From e6f2374d557c94616b9b9db0bcebe0bbd5d78d88 Mon Sep 17 00:00:00 2001 From: netblue30 Date: Mon, 6 Feb 2023 09:34:47 -0500 Subject: installing etc-cleanup tool in /usr/lib/firejail directory --- src/etc-cleanup/main.c | 255 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 255 insertions(+) create mode 100644 src/etc-cleanup/main.c (limited to 'src/etc-cleanup') diff --git a/src/etc-cleanup/main.c b/src/etc-cleanup/main.c new file mode 100644 index 000000000..47fe1556b --- /dev/null +++ b/src/etc-cleanup/main.c @@ -0,0 +1,255 @@ +/* + * Copyright (C) 2014-2022 Firejail Authors + * + * This file is part of firejail project + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +*/ + +#include "../include/etc_groups.h" +#include "../include/common.h" +#include + +#define MAX_BUF 4098 +#define MAX_ARR 1024 +char *arr[MAX_ARR] = {NULL}; +int arr_cnt = 0; + +static int arr_tls_ca = 0; +static int arr_x11 = 0; +static int arr_games = 0; +static char outbuf[256 * 1024]; +static char *outptr; +static int arg_replace = 0; +static int arg_debug = 0; + +void outprintf(char* fmt, ...) { + va_list args; + va_start(args,fmt); + outptr += vsprintf(outptr, fmt, args); + va_end(args); +} + + + +static int arr_check(const char *fname, char **pptr) { + assert(fname); + assert(pptr); + + while (*pptr != NULL) { + if (strcmp(fname, *pptr) == 0) + return 1; + pptr++; + } + + return 0; +} + + + +static void arr_add(const char *fname) { + assert(fname); + assert(arr_cnt < MAX_ARR); + + int i; + for (i = 0; i < arr_cnt; i++) + if (strcmp(arr[i], fname) == 0) + return; + + arr[arr_cnt] = strdup(fname); + if (!arr[arr_cnt]) + errExit("strdup"); + arr_cnt++; +} + +int arr_cmp(const void *p1, const void *p2) { + char **ptr1 = (char **) p1; + char **ptr2 = (char **) p2; + + return strcmp(*ptr1, *ptr2); +} + +static void arr_sort(void) { + qsort(&arr[0], arr_cnt, sizeof(char *), arr_cmp); +} + +static void arr_clean(void) { + int i; + for (i = 0; i < arr_cnt; i++) { + free(arr[i]); + arr[i] = NULL; + } + + arr_cnt = 0; + arr_games = 0; + arr_tls_ca = 0; + arr_x11 = 0; +} + +static char *arr_print(void) { + char *last_line = outptr; + outprintf("private-etc "); + + if (arr_games) + outprintf("@games,"); + if (arr_tls_ca) + outprintf("@tls-ca,"); + if (arr_x11) + outprintf("@x11,"); + + int i; + for (i = 0; i < arr_cnt; i++) + outprintf("%s,", arr[i]); + if (*(outptr - 1) == ' ' || *(outptr - 1) == ',') { + outptr--; + *outptr = '\0'; + } + outprintf("\n"); + + return last_line; +} + +static void process_file(const char *fname) { + assert(fname); + + FILE *fp = fopen(fname, "r"); + if (!fp) { + fprintf(stderr, "Error: cannot open %s file\n", fname); + exit(1); + } + + outptr = outbuf; + *outptr = '\0'; + arr_clean(); + + char line[MAX_BUF]; + char orig_line[MAX_BUF]; + int cnt = 0; + int print = 0; + while (fgets(line, MAX_BUF, fp)) { + cnt++; + if (strncmp(line, "private-etc", 11) != 0) { + outprintf("%s", line); + continue; + } + + strcpy(orig_line,line); + char *ptr = strchr(line, '\n'); + if (ptr) + *ptr = '\0'; + + ptr = line + 12; + while (*ptr == ' ' || *ptr == '\t') + ptr++; + + // check for blanks and tabs + char *ptr2 = ptr; + while (*ptr2 != '\0') { + if (*ptr2 == ' ' || *ptr2 == '\t') { + fprintf(stderr, "Error: invalid private-etc line %s:%d\n", fname, cnt); + exit(1); + } + ptr2++; + } + + ptr = strtok(ptr, ","); + while (ptr) { + if (arg_debug) + printf("%s\n", ptr); + if (arr_check(ptr, &etc_list[0])); + else if (arr_check(ptr, &etc_group_sound[0])); + else if (arr_check(ptr, &etc_group_network[0])); + else if (strcmp(ptr, "@games") == 0) + arr_games = 1; + else if (strcmp(ptr, "@tls-ca") == 0) + arr_tls_ca = 1; + else if (strcmp(ptr, "@x11") == 0) + arr_x11 = 1; + else if (arr_check(ptr, &etc_group_games[0])) + arr_games = 1; + else if (arr_check(ptr, &etc_group_tls_ca[0])) + arr_tls_ca = 1; + else if (arr_check(ptr, &etc_group_x11[0])) + arr_x11 = 1; + else + arr_add(ptr); + + ptr = strtok(NULL, ","); + } + + arr_sort(); + char *last_line = arr_print(); + if (strcmp(last_line, orig_line) == 0) { + fclose(fp); + return; + } + printf("\n********************\nfile: %s\n\nold: %s\nnew: %s\n", fname, orig_line, last_line); + print = 1; + } + + fclose(fp); + + if (print && arg_replace) { + fp = fopen(fname, "w"); + if (!fp) { + fprintf(stderr, "Error: cannot open profile file\n"); + exit(1); + } + fprintf(fp, "%s", outbuf); + fclose(fp); + } +} + +static void usage(void) { + printf("usage: cleanup-etc [options] file.profile [file.profile]\n"); + printf("Group and clean private-etc entries in one or more profile files.\n"); + printf("Options:\n"); + printf(" --debug - print debug messages\n"); + printf(" -h, -?, --help - this help screen\n"); + printf(" --replace - replace profile file\n"); +} + +int main(int argc, char **argv) { + if (argc < 2) { + fprintf(stderr, "Error: invalid number of parameters\n"); + usage(); + return 1; + } + + int i; + for (i = 1; i < argc; i++) { + if (strcmp(argv[i], "-h") == 0 || + strcmp(argv[i], "-?") == 0 || + strcmp(argv[i], "--help") == 0) { + usage(); + return 0; + } + else if (strcmp(argv[i], "--debug") == 0) + arg_debug = 1; + else if (strcmp(argv[i], "--replace") == 0) + arg_replace = 1; + else if (*argv[i] == '-') { + fprintf(stderr, "Error: invalid program option %s\n", argv[i]); + return 1; + } + else + break; + } + + for (; i < argc; i++) + process_file(argv[i]); + + return 0; +} \ No newline at end of file -- cgit v1.2.3-54-g00ecf