diff options
Diffstat (limited to 'src/firejail/main.c')
-rw-r--r-- | src/firejail/main.c | 35 |
1 files changed, 6 insertions, 29 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index 069aa6ca8..7730e8384 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -888,8 +888,6 @@ int main(int argc, char **argv) { | |||
888 | int option_cgroup = 0; | 888 | int option_cgroup = 0; |
889 | int option_force = 0; | 889 | int option_force = 0; |
890 | int custom_profile = 0; // custom profile loaded | 890 | int custom_profile = 0; // custom profile loaded |
891 | char *custom_profile_dir = NULL; // custom profile directory | ||
892 | |||
893 | 891 | ||
894 | atexit(clear_atexit); | 892 | atexit(clear_atexit); |
895 | 893 | ||
@@ -1497,22 +1495,8 @@ int main(int argc, char **argv) { | |||
1497 | free(ppath); | 1495 | free(ppath); |
1498 | } | 1496 | } |
1499 | else if (strncmp(argv[i], "--profile-path=", 15) == 0) { | 1497 | else if (strncmp(argv[i], "--profile-path=", 15) == 0) { |
1500 | if (arg_noprofile) { | 1498 | if (!arg_quiet) |
1501 | fprintf(stderr, "Error: --noprofile and --profile-path options are mutually exclusive\n"); | 1499 | fprintf(stderr, "Warning: --profile-path has been deprecated\n"); |
1502 | exit(1); | ||
1503 | } | ||
1504 | custom_profile_dir = expand_home(argv[i] + 15, cfg.homedir); | ||
1505 | invalid_filename(custom_profile_dir, 0); // no globbing | ||
1506 | if (!is_dir(custom_profile_dir) || is_link(custom_profile_dir) || strstr(custom_profile_dir, "..")) { | ||
1507 | fprintf(stderr, "Error: invalid profile path\n"); | ||
1508 | exit(1); | ||
1509 | } | ||
1510 | |||
1511 | // access call checks as real UID/GID, not as effective UID/GID | ||
1512 | if (access(custom_profile_dir, R_OK)) { | ||
1513 | fprintf(stderr, "Error: cannot access profile directory\n"); | ||
1514 | return 1; | ||
1515 | } | ||
1516 | } | 1500 | } |
1517 | else if (strcmp(argv[i], "--noprofile") == 0) { | 1501 | else if (strcmp(argv[i], "--noprofile") == 0) { |
1518 | if (custom_profile) { | 1502 | if (custom_profile) { |
@@ -2398,11 +2382,7 @@ int main(int argc, char **argv) { | |||
2398 | } | 2382 | } |
2399 | if (!custom_profile) { | 2383 | if (!custom_profile) { |
2400 | // look for a user profile in /etc/firejail directory | 2384 | // look for a user profile in /etc/firejail directory |
2401 | int rv; | 2385 | int rv = profile_find(cfg.command_name, SYSCONFDIR); |
2402 | if (custom_profile_dir) | ||
2403 | rv = profile_find(cfg.command_name, custom_profile_dir); | ||
2404 | else | ||
2405 | rv = profile_find(cfg.command_name, SYSCONFDIR); | ||
2406 | custom_profile = rv; | 2386 | custom_profile = rv; |
2407 | } | 2387 | } |
2408 | } | 2388 | } |
@@ -2430,13 +2410,10 @@ int main(int argc, char **argv) { | |||
2430 | custom_profile = profile_find(profile_name, usercfgdir); | 2410 | custom_profile = profile_find(profile_name, usercfgdir); |
2431 | free(usercfgdir); | 2411 | free(usercfgdir); |
2432 | 2412 | ||
2433 | if (!custom_profile) { | 2413 | if (!custom_profile) |
2434 | // look for the profile in /etc/firejail directory | 2414 | // look for the profile in /etc/firejail directory |
2435 | if (custom_profile_dir) | 2415 | custom_profile = profile_find(profile_name, SYSCONFDIR); |
2436 | custom_profile = profile_find(profile_name, custom_profile_dir); | 2416 | |
2437 | else | ||
2438 | custom_profile = profile_find(profile_name, SYSCONFDIR); | ||
2439 | } | ||
2440 | if (!custom_profile) { | 2417 | if (!custom_profile) { |
2441 | fprintf(stderr, "Error: no default.profile installed\n"); | 2418 | fprintf(stderr, "Error: no default.profile installed\n"); |
2442 | exit(1); | 2419 | exit(1); |