1 files changed, 231 insertions, 0 deletions
diff --git a/src/tools/cleanup_etc.c b/src/tools/cleanup_etc.c
new file mode 100644
index 000000000..5c926a8c6
--- /dev/null
+++ b/src/tools/cleanup_etc.c
@@ -0,0 +1,231 @@
+/*
+ * Copyright (C) 2014-2022 Firejail Authors
+ *
+ * This file is part of firejail project
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*/
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdarg.h>
+#include <assert.h>
+#include "../include/etc_groups.h"
+#define errExit(msg)    do { char msgout[500]; sprintf(msgout, "Error %s:%s(%d)", msg, __FUNCTION__, __LINE__); perror(msgout); exit(1);} while (0)
+#define MAX_BUF 4098
+#define MAX_ARR 1024
+char *arr[MAX_ARR] = {NULL};
+int arr_cnt = 0;
+static int arr_tls_ca = 0;
+static int arr_x11 = 0;
+static int arr_games = 0;
+static char outbuf[256 * 1024];
+static char *outptr;
+void outprintf(char* fmt, ...) {
+        va_list args;
+        va_start(args,fmt);
+        outptr += vsprintf(outptr, fmt, args);
+        va_end(args);
+}
+static int arr_check(const char *fname, char **pptr) {
+        assert(fname);
+        assert(pptr);
+        while (*pptr != NULL) {
+                if (strcmp(fname, *pptr) == 0)
+                        return 1;
+                pptr++;
+        }
+        return 0;
+}
+static void arr_add(const char *fname) {
+        assert(fname);
+        assert(arr_cnt < MAX_ARR);
+        int i;
+        for (i = 0; i < arr_cnt; i++)
+                if (strcmp(arr[i], fname) == 0)
+                        return;
+        arr[arr_cnt] = strdup(fname);
+        if (!arr[arr_cnt])
+                errExit("strdup");
+        arr_cnt++;
+}
+static void arr_clean(void) {
+        int i;
+        for (i = 0; i < arr_cnt; i++) {
+                free(arr[i]);
+                arr[i] = NULL;
+        }
+        arr_cnt = 0;
+        arr_games = 0;
+        arr_tls_ca = 0;
+        arr_x11 = 0;
+}
+static void arr_print(void) {
+        printf("private-etc ");
+        outprintf("private-etc ");
+        if (arr_games) {
+                printf("@games,");
+                outprintf("@games,");
+        }
+        if (arr_tls_ca) {
+                printf("@tls-ca,");
+                outprintf("@tls-ca,");
+        }
+        if (arr_x11) {
+                printf("@x11,");
+                outprintf("@x11,");
+        }
+        int i;
+        for (i = 0; i < arr_cnt; i++) {
+                printf("%s,", arr[i]);
+                outprintf("%s,", arr[i]);
+        }
+        printf("\n");
+        outprintf("\n");
+}
+static void process_file(const char *fname) {
+        assert(fname);
+        FILE *fp = fopen(fname, "r");
+        if (!fp) {
+                fprintf(stderr, "Error: cannot open profile file\n");
+                exit(1);
+        }
+        outptr = outbuf;
+        *outptr = '\0';
+        char line[MAX_BUF];
+        char orig_line[MAX_BUF];
+        int cnt = 0;
+        int print = 0;
+        while (fgets(line, MAX_BUF, fp)) {
+                cnt++;
+                if (strncmp(line, "private-etc ", 12) != 0)  {
+                        sprintf(outptr, "%s", line);
+                        outptr += strlen(outptr);
+                        continue;
+                }
+                char *ptr = strchr(line, '\n');
+                if (ptr)
+                        *ptr = '\0';
+                print = 1;
+                strcpy(orig_line,line);
+                ptr = line + 12;
+                while (*ptr == ' ' || *ptr == '\t')
+                        ptr++;
+                // check for blanks and tabs
+                char *ptr2 = ptr;
+                while (*ptr2 != '\0') {
+                        if (*ptr2 == ' ' || *ptr2 == '\t') {
+                                fprintf(stderr, "Error: invlid private-etc line %s:%d\n", fname, cnt);
+                                exit(1);
+                        }
+                        ptr2++;
+                }
+                ptr = strtok(ptr, ",");
+                while (ptr) {
+                        if (arr_check(ptr, &etc_list[0]));
+                        else if (arr_check(ptr, &etc_group_sound[0]));
+                        else if (arr_check(ptr, &etc_group_network[0]));
+                        else if (strcmp(ptr, "@games") == 0)
+                                arr_games = 1;
+                        else if (strcmp(ptr, "@tls-ca") == 0)
+                                arr_tls_ca = 1;
+                        else if (strcmp(ptr, "@x11") == 0)
+                                arr_x11 = 1;
+                        else if (arr_check(ptr, &etc_group_games[0]))
+                                arr_games = 1;
+                        else if (arr_check(ptr, &etc_group_tls_ca[0]))
+                                arr_tls_ca = 1;
+                        else if (arr_check(ptr, &etc_group_x11[0]))
+                                arr_x11 = 1;
+                        else
+                                arr_add(ptr);
+                        ptr = strtok(NULL, ",");
+                }
+                printf("\n%s: %s\n%s: ", fname, orig_line, fname);
+                arr_print();
+                arr_clean();
+        }
+        fclose(fp);
+        if (print) {
+                printf("Replace %s file? (Y/N): ", fname);
+                fgets(line, MAX_BUF, stdin);
+                if (*line == 'y' || *line == 'Y') {
+                        fp = fopen(fname, "w");
+                        if (!fp) {
+                                fprintf(stderr, "Error: cannot open profile file\n");
+                                exit(1);
+                        }
+                        fprintf(fp, "%s", outbuf);
+                        fclose(fp);
+                }
+        }
+}
+static void usage(void) {
+        printf("usage: cleanup-etc file.profile\n");
+}
+int main(int argc, char **argv) {
+        if (argc < 2) {
+                fprintf(stderr, "Error: invalid number of parameters\n");
+                usage();
+                return 1;
+        }
+        int i;
+        for (i = 1; i < argc; i++) {
+                if (strcmp(argv[i], "-h") == 0) {
+                        usage();
+                        return 0;
+                }
+        }
+        for (i = 1; i < argc; i++)
+                process_file(argv[i]);
+        return 0;
+}
+\ No newline at end of file

diff --git a/src/tools/cleanup_etc.c b/src/tools/cleanup_etc.c new file mode 100644 index 000000000..5c926a8c6 --- /dev/null +++ b/src/tools/cleanup_etc.c
@@ -0,0 +1,231 @@
	1	/*
	2	* Copyright (C) 2014-2022 Firejail Authors
	3	*
	4	* This file is part of firejail project
	5	*
	6	* This program is free software; you can redistribute it and/or modify
	7	* it under the terms of the GNU General Public License as published by
	8	* the Free Software Foundation; either version 2 of the License, or
	9	* (at your option) any later version.
	10	*
	11	* This program is distributed in the hope that it will be useful,
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	14	* GNU General Public License for more details.
	15	*
	16	* You should have received a copy of the GNU General Public License along
	17	* with this program; if not, write to the Free Software Foundation, Inc.,
	18	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	19	*/
	20
	21	#include <stdio.h>
	22	#include <stdlib.h>
	23	#include <string.h>
	24	#include <stdarg.h>
	25	#include <assert.h>
	26	#include "../include/etc_groups.h"
	27	#define errExit(msg) do { char msgout[500]; sprintf(msgout, "Error %s:%s(%d)", msg, __FUNCTION__, __LINE__); perror(msgout); exit(1);} while (0)
	28
	29
	30
	31	#define MAX_BUF 4098
	32	#define MAX_ARR 1024
	33	char *arr[MAX_ARR] = {NULL};
	34	int arr_cnt = 0;
	35
	36	static int arr_tls_ca = 0;
	37	static int arr_x11 = 0;
	38	static int arr_games = 0;
	39	static char outbuf[256 * 1024];
	40	static char *outptr;
	41
	42	void outprintf(char* fmt, ...) {
	43	va_list args;
	44	va_start(args,fmt);
	45	outptr += vsprintf(outptr, fmt, args);
	46	va_end(args);
	47	}
	48
	49
	50
	51	static int arr_check(const char fname, char *pptr) {
	52	assert(fname);
	53	assert(pptr);
	54
	55	while (*pptr != NULL) {
	56	if (strcmp(fname, *pptr) == 0)
	57	return 1;
	58	pptr++;
	59	}
	60
	61	return 0;
	62	}
	63
	64
	65
	66	static void arr_add(const char *fname) {
	67	assert(fname);
	68	assert(arr_cnt < MAX_ARR);
	69
	70	int i;
	71	for (i = 0; i < arr_cnt; i++)
	72	if (strcmp(arr[i], fname) == 0)
	73	return;
	74
	75	arr[arr_cnt] = strdup(fname);
	76	if (!arr[arr_cnt])
	77	errExit("strdup");
	78	arr_cnt++;
	79	}
	80
	81	static void arr_clean(void) {
	82	int i;
	83	for (i = 0; i < arr_cnt; i++) {
	84	free(arr[i]);
	85	arr[i] = NULL;
	86	}
	87
	88	arr_cnt = 0;
	89	arr_games = 0;
	90	arr_tls_ca = 0;
	91	arr_x11 = 0;
	92	}
	93
	94	static void arr_print(void) {
	95	printf("private-etc ");
	96	outprintf("private-etc ");
	97
	98	if (arr_games) {
	99	printf("@games,");
	100	outprintf("@games,");
	101	}
	102	if (arr_tls_ca) {
	103	printf("@tls-ca,");
	104	outprintf("@tls-ca,");
	105	}
	106	if (arr_x11) {
	107	printf("@x11,");
	108	outprintf("@x11,");
	109	}
	110	int i;
	111	for (i = 0; i < arr_cnt; i++) {
	112	printf("%s,", arr[i]);
	113	outprintf("%s,", arr[i]);
	114	}
	115	printf("\n");
	116	outprintf("\n");
	117	}
	118
	119	static void process_file(const char *fname) {
	120	assert(fname);
	121
	122	FILE *fp = fopen(fname, "r");
	123	if (!fp) {
	124	fprintf(stderr, "Error: cannot open profile file\n");
	125	exit(1);
	126	}
	127
	128	outptr = outbuf;
	129	*outptr = '\0';
	130
	131	char line[MAX_BUF];
	132	char orig_line[MAX_BUF];
	133	int cnt = 0;
	134	int print = 0;
	135	while (fgets(line, MAX_BUF, fp)) {
	136	cnt++;
	137	if (strncmp(line, "private-etc ", 12) != 0) {
	138	sprintf(outptr, "%s", line);
	139	outptr += strlen(outptr);
	140	continue;
	141	}
	142	char *ptr = strchr(line, '\n');
	143	if (ptr)
	144	*ptr = '\0';
	145
	146	print = 1;
	147	strcpy(orig_line,line);
	148
	149	ptr = line + 12;
	150	while (ptr == ' ' \|\| ptr == '\t')
	151	ptr++;
	152
	153	// check for blanks and tabs
	154	char *ptr2 = ptr;
	155	while (*ptr2 != '\0') {
	156	if (ptr2 == ' ' \|\| ptr2 == '\t') {
	157	fprintf(stderr, "Error: invlid private-etc line %s:%d\n", fname, cnt);
	158	exit(1);
	159	}
	160	ptr2++;
	161	}
	162
	163	ptr = strtok(ptr, ",");
	164	while (ptr) {
	165	if (arr_check(ptr, &etc_list[0]));
	166	else if (arr_check(ptr, &etc_group_sound[0]));
	167	else if (arr_check(ptr, &etc_group_network[0]));
	168	else if (strcmp(ptr, "@games") == 0)
	169	arr_games = 1;
	170	else if (strcmp(ptr, "@tls-ca") == 0)
	171	arr_tls_ca = 1;
	172	else if (strcmp(ptr, "@x11") == 0)
	173	arr_x11 = 1;
	174	else if (arr_check(ptr, &etc_group_games[0]))
	175	arr_games = 1;
	176	else if (arr_check(ptr, &etc_group_tls_ca[0]))
	177	arr_tls_ca = 1;
	178	else if (arr_check(ptr, &etc_group_x11[0]))
	179	arr_x11 = 1;
	180	else
	181	arr_add(ptr);
	182
	183	ptr = strtok(NULL, ",");
	184	}
	185
	186	printf("\n%s: %s\n%s: ", fname, orig_line, fname);
	187	arr_print();
	188	arr_clean();
	189	}
	190
	191	fclose(fp);
	192
	193	if (print) {
	194	printf("Replace %s file? (Y/N): ", fname);
	195	fgets(line, MAX_BUF, stdin);
	196	if (line == 'y' \|\| line == 'Y') {
	197	fp = fopen(fname, "w");
	198	if (!fp) {
	199	fprintf(stderr, "Error: cannot open profile file\n");
	200	exit(1);
	201	}
	202	fprintf(fp, "%s", outbuf);
	203	fclose(fp);
	204	}
	205	}
	206	}
	207
	208	static void usage(void) {
	209	printf("usage: cleanup-etc file.profile\n");
	210	}
	211
	212	int main(int argc, char **argv) {
	213	if (argc < 2) {
	214	fprintf(stderr, "Error: invalid number of parameters\n");
	215	usage();
	216	return 1;
	217	}
	218
	219	int i;
	220	for (i = 1; i < argc; i++) {
	221	if (strcmp(argv[i], "-h") == 0) {
	222	usage();
	223	return 0;
	224	}
	225	}
	226
	227	for (i = 1; i < argc; i++)
	228	process_file(argv[i]);
	229
	230	return 0;
	231	} \ No newline at end of file