diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firecfg/firecfg.h | 4 | ||||
-rw-r--r-- | src/firecfg/main.c | 30 |
2 files changed, 33 insertions, 1 deletions
diff --git a/src/firecfg/firecfg.h b/src/firecfg/firecfg.h index 6e17c20cf..11e3ebc67 100644 --- a/src/firecfg/firecfg.h +++ b/src/firecfg/firecfg.h | |||
@@ -37,7 +37,11 @@ | |||
37 | #include "../include/common.h" | 37 | #include "../include/common.h" |
38 | #define MAX_BUF 4096 | 38 | #define MAX_BUF 4096 |
39 | 39 | ||
40 | // config files | ||
40 | #define FIRECFG_CFGFILE SYSCONFDIR "/firecfg.config" | 41 | #define FIRECFG_CFGFILE SYSCONFDIR "/firecfg.config" |
42 | #define FIRECFG_CONF_GLOB SYSCONFDIR "/firecfg.d/*.conf" | ||
43 | |||
44 | // programs | ||
41 | #define FIREJAIL_EXEC PREFIX "/bin/firejail" | 45 | #define FIREJAIL_EXEC PREFIX "/bin/firejail" |
42 | #define FIREJAIL_WELCOME_SH LIBDIR "/firejail/firejail-welcome.sh" | 46 | #define FIREJAIL_WELCOME_SH LIBDIR "/firejail/firejail-welcome.sh" |
43 | #define FZENITY_EXEC LIBDIR "/firejail/fzenity" | 47 | #define FZENITY_EXEC LIBDIR "/firejail/fzenity" |
diff --git a/src/firecfg/main.c b/src/firecfg/main.c index 0d995a6dd..35fa850f1 100644 --- a/src/firecfg/main.c +++ b/src/firecfg/main.c | |||
@@ -20,6 +20,8 @@ | |||
20 | 20 | ||
21 | #include "firecfg.h" | 21 | #include "firecfg.h" |
22 | #include "../include/firejail_user.h" | 22 | #include "../include/firejail_user.h" |
23 | #include <glob.h> | ||
24 | |||
23 | int arg_debug = 0; | 25 | int arg_debug = 0; |
24 | char *arg_bindir = "/usr/local/bin"; | 26 | char *arg_bindir = "/usr/local/bin"; |
25 | int arg_guide = 0; | 27 | int arg_guide = 0; |
@@ -209,6 +211,29 @@ static void set_links_firecfg(const char *cfgfile) { | |||
209 | } | 211 | } |
210 | 212 | ||
211 | fclose(fp); | 213 | fclose(fp); |
214 | printf("\n"); | ||
215 | } | ||
216 | |||
217 | // parse all config files matching pattern | ||
218 | static void set_links_firecfg_glob(const char *pattern) { | ||
219 | printf("Looking for config files in %s\n", pattern); | ||
220 | |||
221 | glob_t globbuf; | ||
222 | int globerr = glob(pattern, 0, NULL, &globbuf); | ||
223 | if (globerr == GLOB_NOMATCH) { | ||
224 | fprintf(stderr, "No matches for glob pattern %s\n", pattern); | ||
225 | goto out; | ||
226 | } else if (globerr != 0) { | ||
227 | fprintf(stderr, "Warning: Failed to match glob pattern %s: %s\n", | ||
228 | pattern, strerror(errno)); | ||
229 | goto out; | ||
230 | } | ||
231 | |||
232 | size_t i; | ||
233 | for (i = 0; i < globbuf.gl_pathc; i++) | ||
234 | set_links_firecfg(globbuf.gl_pathv[i]); | ||
235 | out: | ||
236 | globfree(&globbuf); | ||
212 | } | 237 | } |
213 | 238 | ||
214 | // parse ~/.config/firejail/ directory | 239 | // parse ~/.config/firejail/ directory |
@@ -450,12 +475,15 @@ int main(int argc, char **argv) { | |||
450 | // clear all symlinks | 475 | // clear all symlinks |
451 | clean(); | 476 | clean(); |
452 | 477 | ||
478 | // set new symlinks based on .conf files | ||
479 | set_links_firecfg_glob(FIRECFG_CONF_GLOB); | ||
480 | |||
453 | // set new symlinks based on firecfg.config | 481 | // set new symlinks based on firecfg.config |
454 | set_links_firecfg(FIRECFG_CFGFILE); | 482 | set_links_firecfg(FIRECFG_CFGFILE); |
455 | 483 | ||
456 | if (getuid() == 0) { | 484 | if (getuid() == 0) { |
457 | // add user to firejail access database - only for root | 485 | // add user to firejail access database - only for root |
458 | printf("\nAdding user %s to Firejail access database in %s/firejail.users\n", user, SYSCONFDIR); | 486 | printf("Adding user %s to Firejail access database in %s/firejail.users\n", user, SYSCONFDIR); |
459 | // temporarily set the umask, access database must be world-readable | 487 | // temporarily set the umask, access database must be world-readable |
460 | mode_t orig_umask = umask(022); | 488 | mode_t orig_umask = umask(022); |
461 | firejail_user_add(user); | 489 | firejail_user_add(user); |