diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/checkcfg.c | 7 | ||||
-rw-r--r-- | src/firejail/main.c | 27 | ||||
-rw-r--r-- | src/man/firejail.1.in | 31 | ||||
-rw-r--r-- | src/zsh_completion/_firejail.in | 4 |
4 files changed, 0 insertions, 69 deletions
diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c index 7792c6541..3283fae13 100644 --- a/src/firejail/checkcfg.c +++ b/src/firejail/checkcfg.c | |||
@@ -349,13 +349,6 @@ static const char *const compiletime_support = | |||
349 | "disabled" | 349 | "disabled" |
350 | #endif | 350 | #endif |
351 | 351 | ||
352 | "\n\t- firetunnel support is " | ||
353 | #ifdef HAVE_FIRETUNNEL | ||
354 | "enabled" | ||
355 | #else | ||
356 | "disabled" | ||
357 | #endif | ||
358 | |||
359 | "\n\t- IDS support is " | 352 | "\n\t- IDS support is " |
360 | #ifdef HAVE_IDS | 353 | #ifdef HAVE_IDS |
361 | "enabled" | 354 | "enabled" |
diff --git a/src/firejail/main.c b/src/firejail/main.c index aaa7c8a2f..76bfcede8 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -1827,33 +1827,6 @@ int main(int argc, char **argv, char **envp) { | |||
1827 | exit_err_feature("overlayfs"); | 1827 | exit_err_feature("overlayfs"); |
1828 | } | 1828 | } |
1829 | #endif | 1829 | #endif |
1830 | #ifdef HAVE_FIRETUNNEL | ||
1831 | else if (strcmp(argv[i], "--tunnel") == 0) { | ||
1832 | // try to connect to the default client side of the tunnel | ||
1833 | // if this fails, try the default server side of the tunnel | ||
1834 | if (access("/run/firetunnel/ftc", R_OK) == 0) | ||
1835 | profile_read("/run/firetunnel/ftc"); | ||
1836 | else if (access("/run/firetunnel/fts", R_OK) == 0) | ||
1837 | profile_read("/run/firetunnel/fts"); | ||
1838 | else { | ||
1839 | fprintf(stderr, "Error: no default firetunnel found, please specify it using --tunnel=devname option\n"); | ||
1840 | exit(1); | ||
1841 | } | ||
1842 | } | ||
1843 | else if (strncmp(argv[i], "--tunnel=", 9) == 0) { | ||
1844 | char *fname; | ||
1845 | |||
1846 | if (asprintf(&fname, "/run/firetunnel/%s", argv[i] + 9) == -1) | ||
1847 | errExit("asprintf"); | ||
1848 | invalid_filename(fname, 0); // no globbing | ||
1849 | if (access(fname, R_OK) == 0) | ||
1850 | profile_read(fname); | ||
1851 | else { | ||
1852 | fprintf(stderr, "Error: tunnel not found\n"); | ||
1853 | exit(1); | ||
1854 | } | ||
1855 | } | ||
1856 | #endif | ||
1857 | else if (strncmp(argv[i], "--include=", 10) == 0) { | 1830 | else if (strncmp(argv[i], "--include=", 10) == 0) { |
1858 | char *ppath = expand_macros(argv[i] + 10); | 1831 | char *ppath = expand_macros(argv[i] + 10); |
1859 | if (!ppath) | 1832 | if (!ppath) |
diff --git a/src/man/firejail.1.in b/src/man/firejail.1.in index 9761edb76..ccc9a50a5 100644 --- a/src/man/firejail.1.in +++ b/src/man/firejail.1.in | |||
@@ -42,15 +42,6 @@ Miscellaneous: | |||
42 | firejail {\-? | \-\-debug-caps | \-\-debug-errnos | \-\-debug-syscalls | \-\-debug-syscalls32 | \-\-debug-protocols | \-\-help | \-\-version} | 42 | firejail {\-? | \-\-debug-caps | \-\-debug-errnos | \-\-debug-syscalls | \-\-debug-syscalls32 | \-\-debug-protocols | \-\-help | \-\-version} |
43 | .RE | 43 | .RE |
44 | .SH DESCRIPTION | 44 | .SH DESCRIPTION |
45 | #ifdef HAVE_LTS | ||
46 | This is Firejail long-term support (LTS), an enterprise focused version of the software, | ||
47 | LTS is usually supported for two or three years. | ||
48 | During this time only bugs and the occasional documentation problems are fixed. | ||
49 | The attack surface of the SUID executable was greatly reduced by removing some of the features. | ||
50 | .br | ||
51 | |||
52 | .br | ||
53 | #endif | ||
54 | Firejail is a SUID sandbox program that reduces the risk of security breaches by | 45 | Firejail is a SUID sandbox program that reduces the risk of security breaches by |
55 | restricting the running environment of untrusted applications using Linux | 46 | restricting the running environment of untrusted applications using Linux |
56 | namespaces, seccomp-bpf and Linux capabilities. | 47 | namespaces, seccomp-bpf and Linux capabilities. |
@@ -3043,28 +3034,6 @@ $ firejail \-\-tree | |||
3043 | .br | 3034 | .br |
3044 | 11970:netblue:transmission-gtk | 3035 | 11970:netblue:transmission-gtk |
3045 | 3036 | ||
3046 | #ifdef HAVE_FIRETUNNEL | ||
3047 | .TP | ||
3048 | \fB\-\-tunnel[=devname] | ||
3049 | Connect the sandbox to a network overlay/VPN tunnel created by firetunnel utility. This options | ||
3050 | tries first the client side of the tunnel. If this fails, it tries the server side. If multiple tunnels are active, | ||
3051 | please specify the tunnel device using \-\-tunnel=devname. | ||
3052 | .br | ||
3053 | |||
3054 | .br | ||
3055 | The available tunnel devices are listed in /etc/firetunnel directory, one file for each device. | ||
3056 | The files are regular firejail profile files containing the network configuration, | ||
3057 | and are created and managed by firetunnel utility. | ||
3058 | By default ftc is the client-side device and fts is the server-side device. For more information | ||
3059 | please see man 1 firetunnel. | ||
3060 | .br | ||
3061 | |||
3062 | .br | ||
3063 | Example: | ||
3064 | .br | ||
3065 | $ firejail --tunnel firefox | ||
3066 | .br | ||
3067 | #endif | ||
3068 | .TP | 3037 | .TP |
3069 | \fB\-\-version | 3038 | \fB\-\-version |
3070 | Print program version/compile time support and exit. | 3039 | Print program version/compile time support and exit. |
diff --git a/src/zsh_completion/_firejail.in b/src/zsh_completion/_firejail.in index bea5df2be..c4056b902 100644 --- a/src/zsh_completion/_firejail.in +++ b/src/zsh_completion/_firejail.in | |||
@@ -213,10 +213,6 @@ _firejail_args=( | |||
213 | '--ls=-[list files in sandbox container name|pid]: :_all_firejails' | 213 | '--ls=-[list files in sandbox container name|pid]: :_all_firejails' |
214 | #endif | 214 | #endif |
215 | 215 | ||
216 | #ifdef HAVE_FIRETUNNEL | ||
217 | '--tunnel=-[connect the sandbox to a tunnel created by firetunnel utility]: :' | ||
218 | #endif | ||
219 | |||
220 | #ifdef HAVE_NETWORK | 216 | #ifdef HAVE_NETWORK |
221 | '--bandwidth=-[set bandwidth limits name|pid]: :_all_firejails' | 217 | '--bandwidth=-[set bandwidth limits name|pid]: :_all_firejails' |
222 | '--defaultgw=[configure default gateway]: :' | 218 | '--defaultgw=[configure default gateway]: :' |