diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/profile.c | 30 |
1 files changed, 21 insertions, 9 deletions
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 4851dc9ad..c8bbff3fb 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
@@ -69,13 +69,7 @@ static void warning_feature_disabled(const char *feature) { | |||
69 | } | 69 | } |
70 | 70 | ||
71 | 71 | ||
72 | 72 | static int is_in_ignore_list(char *ptr) { | |
73 | // check profile line; if line == 0, this was generated from a command line option | ||
74 | // return 1 if the command is to be added to the linked list of profile commands | ||
75 | // return 0 if the command was already executed inside the function | ||
76 | int profile_check_line(char *ptr, int lineno, const char *fname) { | ||
77 | EUID_ASSERT(); | ||
78 | |||
79 | // check ignore list | 73 | // check ignore list |
80 | int i; | 74 | int i; |
81 | for (i = 0; i < MAX_PROFILE_IGNORE; i++) { | 75 | for (i = 0; i < MAX_PROFILE_IGNORE; i++) { |
@@ -86,10 +80,24 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
86 | if (strncmp(ptr, cfg.profile_ignore[i], len) == 0) { | 80 | if (strncmp(ptr, cfg.profile_ignore[i], len) == 0) { |
87 | // full word match | 81 | // full word match |
88 | if (*(ptr + len) == '\0' || *(ptr + len) == ' ') | 82 | if (*(ptr + len) == '\0' || *(ptr + len) == ' ') |
89 | return 0; // ignore line | 83 | return 1; // ignore line |
90 | } | 84 | } |
91 | } | 85 | } |
92 | 86 | ||
87 | return 0; | ||
88 | } | ||
89 | |||
90 | |||
91 | // check profile line; if line == 0, this was generated from a command line option | ||
92 | // return 1 if the command is to be added to the linked list of profile commands | ||
93 | // return 0 if the command was already executed inside the function | ||
94 | int profile_check_line(char *ptr, int lineno, const char *fname) { | ||
95 | EUID_ASSERT(); | ||
96 | |||
97 | // check ignore list | ||
98 | if (is_in_ignore_list(ptr)) | ||
99 | return 0; | ||
100 | |||
93 | if (strncmp(ptr, "ignore ", 7) == 0) { | 101 | if (strncmp(ptr, "ignore ", 7) == 0) { |
94 | char *str = strdup(ptr + 7); | 102 | char *str = strdup(ptr + 7); |
95 | if (*str == '\0') { | 103 | if (*str == '\0') { |
@@ -1256,8 +1264,12 @@ void profile_read(const char *fname) { | |||
1256 | } | 1264 | } |
1257 | 1265 | ||
1258 | // process quiet | 1266 | // process quiet |
1267 | // todo: a quiet in the profile file cannot be disabled by --ignore on command line | ||
1259 | if (strcmp(ptr, "quiet") == 0) { | 1268 | if (strcmp(ptr, "quiet") == 0) { |
1260 | arg_quiet = 1; | 1269 | if (is_in_ignore_list(ptr)) |
1270 | arg_quiet = 0; | ||
1271 | else | ||
1272 | arg_quiet = 1; | ||
1261 | free(ptr); | 1273 | free(ptr); |
1262 | continue; | 1274 | continue; |
1263 | } | 1275 | } |