diff options
Diffstat (limited to 'src/firejail/profile.c')
| -rw-r--r-- | src/firejail/profile.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 059100fcb..5390249ea 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
| @@ -175,6 +175,10 @@ static int check_allow_drm(void) { | |||
| 175 | return checkcfg(CFG_BROWSER_ALLOW_DRM) != 0; | 175 | return checkcfg(CFG_BROWSER_ALLOW_DRM) != 0; |
| 176 | } | 176 | } |
| 177 | 177 | ||
| 178 | static int check_allow_tray(void) { | ||
| 179 | return checkcfg(CFG_ALLOW_TRAY) != 0; | ||
| 180 | } | ||
| 181 | |||
| 178 | Cond conditionals[] = { | 182 | Cond conditionals[] = { |
| 179 | {"HAS_APPIMAGE", check_appimage}, | 183 | {"HAS_APPIMAGE", check_appimage}, |
| 180 | {"HAS_NET", check_netoptions}, | 184 | {"HAS_NET", check_netoptions}, |
| @@ -184,6 +188,7 @@ Cond conditionals[] = { | |||
| 184 | {"HAS_X11", check_x11}, | 188 | {"HAS_X11", check_x11}, |
| 185 | {"BROWSER_DISABLE_U2F", check_disable_u2f}, | 189 | {"BROWSER_DISABLE_U2F", check_disable_u2f}, |
| 186 | {"BROWSER_ALLOW_DRM", check_allow_drm}, | 190 | {"BROWSER_ALLOW_DRM", check_allow_drm}, |
| 191 | {"ALLOW_TRAY", check_allow_tray}, | ||
| 187 | { NULL, NULL } | 192 | { NULL, NULL } |
| 188 | }; | 193 | }; |
| 189 | 194 | ||
| @@ -630,7 +635,7 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
| 630 | #endif | 635 | #endif |
| 631 | return 0; | 636 | return 0; |
| 632 | } | 637 | } |
| 633 | else if (strncmp(ptr, "netns ", 6) == 0) { | 638 | else if (strncmp(ptr, "netns ", 6) == 0) { |
| 634 | #ifdef HAVE_NETWORK | 639 | #ifdef HAVE_NETWORK |
| 635 | if (checkcfg(CFG_NETWORK)) { | 640 | if (checkcfg(CFG_NETWORK)) { |
| 636 | arg_netns = ptr + 6; | 641 | arg_netns = ptr + 6; |
| @@ -981,10 +986,10 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
| 981 | warning_feature_disabled("seccomp"); | 986 | warning_feature_disabled("seccomp"); |
| 982 | return 0; | 987 | return 0; |
| 983 | } | 988 | } |
| 984 | if (strncmp(ptr, "seccomp.32.drop ", 13) == 0) { | 989 | if (strncmp(ptr, "seccomp.32.drop ", 16) == 0) { |
| 985 | if (checkcfg(CFG_SECCOMP)) { | 990 | if (checkcfg(CFG_SECCOMP)) { |
| 986 | arg_seccomp32 = 1; | 991 | arg_seccomp32 = 1; |
| 987 | cfg.seccomp_list_drop32 = seccomp_check_list(ptr + 13); | 992 | cfg.seccomp_list_drop32 = seccomp_check_list(ptr + 16); |
| 988 | } | 993 | } |
| 989 | else | 994 | else |
| 990 | warning_feature_disabled("seccomp"); | 995 | warning_feature_disabled("seccomp"); |
| @@ -1001,10 +1006,10 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
| 1001 | warning_feature_disabled("seccomp"); | 1006 | warning_feature_disabled("seccomp"); |
| 1002 | return 0; | 1007 | return 0; |
| 1003 | } | 1008 | } |
| 1004 | if (strncmp(ptr, "seccomp.32.keep ", 13) == 0) { | 1009 | if (strncmp(ptr, "seccomp.32.keep ", 16) == 0) { |
| 1005 | if (checkcfg(CFG_SECCOMP)) { | 1010 | if (checkcfg(CFG_SECCOMP)) { |
| 1006 | arg_seccomp32 = 1; | 1011 | arg_seccomp32 = 1; |
| 1007 | cfg.seccomp_list_keep32 = seccomp_check_list(ptr + 13); | 1012 | cfg.seccomp_list_keep32 = seccomp_check_list(ptr + 16); |
| 1008 | } | 1013 | } |
| 1009 | else | 1014 | else |
| 1010 | warning_feature_disabled("seccomp"); | 1015 | warning_feature_disabled("seccomp"); |