run" // default run directory masking |
74 | #define RUN_WHITELIST_HOME_USER_DIR "/run/firejail/mnt/orig-home-user" // home directory whitelisting | 74 | #define RUN_WHITELIST_HOME_USER_DIR RUN_MNT_DIR "/orig-home-user" // home directory whitelisting |
75 | #define RUN_WHITELIST_RUN_USER_DIR "/run/firejail/mnt/orig-run-user" // run directory whitelisting | 75 | #define RUN_WHITELIST_RUN_USER_DIR RUN_MNT_DIR "/orig-run-user" // run directory whitelisting |
76 | #define RUN_WHITELIST_TMP_DIR "/run/firejail/mnt/orig-tmp" | 76 | #define RUN_WHITELIST_TMP_DIR RUN_MNT_DIR "/orig-tmp" |
77 | #define RUN_WHITELIST_MEDIA_DIR "/run/firejail/mnt/orig-media" | 77 | #define RUN_WHITELIST_MEDIA_DIR RUN_MNT_DIR "/orig-media" |
78 | #define RUN_WHITELIST_MNT_DIR "/run/firejail/mnt/orig-mnt" | 78 | #define RUN_WHITELIST_MNT_DIR RUN_MNT_DIR "/orig-mnt" |
79 | #define RUN_WHITELIST_VAR_DIR "/run/firejail/mnt/orig-var" | 79 | #define RUN_WHITELIST_VAR_DIR RUN_MNT_DIR "/orig-var" |
80 | #define RUN_WHITELIST_DEV_DIR "/run/firejail/mnt/orig-dev" | 80 | #define RUN_WHITELIST_DEV_DIR RUN_MNT_DIR "/orig-dev" |
81 | #define RUN_WHITELIST_OPT_DIR "/run/firejail/mnt/orig-opt" | 81 | #define RUN_WHITELIST_OPT_DIR RUN_MNT_DIR "/orig-opt" |
82 | #define RUN_WHITELIST_SRV_DIR "/run/firejail/mnt/orig-srv" | 82 | #define RUN_WHITELIST_SRV_DIR RUN_MNT_DIR "/orig-srv" |
83 | #define RUN_WHITELIST_ETC_DIR "/run/firejail/mnt/orig-etc" | 83 | #define RUN_WHITELIST_ETC_DIR RUN_MNT_DIR "/orig-etc" |
84 | #define RUN_WHITELIST_SHARE_DIR "/run/firejail/mnt/orig-share" | 84 | #define RUN_WHITELIST_SHARE_DIR RUN_MNT_DIR "/orig-share" |
85 | #define RUN_WHITELIST_MODULE_DIR "/run/firejail/mnt/orig-module" | 85 | #define RUN_WHITELIST_MODULE_DIR RUN_MNT_DIR "/orig-module" |
86 | 86 | ||
87 | #define RUN_XAUTHORITY_FILE "/run/firejail/mnt/.Xauthority" | 87 | #define RUN_XAUTHORITY_FILE RUN_MNT_DIR "/.Xauthority" |
88 | #define RUN_XAUTHORITY_SEC_FILE "/run/firejail/mnt/sec.Xauthority" | 88 | #define RUN_XAUTHORITY_SEC_FILE RUN_MNT_DIR "/sec.Xauthority" |
89 | #define RUN_ASOUNDRC_FILE "/run/firejail/mnt/.asoundrc" | 89 | #define RUN_ASOUNDRC_FILE RUN_MNT_DIR "/.asoundrc" |
90 | #define RUN_HOSTNAME_FILE "/run/firejail/mnt/hostname" | 90 | #define RUN_HOSTNAME_FILE RUN_MNT_DIR "/hostname" |
91 | #define RUN_HOSTS_FILE "/run/firejail/mnt/hosts" | 91 | #define RUN_HOSTS_FILE RUN_MNT_DIR "/hosts" |
92 | #define RUN_MACHINEID "/run/firejail/mnt/machine-id" | 92 | #define RUN_MACHINEID RUN_MNT_DIR "/machine-id" |
93 | #define RUN_LDPRELOAD_FILE "/run/firejail/mnt/ld.so.preload" | 93 | #define RUN_LDPRELOAD_FILE RUN_MNT_DIR "/ld.so.preload" |
94 | #define RUN_UTMP_FILE "/run/firejail/mnt/utmp" | 94 | #define RUN_UTMP_FILE RUN_MNT_DIR "/utmp" |
95 | #define RUN_PASSWD_FILE "/run/firejail/mnt/passwd" | 95 | #define RUN_PASSWD_FILE RUN_MNT_DIR "/passwd" |
96 | #define RUN_GROUP_FILE "/run/firejail/mnt/group" | 96 | #define RUN_GROUP_FILE RUN_MNT_DIR "/group" |
97 | #define RUN_FSLOGGER_FILE "/run/firejail/mnt/fslogger" | 97 | #define RUN_FSLOGGER_FILE RUN_MNT_DIR "/fslogger" |
98 | #define RUN_UMASK_FILE "/run/firejail/mnt/umask" | 98 | #define RUN_UMASK_FILE RUN_MNT_DIR "/umask" |
99 | #define RUN_OVERLAY_ROOT "/run/firejail/mnt/oroot" | 99 | #define RUN_OVERLAY_ROOT RUN_MNT_DIR "/oroot" |
100 | #define RUN_READY_FOR_JOIN "/run/firejail/mnt/ready-for-join" | 100 | #define RUN_READY_FOR_JOIN RUN_MNT_DIR "/ready-for-join" |
101 | 101 | ||
102 | #endif | 102 | #endif |