From 5c39051c2b07d6f4854eca69c37f95066d9fb10f Mon Sep 17 00:00:00 2001
From: "Kelvin M. Klann" <kmk3.code@protonmail.com>
Date: Tue, 5 Oct 2021 19:02:33 -0300
Subject: build_profile.c: fix typo of "begins"

Added on commit 9af2c1472 ("Better debug handling.").
---
 src/fbuilder/build_profile.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/fbuilder/build_profile.c b/src/fbuilder/build_profile.c
index 0b9a99739..c945d7253 100644
--- a/src/fbuilder/build_profile.c
+++ b/src/fbuilder/build_profile.c
@@ -92,7 +92,7 @@ void build_profile(int argc, char **argv, int index, FILE *fp) {
 
 	if (WIFEXITED(status) && WEXITSTATUS(status) == 0) {
 		if (fp == stdout)
-			printf("--- Built profile beings after this line ---\n");
+			printf("--- Built profile begins after this line ---\n");
 		fprintf(fp, "# Save this file as \"application.profile\" (change \"application\" with the\n");
 		fprintf(fp, "# program name) in ~/.config/firejail directory. Firejail will find it\n");
 		fprintf(fp, "# automatically every time you sandbox your application.\n#\n");
-- 
cgit v1.2.3-54-g00ecf


From a7e4b9b9b20bc62985e03435e2eee41dd62e0318 Mon Sep 17 00:00:00 2001
From: "Kelvin M. Klann" <kmk3.code@protonmail.com>
Date: Tue, 5 Oct 2021 17:54:03 -0300
Subject: Revert "allow/deny fbuilder"

This reverts commit 4438f14f2892b5c88d158ae8fad0a80a2eebfd44.

Also, partially revert related commit e4307b409 ("fix whitelist/allow in
make test-utils") to keep the tests working.

The profiles are being generated using aliases, which are not used on
the profiles in the repository.  So generate them using the normal
commands for consistency.  See also commit dd13595b8 ("Revert
"allow/deny help and man pages"") / PR #4502.

Relates to #4410.

Misc: I noticed this on issue #4592.
---
 src/fbuilder/build_fs.c   | 8 ++++----
 src/fbuilder/build_home.c | 4 ++--
 test/utils/build.exp      | 2 +-
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/fbuilder/build_fs.c b/src/fbuilder/build_fs.c
index 019c3ac5a..8700e0ba1 100644
--- a/src/fbuilder/build_fs.c
+++ b/src/fbuilder/build_fs.c
@@ -182,12 +182,12 @@ static void var_callback(char *ptr) {
 void build_var(const char *fname, FILE *fp) {
 	assert(fname);
 
-	var_skip = filedb_load_whitelist(var_skip, "whitelist-var-common.inc", "allow /var/");
+	var_skip = filedb_load_whitelist(var_skip, "whitelist-var-common.inc", "whitelist /var/");
 	process_files(fname, "/var", var_callback);
 
 	// always whitelist /var
 	if (var_out)
-		filedb_print(var_out, "allow /var/", fp);
+		filedb_print(var_out, "whitelist /var/", fp);
 	fprintf(fp, "include whitelist-var-common.inc\n");
 }
 
@@ -222,12 +222,12 @@ static void share_callback(char *ptr) {
 void build_share(const char *fname, FILE *fp) {
 	assert(fname);
 
-	share_skip = filedb_load_whitelist(share_skip, "whitelist-usr-share-common.inc", "allow /usr/share/");
+	share_skip = filedb_load_whitelist(share_skip, "whitelist-usr-share-common.inc", "whitelist /usr/share/");
 	process_files(fname, "/usr/share", share_callback);
 
 	// always whitelist /usr/share
 	if (share_out)
-		filedb_print(share_out, "allow /usr/share/", fp);
+		filedb_print(share_out, "whitelist /usr/share/", fp);
 	fprintf(fp, "include whitelist-usr-share-common.inc\n");
 }
 
diff --git a/src/fbuilder/build_home.c b/src/fbuilder/build_home.c
index c85474779..0fe0ffef6 100644
--- a/src/fbuilder/build_home.c
+++ b/src/fbuilder/build_home.c
@@ -140,7 +140,7 @@ void build_home(const char *fname, FILE *fp) {
 	assert(fname);
 
 	// load whitelist common
-	db_skip = filedb_load_whitelist(db_skip, "whitelist-common.inc", "allow ${HOME}/");
+	db_skip = filedb_load_whitelist(db_skip, "whitelist-common.inc", "whitelist ${HOME}/");
 
 	// find user home directory
 	struct passwd *pw = getpwuid(getuid());
@@ -168,7 +168,7 @@ void build_home(const char *fname, FILE *fp) {
 
 	// print the out list if any
 	if (db_out) {
-		filedb_print(db_out, "allow ${HOME}/", fp);
+		filedb_print(db_out, "whitelist ${HOME}/", fp);
 		fprintf(fp, "include whitelist-common.inc\n");
 	}
 	else
diff --git a/test/utils/build.exp b/test/utils/build.exp
index 104ac037c..b9733c137 100755
--- a/test/utils/build.exp
+++ b/test/utils/build.exp
@@ -13,7 +13,7 @@ after 100
 send -- "firejail --build cat ~/_firejail-test-file\r"
 expect {
 	timeout {puts "TESTING ERROR 0\n";exit}
-	"allow $\{HOME\}/_firejail-test-file"
+	"whitelist $\{HOME\}/_firejail-test-file"
 }
 expect {
 	timeout {puts "TESTING ERROR 1\n";exit}
-- 
cgit v1.2.3-54-g00ecf