diff options
Diffstat (limited to 'src/fbuilder/main.c')
| -rw-r--r-- | src/fbuilder/main.c | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/src/fbuilder/main.c b/src/fbuilder/main.c index 83217ef98..1b997ccdb 100644 --- a/src/fbuilder/main.c +++ b/src/fbuilder/main.c | |||
| @@ -22,7 +22,7 @@ int arg_debug = 0; | |||
| 22 | 22 | ||
| 23 | static void usage(void) { | 23 | static void usage(void) { |
| 24 | printf("Firejail profile builder\n"); | 24 | printf("Firejail profile builder\n"); |
| 25 | printf("Usage: firejail [--debug] --build program-and-arguments\n"); | 25 | printf("Usage: firejail [--debug] --build[=profile-file] program-and-arguments\n"); |
| 26 | } | 26 | } |
| 27 | 27 | ||
| 28 | int main(int argc, char **argv) { | 28 | int main(int argc, char **argv) { |
| @@ -38,6 +38,8 @@ printf("\n"); | |||
| 38 | 38 | ||
| 39 | int i; | 39 | int i; |
| 40 | int prog_index = 0; | 40 | int prog_index = 0; |
| 41 | FILE *fp = stdout; | ||
| 42 | int prof_file = 0; | ||
| 41 | 43 | ||
| 42 | // parse arguments and extract program index | 44 | // parse arguments and extract program index |
| 43 | for (i = 1; i < argc; i++) { | 45 | for (i = 1; i < argc; i++) { |
| @@ -49,6 +51,22 @@ printf("\n"); | |||
| 49 | arg_debug = 1; | 51 | arg_debug = 1; |
| 50 | else if (strcmp(argv[i], "--build") == 0) | 52 | else if (strcmp(argv[i], "--build") == 0) |
| 51 | ; // do nothing, this is passed down from firejail | 53 | ; // do nothing, this is passed down from firejail |
| 54 | else if (strncmp(argv[i], "--build=", 8) == 0) { | ||
| 55 | // this option is only supported for non-root users | ||
| 56 | if (getuid() == 0) { | ||
| 57 | fprintf(stderr, "Error fbuild: --build=profile-name is not supported for root user.\n"); | ||
| 58 | exit(1); | ||
| 59 | } | ||
| 60 | |||
| 61 | // check file access | ||
| 62 | fp = fopen(argv[i] + 8, "w"); | ||
| 63 | if (!fp) { | ||
| 64 | fprintf(stderr, "Error fbuild: cannot open profile file.\n"); | ||
| 65 | exit(1); | ||
| 66 | } | ||
| 67 | prof_file = 1; | ||
| 68 | // do nothing, this is passed down from firejail | ||
| 69 | } | ||
| 52 | else { | 70 | else { |
| 53 | if (*argv[i] == '-') { | 71 | if (*argv[i] == '-') { |
| 54 | fprintf(stderr, "Error fbuilder: invalid program\n"); | 72 | fprintf(stderr, "Error fbuilder: invalid program\n"); |
| @@ -63,9 +81,13 @@ printf("\n"); | |||
| 63 | if (prog_index == 0) { | 81 | if (prog_index == 0) { |
| 64 | fprintf(stderr, "Error fbuilder: program and arguments required\n"); | 82 | fprintf(stderr, "Error fbuilder: program and arguments required\n"); |
| 65 | usage(); | 83 | usage(); |
| 84 | if (prof_file) | ||
| 85 | fclose(fp); | ||
| 66 | exit(1); | 86 | exit(1); |
| 67 | } | 87 | } |
| 68 | 88 | ||
| 69 | build_profile(argc, argv, prog_index); | 89 | build_profile(argc, argv, prog_index, fp); |
| 90 | if (prof_file) | ||
| 91 | fclose(fp); | ||
| 70 | return 0; | 92 | return 0; |
| 71 | } | 93 | } |