6 files changed, 272 insertions, 68 deletions
diff --git a/contrib/fix_private-bin.py b/contrib/fix_private-bin.py
new file mode 100755
index 000000000..270c758a2
--- /dev/null
+++ b/contrib/fix_private-bin.py
@@ -0,0 +1,157 @@
+#!/usr/bin/python3
+__author__ = "KOLANICH"
+__copyright__ = """This is free and unencumbered software released into the public domain.
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+For more information, please refer to <http://unlicense.org/>"""
+__license__ = "Unlicense"
+import sys, os, glob, re
+privRx=re.compile("^(?:#\s*)?private-bin")
+def fixSymlinkedBins(files, replMap):
+        """
+        Used to add filenames to private-bin directives of files if the ones present are mentioned in replMap
+        replMap is a dict where key is the marker filename and value is the filename to add
+        """
+        
+        rxs=dict()
+        for (old,new) in replMap.items():
+                rxs[old]=re.compile("\\b"+old+"\\b")
+                rxs[new]=re.compile("\\b"+new+"\\b")
+        #print(rxs)
+        
+        for filename in files:
+                lines=None
+                with open(filename,"r") as file:
+                        lines=file.readlines()
+                
+                shouldUpdate=False
+                for (i,line) in enumerate(lines):
+                        if privRx.search(line):
+                                for (old,new) in replMap.items():
+                                        if rxs[old].search(line) and not rxs[new].search(line):
+                                                lines[i]=rxs[old].sub(old+","+new, line)
+                                                shouldUpdate=True
+                                                print(lines[i])
+                
+                if shouldUpdate:
+                        with open(filename,"w") as file:
+                                file.writelines(lines)
+                        pass
+def createSetOfBinaries(files):
+        """
+        Creates a set of binaries mentioned in private-bin directives of files.
+        """
+        s=set()
+        for filename in files:
+                lines=None
+                with open(filename,"r") as file:
+                        for line in file:
+                                if privRx.search(line):
+                                        bins=line.split(",")
+                                        bins[0]=bins[0].split(" ")[-1]
+                                        bins = [n.strip() for n in bins]
+                                        s=s|set(bins)
+        return s
+def createSymlinkTable(binDirs, binariesSet):
+        """
+        creates a dict of symlinked binaries in the system where a key is a symlink name and value is a symlinked binary.
+        binDirs are folders to look into for binaries symlinks
+        binariesSet is a set of binaries to be checked if they are actually a symlinks
+        """
+        m=dict()
+        toProcess=binariesSet
+        while len(toProcess)!=0:
+                additional=set()
+                for sh in toProcess:
+                        for bD in binDirs:
+                                p=bD+os.path.sep+sh
+                                if os.path.exists(p):
+                                        if os.path.islink(p):
+                                                m[sh]=os.readlink(p)
+                                                additional.add(m[sh].split(" ")[0])
+                                        else:
+                                                pass
+                                        break
+                toProcess=additional
+        return m
+def doTheFixes(profilesPath, binDirs):
+        """
+        Fixes private-bin in .profiles for firejail. The pipeline is as follows:
+        discover files -> discover mentioned binaries ->
+        discover the ones which are symlinks ->
+        make a look-up table for fix ->
+        filter the ones can be fixed (we cannot fix the ones which are not in directories for binaries) ->
+        apply fix
+        """
+        files=glob.glob(profilesPath+os.path.sep+"*.profile")
+        bins=createSetOfBinaries(files)
+        #print("The binaries used are:")
+        #print(bins)
+        stbl=createSymlinkTable(binDirs,bins)
+        print("The replacement table is:")
+        print(stbl)
+        stbl={a[0]:a[1] for a in stbl.items() if a[0].find(os.path.sep) < 0 and a[1].find(os.path.sep)<0}
+        print("Filtered replacement table is:")
+        print(stbl)
+        fixSymlinkedBins(files,stbl)
+def printHelp():
+        print("python3 "+os.path.basename(__file__)+" <dir with .profile files>\nThe default dir is "+defaultProfilesPath+"\n"+doTheFixes.__doc__)
+def main():
+        """The main function. Parses the commandline args, shows messages and calles the function actually doing the work."""
+        print(repr(sys.argv))
+        defaultProfilesPath="../etc"
+        if len(sys.argv)>2 or (len(sys.argv)==2 and (sys.argv[1] == '-h' or sys.argv[1] == '--help') ):
+                printHelp()
+                exit(1)
+        
+        profilesPath=None
+        if len(sys.argv)==2:
+                if os.path.isdir(sys.argv[1]):
+                        profilesPath=os.path.abspath(sys.argv[1])
+                else:
+                        if os.path.exists(sys.argv[1]):
+                                print(sys.argv[1]+" is not a dir")
+                        else:
+                                print(sys.argv[1]+" does not exist")
+                        printHelp()
+                        exit(1)
+        else:
+                print("Using default profiles dir: " + defaultProfilesPath)
+                profilesPath=defaultProfilesPath
+        binDirs=["/bin","/usr/bin","/usr/sbin","/usr/local/bin","/usr/local/sbin"]
+        print("Binaries dirs are:")
+        print(binDirs)
+        doTheFixes(profilesPath, binDirs)
+if __name__ == "__main__":
+        main()
diff --git a/contrib/fix_private-bin_for_symlinked_sh.py b/contrib/fix_private-bin_for_symlinked_sh.py
deleted file mode 100644
index 705e46e46..000000000
--- a/contrib/fix_private-bin_for_symlinked_sh.py
+++ /dev/null
@@ -1,68 +0,0 @@
-#!/usr/bin/python3
-import sys, os, glob, re
-privRx=re.compile("^(?:#\s*)?private-bin")
-def fixSymlinkedBins(files, replMap):
-        rxs=dict()
-        for (old,new) in replMap.items():
-                rxs[old]=re.compile("\\b"+old+"\\b")
-                rxs[new]=re.compile("\\b"+new+"\\b")
-        print(rxs)
-        
-        for filename in files:
-                lines=None
-                with open(filename,"r") as file:
-                        lines=file.readlines()
-                
-                shouldUpdate=False
-                for (i,line) in enumerate(lines):
-                        if privRx.search(line):
-                                for (old,new) in replMap.items():
-                                        if rxs[old].search(line) and not rxs[new].search(line):
-                                                lines[i]=rxs[old].sub(old+","+new, line)
-                                                shouldUpdate=True
-                                                print(lines[i])
-                
-                if shouldUpdate:
-                        with open(filename,"w") as file:
-                                file.writelines(lines)
-                                pass
-def createListOfBinaries(files):
-        s=set()
-        for filename in files:
-                lines=None
-                with open(filename,"r") as file:
-                        for line in file:
-                                if privRx.search(line):
-                                        bins=line.split(",")
-                                        bins[0]=bins[0].split(" ")[-1]
-                                        bins = [n.strip() for n in bins]
-                                        s=s|set(bins)
-        return s
-def createSymlinkTable(binDirs, binariesSet):
-        m=dict()
-        for sh in binariesSet:
-                for bD in binDirs:
-                        p=bD+os.path.sep+sh
-                        if os.path.exists(p):
-                                if os.path.islink(p):
-                                        m[sh]=os.readlink(p)
-                                else:
-                                        pass
-                                break
-        return m
-sh="sh"
-binDirs=["/bin","/usr/bin","/usr/sbin","/usr/local/bin","/usr/local/sbin"]
-profilesPath="."
-files=glob.glob(profilesPath+os.path.sep+"*.profile")
-bins=createListOfBinaries(files)
-stbl=createSymlinkTable(binDirs,bins)
-print(stbl)
-fixSymlinkedBins(files,{a[0]:a[1] for a in stbl.items() if a[0].find("/") < 0 and a[1].find("/")<0})
diff --git a/contrib/fjclip.py b/contrib/fjclip.py
new file mode 100755
index 000000000..cd12cd289
--- /dev/null
+++ b/contrib/fjclip.py
@@ -0,0 +1,35 @@
+#!/usr/bin/env python
+import re
+import sys
+import subprocess
+import fjdisplay
+usage = """fjclip.py src dest. src or dest can be named firejails or - for stdin or stdout.
+firemon --x11 to see available running x11 firejails. firejail names can be shortened
+to least ambiguous. for example 'work-libreoffice' can be shortened to 'work' if no
+other firejails name starts with 'work'.
+warning: browsers are dangerous. clipboards from browsers are dangerous.  see
+https://github.com/dxa4481/Pastejacking 
+fjclip.py strips whitespace from both
+ends, but does nothing else to protect you.  use a simple gui text editor like
+gedit if you want to see what your pasting.""" 
+if len(sys.argv) != 3 or sys.argv == '-h' or sys.argv == '--help':
+    print(usage)
+    exit(1)
+if sys.argv[1] == '-':
+    clipin_raw = sys.stdin.read()
+else:
+    display = fjdisplay.getdisplay(sys.argv[1])
+    clipin_raw = subprocess.check_output(['xsel','-b','--display',display])
+clipin = clipin_raw.strip()
+if sys.argv[2] == '-':
+    print(clipin)
+else:
+    display = fjdisplay.getdisplay(sys.argv[2])
+    clipout = subprocess.Popen(['xsel','-b','-i','--display',display],stdin=subprocess.PIPE)
+    clipout.communicate(clipin)
+\ No newline at end of file
diff --git a/contrib/fjdisplay.py b/contrib/fjdisplay.py
new file mode 100755
index 000000000..0e0ef01ec
--- /dev/null
+++ b/contrib/fjdisplay.py
@@ -0,0 +1,43 @@
+#!/usr/bin/env python
+import re
+import sys
+import subprocess
+usage = """fjdisplay.py name-of-firejail
+returns the display in the form of ':NNN'
+"""
+def getfirejails():
+    output = subprocess.check_output(['firemon','--x11'])
+    firejails = {}
+    name = ''
+    for line in output.split('\n'):
+        namematch = re.search('--name=(\w+\S*)',line)
+        if namematch:
+          name = namematch.group(1)
+        displaymatch = re.search('DISPLAY (:\d+)',line) 
+        if displaymatch:
+          firejails[name] = displaymatch.group(1)
+    return firejails
+def getdisplay(name):
+    firejails = getfirejails()
+    fjlist = '\n'.join(firejails.keys())
+    namere = re.compile('^'+name+'.*', re.MULTILINE)
+    matchingjails = namere.findall(fjlist)
+    if len(matchingjails) == 1:
+        return firejails[matchingjails[0]]
+    if len(matchingjails) == 0:
+        raise NameError("firejail {} does not exist".format(name))
+    else:
+        raise NameError("ambiguous firejail name")
+if __name__ == '__main__':
+    if '-h' in sys.argv or '--help' in sys.argv or len(sys.argv) > 2:
+        print(usage)
+        exit()
+    if len(sys.argv) == 1:
+        print(getfirejails())
+    if len(sys.argv) == 2:
+        print (getdisplay(sys.argv[1]))
+\ No newline at end of file
diff --git a/contrib/fjresize.py b/contrib/fjresize.py
new file mode 100755
index 000000000..52b289159
--- /dev/null
+++ b/contrib/fjresize.py
@@ -0,0 +1,25 @@
+#!/usr/bin/env python
+import sys
+import fjdisplay
+import subprocess
+usage = """usage: fjresize.py firejail-name displaysize
+resize firejail xephyr windows.
+fjdisplay.py with no other arguments will list running named firejails with displays.
+fjresize.py with only a firejail name will list valid resolutions.
+names can be shortend as long its unambiguous.
+note: you may need to move the xephyr window for the resize to take effect
+example:
+    fjresize.py browser 1280x800
+"""
+if len(sys.argv) == 2:
+    out = subprocess.check_output(['xrandr','--display',fjdisplay.getdisplay(sys.argv[1])])
+    print(out)
+elif len(sys.argv) == 3: 
+    out = subprocess.check_output(['xrandr','--display',fjdisplay.getdisplay(sys.argv[1]),'--output','default','--mode',sys.argv[2]])
+    print(out)
+else:
+    print(usage)
+\ No newline at end of file
diff --git a/contrib/update_deb.sh b/contrib/update_deb.sh
new file mode 100755
index 000000000..c2adffaf8
--- /dev/null
+++ b/contrib/update_deb.sh
@@ -0,0 +1,12 @@
+#!/bin/sh
+# Purpose: Fetch, compile, and install firejail from GitHub source. For 
+#                       Debian-based distros only (Ubuntu, Mint, etc).
+set -e 
+git clone --depth=1 https://www.github.com/netblue30/firejail.git
+cd firejail
+./configure --prefix=/usr
+make deb
+sudo dpkg -i firejail*.deb
+echo "Firejail was updated!"
+cd ..
+rm -rf firejail

diff --git a/contrib/fix_private-bin.py b/contrib/fix_private-bin.py new file mode 100755 index 000000000..270c758a2 --- /dev/null +++ b/contrib/fix_private-bin.py
@@ -0,0 +1,157 @@
		1	#!/usr/bin/python3
		2
		3	__author__ = "KOLANICH"
		4	__copyright__ = """This is free and unencumbered software released into the public domain.
		5
		6	Anyone is free to copy, modify, publish, use, compile, sell, or
		7	distribute this software, either in source code form or as a compiled
		8	binary, for any purpose, commercial or non-commercial, and by any
		9	means.
		10
		11	In jurisdictions that recognize copyright laws, the author or authors
		12	of this software dedicate any and all copyright interest in the
		13	software to the public domain. We make this dedication for the benefit
		14	of the public at large and to the detriment of our heirs and
		15	successors. We intend this dedication to be an overt act of
		16	relinquishment in perpetuity of all present and future rights to this
		17	software under copyright law.
		18
		19	THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
		20	EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
		21	MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
		22	IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
		23	OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
		24	ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
		25	OTHER DEALINGS IN THE SOFTWARE.
		26
		27	For more information, please refer to <http://unlicense.org/>"""
		28	__license__ = "Unlicense"
		29
		30	import sys, os, glob, re
		31
		32	privRx=re.compile("^(?:#\s*)?private-bin")
		33
		34	def fixSymlinkedBins(files, replMap):
		35	"""
		36	Used to add filenames to private-bin directives of files if the ones present are mentioned in replMap
		37	replMap is a dict where key is the marker filename and value is the filename to add
		38	"""
		39
		40	rxs=dict()
		41	for (old,new) in replMap.items():
		42	rxs[old]=re.compile("\\b"+old+"\\b")
		43	rxs[new]=re.compile("\\b"+new+"\\b")
		44	#print(rxs)
		45
		46	for filename in files:
		47	lines=None
		48	with open(filename,"r") as file:
		49	lines=file.readlines()
		50
		51	shouldUpdate=False
		52	for (i,line) in enumerate(lines):
		53	if privRx.search(line):
		54	for (old,new) in replMap.items():
		55	if rxs[old].search(line) and not rxs[new].search(line):
		56	lines[i]=rxs[old].sub(old+","+new, line)
		57	shouldUpdate=True
		58	print(lines[i])
		59
		60	if shouldUpdate:
		61	with open(filename,"w") as file:
		62	file.writelines(lines)
		63	pass
		64
		65	def createSetOfBinaries(files):
		66	"""
		67	Creates a set of binaries mentioned in private-bin directives of files.
		68	"""
		69	s=set()
		70	for filename in files:
		71	lines=None
		72	with open(filename,"r") as file:
		73	for line in file:
		74	if privRx.search(line):
		75	bins=line.split(",")
		76	bins[0]=bins[0].split(" ")[-1]
		77	bins = [n.strip() for n in bins]
		78	s=s\|set(bins)
		79	return s
		80
		81	def createSymlinkTable(binDirs, binariesSet):
		82	"""
		83	creates a dict of symlinked binaries in the system where a key is a symlink name and value is a symlinked binary.
		84	binDirs are folders to look into for binaries symlinks
		85	binariesSet is a set of binaries to be checked if they are actually a symlinks
		86	"""
		87	m=dict()
		88	toProcess=binariesSet
		89	while len(toProcess)!=0:
		90	additional=set()
		91	for sh in toProcess:
		92	for bD in binDirs:
		93	p=bD+os.path.sep+sh
		94	if os.path.exists(p):
		95	if os.path.islink(p):
		96	m[sh]=os.readlink(p)
		97	additional.add(m[sh].split(" ")[0])
		98	else:
		99	pass
		100	break
		101	toProcess=additional
		102	return m
		103
		104	def doTheFixes(profilesPath, binDirs):
		105	"""
		106	Fixes private-bin in .profiles for firejail. The pipeline is as follows:
		107	discover files -> discover mentioned binaries ->
		108	discover the ones which are symlinks ->
		109	make a look-up table for fix ->
		110	filter the ones can be fixed (we cannot fix the ones which are not in directories for binaries) ->
		111	apply fix
		112	"""
		113	files=glob.glob(profilesPath+os.path.sep+"*.profile")
		114	bins=createSetOfBinaries(files)
		115	#print("The binaries used are:")
		116	#print(bins)
		117	stbl=createSymlinkTable(binDirs,bins)
		118	print("The replacement table is:")
		119	print(stbl)
		120	stbl={a[0]:a[1] for a in stbl.items() if a[0].find(os.path.sep) < 0 and a[1].find(os.path.sep)<0}
		121	print("Filtered replacement table is:")
		122	print(stbl)
		123	fixSymlinkedBins(files,stbl)
		124
		125	def printHelp():
		126	print("python3 "+os.path.basename(__file__)+" <dir with .profile files>\nThe default dir is "+defaultProfilesPath+"\n"+doTheFixes.__doc__)
		127
		128	def main():
		129	"""The main function. Parses the commandline args, shows messages and calles the function actually doing the work."""
		130	print(repr(sys.argv))
		131	defaultProfilesPath="../etc"
		132	if len(sys.argv)>2 or (len(sys.argv)==2 and (sys.argv[1] == '-h' or sys.argv[1] == '--help') ):
		133	printHelp()
		134	exit(1)
		135
		136	profilesPath=None
		137	if len(sys.argv)==2:
		138	if os.path.isdir(sys.argv[1]):
		139	profilesPath=os.path.abspath(sys.argv[1])
		140	else:
		141	if os.path.exists(sys.argv[1]):
		142	print(sys.argv[1]+" is not a dir")
		143	else:
		144	print(sys.argv[1]+" does not exist")
		145	printHelp()
		146	exit(1)
		147	else:
		148	print("Using default profiles dir: " + defaultProfilesPath)
		149	profilesPath=defaultProfilesPath
		150
		151	binDirs=["/bin","/usr/bin","/usr/sbin","/usr/local/bin","/usr/local/sbin"]
		152	print("Binaries dirs are:")
		153	print(binDirs)
		154	doTheFixes(profilesPath, binDirs)
		155
		156	if __name__ == "__main__":
		157	main()


diff --git a/contrib/fix_private-bin_for_symlinked_sh.py b/contrib/fix_private-bin_for_symlinked_sh.py deleted file mode 100644 index 705e46e46..000000000 --- a/contrib/fix_private-bin_for_symlinked_sh.py +++ /dev/null
@@ -1,68 +0,0 @@
1	#!/usr/bin/python3
2
3	import sys, os, glob, re
4
5	privRx=re.compile("^(?:#\s*)?private-bin")
6
7	def fixSymlinkedBins(files, replMap):
8	rxs=dict()
9	for (old,new) in replMap.items():
10	rxs[old]=re.compile("\\b"+old+"\\b")
11	rxs[new]=re.compile("\\b"+new+"\\b")
12	print(rxs)
13
14	for filename in files:
15	lines=None
16	with open(filename,"r") as file:
17	lines=file.readlines()
18
19	shouldUpdate=False
20	for (i,line) in enumerate(lines):
21	if privRx.search(line):
22	for (old,new) in replMap.items():
23	if rxs[old].search(line) and not rxs[new].search(line):
24	lines[i]=rxs[old].sub(old+","+new, line)
25	shouldUpdate=True
26	print(lines[i])
27
28	if shouldUpdate:
29	with open(filename,"w") as file:
30	file.writelines(lines)
31	pass
32
33	def createListOfBinaries(files):
34	s=set()
35	for filename in files:
36	lines=None
37	with open(filename,"r") as file:
38	for line in file:
39	if privRx.search(line):
40	bins=line.split(",")
41	bins[0]=bins[0].split(" ")[-1]
42	bins = [n.strip() for n in bins]
43	s=s\|set(bins)
44	return s
45
46	def createSymlinkTable(binDirs, binariesSet):
47	m=dict()
48	for sh in binariesSet:
49	for bD in binDirs:
50	p=bD+os.path.sep+sh
51	if os.path.exists(p):
52	if os.path.islink(p):
53	m[sh]=os.readlink(p)
54	else:
55	pass
56	break
57	return m
58
59
60	sh="sh"
61	binDirs=["/bin","/usr/bin","/usr/sbin","/usr/local/bin","/usr/local/sbin"]
62	profilesPath="."
63	files=glob.glob(profilesPath+os.path.sep+"*.profile")
64
65	bins=createListOfBinaries(files)
66	stbl=createSymlinkTable(binDirs,bins)
67	print(stbl)
68	fixSymlinkedBins(files,{a[0]:a[1] for a in stbl.items() if a[0].find("/") < 0 and a[1].find("/")<0})


diff --git a/contrib/fjclip.py b/contrib/fjclip.py new file mode 100755 index 000000000..cd12cd289 --- /dev/null +++ b/contrib/fjclip.py
@@ -0,0 +1,35 @@
		1	#!/usr/bin/env python
		2
		3	import re
		4	import sys
		5	import subprocess
		6	import fjdisplay
		7
		8	usage = """fjclip.py src dest. src or dest can be named firejails or - for stdin or stdout.
		9	firemon --x11 to see available running x11 firejails. firejail names can be shortened
		10	to least ambiguous. for example 'work-libreoffice' can be shortened to 'work' if no
		11	other firejails name starts with 'work'.
		12	warning: browsers are dangerous. clipboards from browsers are dangerous. see
		13	https://github.com/dxa4481/Pastejacking
		14	fjclip.py strips whitespace from both
		15	ends, but does nothing else to protect you. use a simple gui text editor like
		16	gedit if you want to see what your pasting."""
		17
		18	if len(sys.argv) != 3 or sys.argv == '-h' or sys.argv == '--help':
		19	print(usage)
		20	exit(1)
		21
		22	if sys.argv[1] == '-':
		23	clipin_raw = sys.stdin.read()
		24	else:
		25	display = fjdisplay.getdisplay(sys.argv[1])
		26	clipin_raw = subprocess.check_output(['xsel','-b','--display',display])
		27
		28	clipin = clipin_raw.strip()
		29
		30	if sys.argv[2] == '-':
		31	print(clipin)
		32	else:
		33	display = fjdisplay.getdisplay(sys.argv[2])
		34	clipout = subprocess.Popen(['xsel','-b','-i','--display',display],stdin=subprocess.PIPE)
		35	clipout.communicate(clipin) \ No newline at end of file


diff --git a/contrib/fjdisplay.py b/contrib/fjdisplay.py new file mode 100755 index 000000000..0e0ef01ec --- /dev/null +++ b/contrib/fjdisplay.py
@@ -0,0 +1,43 @@
		1	#!/usr/bin/env python
		2
		3	import re
		4	import sys
		5	import subprocess
		6
		7	usage = """fjdisplay.py name-of-firejail
		8	returns the display in the form of ':NNN'
		9	"""
		10
		11	def getfirejails():
		12	output = subprocess.check_output(['firemon','--x11'])
		13	firejails = {}
		14	name = ''
		15	for line in output.split('\n'):
		16	namematch = re.search('--name=(\w+\S*)',line)
		17	if namematch:
		18	name = namematch.group(1)
		19	displaymatch = re.search('DISPLAY (:\d+)',line)
		20	if displaymatch:
		21	firejails[name] = displaymatch.group(1)
		22	return firejails
		23
		24	def getdisplay(name):
		25	firejails = getfirejails()
		26	fjlist = '\n'.join(firejails.keys())
		27	namere = re.compile('^'+name+'.*', re.MULTILINE)
		28	matchingjails = namere.findall(fjlist)
		29	if len(matchingjails) == 1:
		30	return firejails[matchingjails[0]]
		31	if len(matchingjails) == 0:
		32	raise NameError("firejail {} does not exist".format(name))
		33	else:
		34	raise NameError("ambiguous firejail name")
		35
		36	if __name__ == '__main__':
		37	if '-h' in sys.argv or '--help' in sys.argv or len(sys.argv) > 2:
		38	print(usage)
		39	exit()
		40	if len(sys.argv) == 1:
		41	print(getfirejails())
		42	if len(sys.argv) == 2:
		43	print (getdisplay(sys.argv[1])) \ No newline at end of file


diff --git a/contrib/fjresize.py b/contrib/fjresize.py new file mode 100755 index 000000000..52b289159 --- /dev/null +++ b/contrib/fjresize.py
@@ -0,0 +1,25 @@
		1	#!/usr/bin/env python
		2
		3	import sys
		4	import fjdisplay
		5	import subprocess
		6
		7	usage = """usage: fjresize.py firejail-name displaysize
		8	resize firejail xephyr windows.
		9	fjdisplay.py with no other arguments will list running named firejails with displays.
		10	fjresize.py with only a firejail name will list valid resolutions.
		11	names can be shortend as long its unambiguous.
		12	note: you may need to move the xephyr window for the resize to take effect
		13	example:
		14	fjresize.py browser 1280x800
		15	"""
		16
		17
		18	if len(sys.argv) == 2:
		19	out = subprocess.check_output(['xrandr','--display',fjdisplay.getdisplay(sys.argv[1])])
		20	print(out)
		21	elif len(sys.argv) == 3:
		22	out = subprocess.check_output(['xrandr','--display',fjdisplay.getdisplay(sys.argv[1]),'--output','default','--mode',sys.argv[2]])
		23	print(out)
		24	else:
		25	print(usage) \ No newline at end of file


diff --git a/contrib/update_deb.sh b/contrib/update_deb.sh new file mode 100755 index 000000000..c2adffaf8 --- /dev/null +++ b/contrib/update_deb.sh
@@ -0,0 +1,12 @@
		1	#!/bin/sh
		2	# Purpose: Fetch, compile, and install firejail from GitHub source. For
		3	# Debian-based distros only (Ubuntu, Mint, etc).
		4	set -e
		5	git clone --depth=1 https://www.github.com/netblue30/firejail.git
		6	cd firejail
		7	./configure --prefix=/usr
		8	make deb
		9	sudo dpkg -i firejail*.deb
		10	echo "Firejail was updated!"
		11	cd ..
		12	rm -rf firejail