diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/Makefile.in | 3 | ||||
-rw-r--r-- | src/firejail/main.c | 5 | ||||
-rw-r--r-- | src/firejail/x11.c | 4 |
3 files changed, 11 insertions, 1 deletions
diff --git a/src/firejail/Makefile.in b/src/firejail/Makefile.in index cf57d96d5..ba6bda0a5 100644 --- a/src/firejail/Makefile.in +++ b/src/firejail/Makefile.in | |||
@@ -14,13 +14,14 @@ HAVE_BIND=@HAVE_BIND@ | |||
14 | HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ | 14 | HAVE_FATAL_WARNINGS=@HAVE_FATAL_WARNINGS@ |
15 | HAVE_NETWORK=@HAVE_NETWORK@ | 15 | HAVE_NETWORK=@HAVE_NETWORK@ |
16 | HAVE_USERNS=@HAVE_USERNS@ | 16 | HAVE_USERNS=@HAVE_USERNS@ |
17 | HAVE_X11=@HAVE_X11@ | ||
17 | 18 | ||
18 | 19 | ||
19 | H_FILE_LIST = $(sort $(wildcard *.[h])) | 20 | H_FILE_LIST = $(sort $(wildcard *.[h])) |
20 | C_FILE_LIST = $(sort $(wildcard *.c)) | 21 | C_FILE_LIST = $(sort $(wildcard *.c)) |
21 | OBJS = $(C_FILE_LIST:.c=.o) | 22 | OBJS = $(C_FILE_LIST:.c=.o) |
22 | BINOBJS = $(foreach file, $(OBJS), $file) | 23 | BINOBJS = $(foreach file, $(OBJS), $file) |
23 | CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_SECCOMP) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security | 24 | CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"' -DPREFIX='"$(prefix)"' -DSYSCONFDIR='"$(sysconfdir)/firejail"' -DLIBDIR='"$(libdir)"' $(HAVE_X11) $(HAVE_SECCOMP) $(HAVE_SECCOMP_H) $(HAVE_CHROOT) $(HAVE_NETWORK) $(HAVE_USERNS) $(HAVE_BIND) -fstack-protector-all -D_FORTIFY_SOURCE=2 -fPIE -pie -Wformat -Wformat-security |
24 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread | 25 | LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread |
25 | 26 | ||
26 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/libnetlink.h ../include/pid.h | 27 | %.o : %.c $(H_FILE_LIST) ../include/common.h ../include/euid_common.h ../include/libnetlink.h ../include/pid.h |
diff --git a/src/firejail/main.c b/src/firejail/main.c index 2a5ded984..d2a093520 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -261,12 +261,17 @@ static void run_cmd_and_exit(int i, int argc, char **argv) { | |||
261 | #ifndef HAVE_CHROOT | 261 | #ifndef HAVE_CHROOT |
262 | printf("Chroot support is disabled.\n"); | 262 | printf("Chroot support is disabled.\n"); |
263 | #endif | 263 | #endif |
264 | #ifndef HAVE_X11 | ||
265 | printf("X11 support is disabled.\n"); | ||
266 | #endif | ||
264 | exit(0); | 267 | exit(0); |
265 | } | 268 | } |
269 | #ifdef HAVE_X11 | ||
266 | else if (strcmp(argv[i], "--x11") == 0) { | 270 | else if (strcmp(argv[i], "--x11") == 0) { |
267 | x11_start(argc, argv); | 271 | x11_start(argc, argv); |
268 | exit(0); | 272 | exit(0); |
269 | } | 273 | } |
274 | #endif | ||
270 | #ifdef HAVE_NETWORK | 275 | #ifdef HAVE_NETWORK |
271 | else if (strncmp(argv[i], "--bandwidth=", 12) == 0) { | 276 | else if (strncmp(argv[i], "--bandwidth=", 12) == 0) { |
272 | logargs(argc, argv); | 277 | logargs(argc, argv); |
diff --git a/src/firejail/x11.c b/src/firejail/x11.c index 5e8fb9bbd..218113f46 100644 --- a/src/firejail/x11.c +++ b/src/firejail/x11.c | |||
@@ -27,6 +27,7 @@ | |||
27 | #include <sys/mount.h> | 27 | #include <sys/mount.h> |
28 | 28 | ||
29 | void fs_x11(void) { | 29 | void fs_x11(void) { |
30 | #ifdef HAVE_X11 | ||
30 | // extract display | 31 | // extract display |
31 | char *d = getenv("DISPLAY"); | 32 | char *d = getenv("DISPLAY"); |
32 | if (!d) | 33 | if (!d) |
@@ -94,9 +95,11 @@ void fs_x11(void) { | |||
94 | if (mount(RUN_RO_DIR, RUN_WHITELIST_X11_DIR, "none", MS_BIND, "mode=400,gid=0") == -1) | 95 | if (mount(RUN_RO_DIR, RUN_WHITELIST_X11_DIR, "none", MS_BIND, "mode=400,gid=0") == -1) |
95 | errExit("mount"); | 96 | errExit("mount"); |
96 | fs_logger2("blacklist", RUN_WHITELIST_X11_DIR); | 97 | fs_logger2("blacklist", RUN_WHITELIST_X11_DIR); |
98 | #endif | ||
97 | } | 99 | } |
98 | 100 | ||
99 | 101 | ||
102 | #ifdef HAVE_X11 | ||
100 | void x11_start(int argc, char **argv) { | 103 | void x11_start(int argc, char **argv) { |
101 | EUID_ASSERT(); | 104 | EUID_ASSERT(); |
102 | int i; | 105 | int i; |
@@ -215,3 +218,4 @@ void x11_start(int argc, char **argv) { | |||
215 | printf("Xpra server pid %d, client pid %d\n", server, client); | 218 | printf("Xpra server pid %d, client pid %d\n", server, client); |
216 | exit(0); | 219 | exit(0); |
217 | } | 220 | } |
221 | #endif | ||