1 files changed, 14 insertions, 14 deletions
diff --git a/src/firejail/caps.c b/src/firejail/caps.c
index 30693f7a0..d45ba20ce 100644
--- a/src/firejail/caps.c
+++ b/src/firejail/caps.c
@@ -154,12 +154,12 @@ static CapsEntry capslist[] = {
 // not in Debian 7
 #ifdef CAP_BLOCK_SUSPEND
        {"block_suspend", CAP_BLOCK_SUSPEND },
-#else   
+#else
        {"block_suspend", 36 },
 #endif
 #ifdef CAP_AUDIT_READ
        {"audit_read", CAP_AUDIT_READ },
-#else   
+#else
        {"audit_read", 37 },
 #endif
@@ -176,7 +176,7 @@ static int caps_find_name(const char *name) {
                if (strcmp(name, capslist[i].name) == 0)
                        return capslist[i].nr;
        }
-        
        return -1;
 }
@@ -205,32 +205,32 @@ void caps_check_list(const char *clist, void (*callback)(int)) {
                                goto errexit;
                        else if (callback != NULL)
                                callback(nr);
-                                
                        start = ptr + 1;
                }
                ptr++;
        }
        if (*start != '\0') {
                int nr = caps_find_name(start);
-                if (nr == -1) 
+                if (nr == -1)
                        goto errexit;
                else if (callback != NULL)
                        callback(nr);
        }
-        free(str);      
+        free(str);
        return;
 errexit:
        fprintf(stderr, "Error: capability \"%s\" not found\n", start);
-        exit(1);        
+        exit(1);
 }
 void caps_print(void) {
        EUID_ASSERT();
        int i;
        int elems = sizeof(capslist) / sizeof(capslist[0]);
-        
        // check current caps supported by the kernel
        int cnt = 0;
        unsigned long cap;
@@ -242,7 +242,7 @@ void caps_print(void) {
        }
        EUID_USER();
        printf("Your kernel supports %d capabilities.\n", cnt);
-        
        for (i = 0; i < elems; i++) {
                printf("%d\t- %s\n", capslist[i].nr, capslist[i].name);
        }
@@ -300,7 +300,7 @@ int caps_default_filter(void) {
 errexit:
        fprintf(stderr, "Error: cannot drop capabilities\n");
-        exit(1);        
+        exit(1);
 }
 void caps_drop_all(void) {
@@ -359,7 +359,7 @@ void caps_keep_list(const char *clist) {
 #define MAXBUF 4098
 static uint64_t extract_caps(int pid) {
        EUID_ASSERT();
-        
        char *file;
        if (asprintf(&file, "/proc/%d/status", pid) == -1)
                errExit("asprintf");
@@ -369,7 +369,7 @@ static uint64_t extract_caps(int pid) {
        EUID_USER();    // grsecurity
        if (!fp)
                goto errexit;
-        
        char buf[MAXBUF];
        while (fgets(buf, MAXBUF, fp)) {
                if (strncmp(buf, "CapBnd:\t", 8) == 0) {
@@ -383,7 +383,7 @@ static uint64_t extract_caps(int pid) {
        }
        fclose(fp);
-errexit:        
+errexit:
        free(file);
        fprintf(stderr, "Error: cannot read caps configuration\n");
        exit(1);
@@ -391,7 +391,7 @@ errexit:
 void caps_print_filter(pid_t pid) {
        EUID_ASSERT();
-        
        // if the pid is that of a firejail  process, use the pid of the first child process
        EUID_ROOT();    // grsecurity
        char *comm = pid_proc_comm(pid);

diff --git a/src/firejail/caps.c b/src/firejail/caps.c index 30693f7a0..d45ba20ce 100644 --- a/src/firejail/caps.c +++ b/src/firejail/caps.c
@@ -154,12 +154,12 @@ static CapsEntry capslist[] = {
154	// not in Debian 7	154	// not in Debian 7
155	#ifdef CAP_BLOCK_SUSPEND	155	#ifdef CAP_BLOCK_SUSPEND
156	{"block_suspend", CAP_BLOCK_SUSPEND },	156	{"block_suspend", CAP_BLOCK_SUSPEND },
157	#else	157	#else
158	{"block_suspend", 36 },	158	{"block_suspend", 36 },
159	#endif	159	#endif
160	#ifdef CAP_AUDIT_READ	160	#ifdef CAP_AUDIT_READ
161	{"audit_read", CAP_AUDIT_READ },	161	{"audit_read", CAP_AUDIT_READ },
162	#else	162	#else
163	{"audit_read", 37 },	163	{"audit_read", 37 },
164	#endif	164	#endif
165		165
@@ -176,7 +176,7 @@ static int caps_find_name(const char *name) {
176	if (strcmp(name, capslist[i].name) == 0)	176	if (strcmp(name, capslist[i].name) == 0)
177	return capslist[i].nr;	177	return capslist[i].nr;
178	}	178	}
179		179
180	return -1;	180	return -1;
181	}	181	}
182		182
@@ -205,32 +205,32 @@ void caps_check_list(const char clist, void (callback)(int)) {
205	goto errexit;	205	goto errexit;
206	else if (callback != NULL)	206	else if (callback != NULL)
207	callback(nr);	207	callback(nr);
208		208
209	start = ptr + 1;	209	start = ptr + 1;
210	}	210	}
211	ptr++;	211	ptr++;
212	}	212	}
213	if (*start != '\0') {	213	if (*start != '\0') {
214	int nr = caps_find_name(start);	214	int nr = caps_find_name(start);
215	if (nr == -1)	215	if (nr == -1)
216	goto errexit;	216	goto errexit;
217	else if (callback != NULL)	217	else if (callback != NULL)
218	callback(nr);	218	callback(nr);
219	}	219	}
220		220
221	free(str);	221	free(str);
222	return;	222	return;
223		223
224	errexit:	224	errexit:
225	fprintf(stderr, "Error: capability \"%s\" not found\n", start);	225	fprintf(stderr, "Error: capability \"%s\" not found\n", start);
226	exit(1);	226	exit(1);
227	}	227	}
228		228
229	void caps_print(void) {	229	void caps_print(void) {
230	EUID_ASSERT();	230	EUID_ASSERT();
231	int i;	231	int i;
232	int elems = sizeof(capslist) / sizeof(capslist[0]);	232	int elems = sizeof(capslist) / sizeof(capslist[0]);
233		233
234	// check current caps supported by the kernel	234	// check current caps supported by the kernel
235	int cnt = 0;	235	int cnt = 0;
236	unsigned long cap;	236	unsigned long cap;
@@ -242,7 +242,7 @@ void caps_print(void) {
242	}	242	}
243	EUID_USER();	243	EUID_USER();
244	printf("Your kernel supports %d capabilities.\n", cnt);	244	printf("Your kernel supports %d capabilities.\n", cnt);
245		245
246	for (i = 0; i < elems; i++) {	246	for (i = 0; i < elems; i++) {
247	printf("%d\t- %s\n", capslist[i].nr, capslist[i].name);	247	printf("%d\t- %s\n", capslist[i].nr, capslist[i].name);
248	}	248	}
@@ -300,7 +300,7 @@ int caps_default_filter(void) {
300		300
301	errexit:	301	errexit:
302	fprintf(stderr, "Error: cannot drop capabilities\n");	302	fprintf(stderr, "Error: cannot drop capabilities\n");
303	exit(1);	303	exit(1);
304	}	304	}
305		305
306	void caps_drop_all(void) {	306	void caps_drop_all(void) {
@@ -359,7 +359,7 @@ void caps_keep_list(const char *clist) {
359	#define MAXBUF 4098	359	#define MAXBUF 4098
360	static uint64_t extract_caps(int pid) {	360	static uint64_t extract_caps(int pid) {
361	EUID_ASSERT();	361	EUID_ASSERT();
362		362
363	char *file;	363	char *file;
364	if (asprintf(&file, "/proc/%d/status", pid) == -1)	364	if (asprintf(&file, "/proc/%d/status", pid) == -1)
365	errExit("asprintf");	365	errExit("asprintf");
@@ -369,7 +369,7 @@ static uint64_t extract_caps(int pid) {
369	EUID_USER(); // grsecurity	369	EUID_USER(); // grsecurity
370	if (!fp)	370	if (!fp)
371	goto errexit;	371	goto errexit;
372		372
373	char buf[MAXBUF];	373	char buf[MAXBUF];
374	while (fgets(buf, MAXBUF, fp)) {	374	while (fgets(buf, MAXBUF, fp)) {
375	if (strncmp(buf, "CapBnd:\t", 8) == 0) {	375	if (strncmp(buf, "CapBnd:\t", 8) == 0) {
@@ -383,7 +383,7 @@ static uint64_t extract_caps(int pid) {
383	}	383	}
384	fclose(fp);	384	fclose(fp);
385		385
386	errexit:	386	errexit:
387	free(file);	387	free(file);
388	fprintf(stderr, "Error: cannot read caps configuration\n");	388	fprintf(stderr, "Error: cannot read caps configuration\n");
389	exit(1);	389	exit(1);
@@ -391,7 +391,7 @@ errexit:
391		391
392	void caps_print_filter(pid_t pid) {	392	void caps_print_filter(pid_t pid) {
393	EUID_ASSERT();	393	EUID_ASSERT();
394		394
395	// if the pid is that of a firejail process, use the pid of the first child process	395	// if the pid is that of a firejail process, use the pid of the first child process
396	EUID_ROOT(); // grsecurity	396	EUID_ROOT(); // grsecurity
397	char *comm = pid_proc_comm(pid);	397	char *comm = pid_proc_comm(pid);