From b6d388d2beb532ee2b94354287516ac4b5f2bfcd Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Thu, 12 Nov 2015 12:00:41 -0500
Subject: removed exclude-token from profile include

---
 src/firejail/firejail.h      |  2 +-
 src/firejail/main.c          |  2 +-
 src/firejail/profile.c       | 34 +++-------------------------------
 src/man/firejail-profile.txt | 11 +++--------
 todo                         |  2 --
 5 files changed, 8 insertions(+), 43 deletions(-)

diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index e3334bd2e..23ed11626 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -266,7 +266,7 @@ int fs_check_chroot_dir(const char *rootdir);
 // find and read the profile specified by name from dir directory
 int profile_find(const char *name, const char *dir);
 // read a profile file
-void profile_read(const char *fname, const char *skip1, const char *skip2);
+void profile_read(const char *fname);
 // check profile line; if line == 0, this was generated from a command line option
 // return 1 if the command is to be added to the linked list of profile commands
 // return 0 if the command was already executed inside the function
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 37bf22cae..601999db5 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -720,7 +720,7 @@ int main(int argc, char **argv) {
 				return 1;
 			}
 
-			profile_read(argv[i] + 10, NULL, NULL);
+			profile_read(argv[i] + 10);
 			custom_profile = 1;
 		}
 		else if (strcmp(argv[i], "--noprofile") == 0) {
diff --git a/src/firejail/profile.c b/src/firejail/profile.c
index caa43288b..5ab6bc776 100644
--- a/src/firejail/profile.c
+++ b/src/firejail/profile.c
@@ -44,7 +44,7 @@ int profile_find(const char *name, const char *dir) {
 				char *etcpname;
 				if (asprintf(&etcpname, "%s/%s", dir, pname) == -1)
 					errExit("asprintf");
-				profile_read(etcpname, NULL, NULL);
+				profile_read(etcpname);
 				free(etcpname);
 				rv = 1;
 				break;
@@ -414,8 +414,7 @@ void profile_add(char *str) {
 
 // read a profile file
 static int include_level = 0;
-// skip1, skip2 - if the string is found in the line, the line is not interpreted
-void profile_read(const char *fname, const char *skip1, const char *skip2) {
+void profile_read(const char *fname) {
 	// exit program if maximum include level was reached
 	if (include_level > MAX_INCLUDE_LEVEL) {
 		fprintf(stderr, "Error: maximum profile include level was reached\n");
@@ -459,25 +458,12 @@ void profile_read(const char *fname, const char *skip1, const char *skip2) {
 			
 			// extract profile filename and new skip params
 			char *newprofile = ptr + 8; // profile name
-			char *newskip1 = NULL; // new skip1
-			char *newskip2 = NULL; // new skip2
-			char *p = newprofile;
-			while (*p != '\0') {
-				if (*p == ' ') {
-					*p = '\0';
-					if (newskip1 == NULL)
-						newskip1 = p + 1;
-					else if (newskip2 == NULL)
-						newskip2 = p + 1;
-				}
-				p++;
-			}
 			
 			// expand ${HOME}/ in front of the new profile file
 			char *newprofile2 = expand_home(newprofile, cfg.homedir);
 			
 			// recursivity
-			profile_read((newprofile2)? newprofile2:newprofile, newskip1, newskip2);
+			profile_read((newprofile2)? newprofile2:newprofile);
 			include_level--;
 			if (newprofile2)
 				free(newprofile2);
@@ -485,20 +471,6 @@ void profile_read(const char *fname, const char *skip1, const char *skip2) {
 			continue;
 		}
 		
-		// skip
-		if (skip1) {
-			if (strstr(ptr, skip1)) {
-				free(ptr);
-				continue;
-			}
-		}
-		if (skip2) {
-			if (strstr(ptr, skip2)) {
-				free(ptr);
-				continue;
-			}
-		}
-		
 		// verify syntax, exit in case of error
 		if (profile_check_line(ptr, lineno))
 			profile_add(ptr);
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index 02a54e685..3377b2eb7 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -70,21 +70,16 @@ Scripting commands:
 # this is a comment
 
 .TP
-\f\include other.profile exclude-token
-Include other.profile file. exclude-token disables blacklist commands in other.profile
-if exclude-token word is found in the name section of blacklist command.
-exclude-token is optional.
+\f\include other.profile
+Include other.profile file.
 
-Example: "include /etc/firejail/disable-common.inc .filezilla"
-loads disable-common.inc file disables "blacklist ${HOME}/.filezilla" command in this file.
+Example: "include /etc/firejail/disable-common.inc"
 
 other.profile file name can be prefixed with ${HOME}. This will force Firejail to look for the
 file in user home directory.
 
 Example: "include ${HOME}/myprofiles/profile1" will load "~/myprofiles/profile1" file.
 
-Note: exclude-token is deprecated, use noblacklist command instead.
-
 .TP
 \f\noblacklist file_name
 If the file name matches file_name, the file will not be blacklisted in any blacklist commands that follow.
diff --git a/todo b/todo
index cd0b33e8f..01901dcfa 100644
--- a/todo
+++ b/todo
@@ -27,8 +27,6 @@ Warning: failed to unmount /sys
 Child process initialized
 $
 
-4. Remove exclude-token from profile include in 0.9.34 (deprecated in 0.9.30)
-
 5. Add IRC clients: KVIrc (KDE), BitchX (CLI), Smuxi, Konversation (KDE), HexChat, Irssi (CLI), WeeChat (CLI)
 RSS: Liferea, akregator (KDE), newsbeuter (CLI), rawdog, 
 
-- 
cgit v1.2.3-70-g09d2