diff options
Diffstat (limited to 'src/fbuilder/build_fs.c')
-rw-r--r-- | src/fbuilder/build_fs.c | 145 |
1 files changed, 44 insertions, 101 deletions
diff --git a/src/fbuilder/build_fs.c b/src/fbuilder/build_fs.c index b35380b96..8700e0ba1 100644 --- a/src/fbuilder/build_fs.c +++ b/src/fbuilder/build_fs.c | |||
@@ -146,106 +146,57 @@ void build_etc(const char *fname, FILE *fp) { | |||
146 | //******************************************* | 146 | //******************************************* |
147 | // var directory | 147 | // var directory |
148 | //******************************************* | 148 | //******************************************* |
149 | #if 0 | ||
150 | // todo: load the list from whitelist-var-common.inc | ||
151 | static char *var_skip[] = { | ||
152 | "/var/lib/ca-certificates", | ||
153 | "/var/lib/dbus", | ||
154 | "/var/lib/menu-xdg", | ||
155 | "/var/lib/uim", | ||
156 | "/var/cache/fontconfig", | ||
157 | "/var/tmp", | ||
158 | "/var/run", | ||
159 | "/var/lock", | ||
160 | NULL | ||
161 | }; | ||
162 | #endif | ||
149 | static FileDB *var_out = NULL; | 163 | static FileDB *var_out = NULL; |
164 | static FileDB *var_skip = NULL; | ||
150 | static void var_callback(char *ptr) { | 165 | static void var_callback(char *ptr) { |
151 | if (strcmp(ptr, "/var/lib") == 0) | 166 | // extract the directory: |
152 | ; | 167 | assert(strncmp(ptr, "/var", 4) == 0); |
153 | else if (strcmp(ptr, "/var/cache") == 0) | 168 | char *p1 = ptr + 4; |
154 | ; | 169 | if (*p1 != '/') |
155 | else if (strncmp(ptr, "/var/lib/menu-xdg", 17) == 0) | 170 | return; |
156 | var_out = filedb_add(var_out, "/var/lib/menu-xdg"); | 171 | p1++; |
157 | else if (strncmp(ptr, "/var/cache/fontconfig", 21) == 0) | 172 | |
158 | var_out = filedb_add(var_out, "/var/cache/fontconfig"); | 173 | if (*p1 == '/') // double '/' |
159 | else | 174 | p1++; |
160 | var_out = filedb_add(var_out, ptr); | 175 | if (*p1 == '\0') |
176 | return; | ||
177 | |||
178 | if (!filedb_find(var_skip, p1)) | ||
179 | var_out = filedb_add(var_out, p1); | ||
161 | } | 180 | } |
162 | 181 | ||
163 | void build_var(const char *fname, FILE *fp) { | 182 | void build_var(const char *fname, FILE *fp) { |
164 | assert(fname); | 183 | assert(fname); |
165 | 184 | ||
185 | var_skip = filedb_load_whitelist(var_skip, "whitelist-var-common.inc", "whitelist /var/"); | ||
166 | process_files(fname, "/var", var_callback); | 186 | process_files(fname, "/var", var_callback); |
167 | 187 | ||
168 | if (var_out == NULL) { | 188 | // always whitelist /var |
169 | fprintf(fp, "blacklist /var\n"); | 189 | if (var_out) |
170 | } else { | 190 | filedb_print(var_out, "whitelist /var/", fp); |
171 | filedb_print(var_out, "whitelist ", fp); | 191 | fprintf(fp, "include whitelist-var-common.inc\n"); |
172 | fprintf(fp, "include whitelist-var-common.inc\n"); | ||
173 | } | ||
174 | } | 192 | } |
175 | 193 | ||
176 | 194 | ||
177 | //******************************************* | 195 | //******************************************* |
178 | // usr/share directory | 196 | // usr/share directory |
179 | //******************************************* | 197 | //******************************************* |
180 | // todo: load the list from whitelist-usr-share-common.inc | ||
181 | static char *share_skip[] = { | ||
182 | "/usr/share/alsa", | ||
183 | "/usr/share/applications", | ||
184 | "/usr/share/ca-certificates", | ||
185 | "/usr/share/crypto-policies", | ||
186 | "/usr/share/cursors", | ||
187 | "/usr/share/dconf", | ||
188 | "/usr/share/distro-info", | ||
189 | "/usr/share/drirc.d", | ||
190 | "/usr/share/enchant", | ||
191 | "/usr/share/enchant-2", | ||
192 | "/usr/share/file", | ||
193 | "/usr/share/fontconfig", | ||
194 | "/usr/share/fonts", | ||
195 | "/usr/share/fonts-config", | ||
196 | "/usr/share/gir-1.0", | ||
197 | "/usr/share/gjs-1.0", | ||
198 | "/usr/share/glib-2.0", | ||
199 | "/usr/share/glvnd", | ||
200 | "/usr/share/gtk-2.0", | ||
201 | "/usr/share/gtk-3.0", | ||
202 | "/usr/share/gtk-engines", | ||
203 | "/usr/share/gtksourceview-3.0", | ||
204 | "/usr/share/gtksourceview-4", | ||
205 | "/usr/share/hunspell", | ||
206 | "/usr/share/hwdata", | ||
207 | "/usr/share/icons", | ||
208 | "/usr/share/icu", | ||
209 | "/usr/share/knotifications5", | ||
210 | "/usr/share/kservices5", | ||
211 | "/usr/share/Kvantum", | ||
212 | "/usr/share/kxmlgui5", | ||
213 | "/usr/share/libdrm", | ||
214 | "/usr/share/libthai", | ||
215 | "/usr/share/locale", | ||
216 | "/usr/share/mime", | ||
217 | "/usr/share/misc", | ||
218 | "/usr/share/Modules", | ||
219 | "/usr/share/myspell", | ||
220 | "/usr/share/p11-kit", | ||
221 | "/usr/share/perl", | ||
222 | "/usr/share/perl5", | ||
223 | "/usr/share/pixmaps", | ||
224 | "/usr/share/pki", | ||
225 | "/usr/share/plasma", | ||
226 | "/usr/share/publicsuffix", | ||
227 | "/usr/share/qt", | ||
228 | "/usr/share/qt4", | ||
229 | "/usr/share/qt5", | ||
230 | "/usr/share/qt5ct", | ||
231 | "/usr/share/sounds", | ||
232 | "/usr/share/tcl8.6", | ||
233 | "/usr/share/tcltk", | ||
234 | "/usr/share/terminfo", | ||
235 | "/usr/share/texlive", | ||
236 | "/usr/share/texmf", | ||
237 | "/usr/share/themes", | ||
238 | "/usr/share/thumbnail.so", | ||
239 | "/usr/share/uim", | ||
240 | "/usr/share/vulkan", | ||
241 | "/usr/share/X11", | ||
242 | "/usr/share/xml", | ||
243 | "/usr/share/zenity", | ||
244 | "/usr/share/zoneinfo", | ||
245 | NULL | ||
246 | }; | ||
247 | |||
248 | static FileDB *share_out = NULL; | 198 | static FileDB *share_out = NULL; |
199 | static FileDB *share_skip = NULL; | ||
249 | static void share_callback(char *ptr) { | 200 | static void share_callback(char *ptr) { |
250 | // extract the directory: | 201 | // extract the directory: |
251 | assert(strncmp(ptr, "/usr/share", 10) == 0); | 202 | assert(strncmp(ptr, "/usr/share", 10) == 0); |
@@ -263,30 +214,21 @@ static void share_callback(char *ptr) { | |||
263 | if (p2) | 214 | if (p2) |
264 | *p2 = '\0'; | 215 | *p2 = '\0'; |
265 | 216 | ||
266 | int i = 0; | 217 | |
267 | int found = 0; | 218 | if (!filedb_find(share_skip, p1)) |
268 | while (share_skip[i]) { | 219 | share_out = filedb_add(share_out, p1); |
269 | if (strncmp(ptr, share_skip[i], strlen(share_skip[i])) == 0) { | ||
270 | found = 1; | ||
271 | break; | ||
272 | } | ||
273 | i++; | ||
274 | } | ||
275 | if (!found) | ||
276 | share_out = filedb_add(share_out, ptr); | ||
277 | } | 220 | } |
278 | 221 | ||
279 | void build_share(const char *fname, FILE *fp) { | 222 | void build_share(const char *fname, FILE *fp) { |
280 | assert(fname); | 223 | assert(fname); |
281 | 224 | ||
225 | share_skip = filedb_load_whitelist(share_skip, "whitelist-usr-share-common.inc", "whitelist /usr/share/"); | ||
282 | process_files(fname, "/usr/share", share_callback); | 226 | process_files(fname, "/usr/share", share_callback); |
283 | 227 | ||
284 | if (share_out == NULL) { | 228 | // always whitelist /usr/share |
285 | fprintf(fp, "blacklist /usr/share\n"); | 229 | if (share_out) |
286 | } else { | 230 | filedb_print(share_out, "whitelist /usr/share/", fp); |
287 | filedb_print(share_out, "whitelist ", fp); | 231 | fprintf(fp, "include whitelist-usr-share-common.inc\n"); |
288 | fprintf(fp, "include whitelist-usr-share-common.inc\n"); | ||
289 | } | ||
290 | } | 232 | } |
291 | 233 | ||
292 | //******************************************* | 234 | //******************************************* |
@@ -336,6 +278,7 @@ static char *dev_skip[] = { | |||
336 | "/dev/null", | 278 | "/dev/null", |
337 | "/dev/full", | 279 | "/dev/full", |
338 | "/dev/random", | 280 | "/dev/random", |
281 | "/dev/srandom", | ||
339 | "/dev/urandom", | 282 | "/dev/urandom", |
340 | "/dev/sr0", | 283 | "/dev/sr0", |
341 | "/dev/cdrom", | 284 | "/dev/cdrom", |