From 46e2ab9d2e3004e43cbe2b73f2592325700a1af2 Mon Sep 17 00:00:00 2001 From: "Kelvin M. Klann" Date: Mon, 8 Jan 2024 09:06:21 -0300 Subject: firecfg: refactor config parse functions Changes: * Export `in_ignorelist` function * Allow only building the ignorelist without setting the symlinks * Rename the functions to reflect the above * Add a function that parses all config files (`parse_config_all`) Also, make sure that `parse_config_all` only parses config files once, even if called multiple times. Relates to #5876. --- src/firecfg/firecfg.h | 2 ++ src/firecfg/main.c | 43 ++++++++++++++++++++++++++++++------------- 2 files changed, 32 insertions(+), 13 deletions(-) (limited to 'src') diff --git a/src/firecfg/firecfg.h b/src/firecfg/firecfg.h index 11e3ebc67..d42c937cf 100644 --- a/src/firecfg/firecfg.h +++ b/src/firecfg/firecfg.h @@ -50,6 +50,8 @@ // main.c extern int arg_debug; +int in_ignorelist(const char *const str); +void parse_config_all(int do_symlink); // util.c int which(const char *program); diff --git a/src/firecfg/main.c b/src/firecfg/main.c index 40493159e..f641c1ace 100644 --- a/src/firecfg/main.c +++ b/src/firecfg/main.c @@ -25,6 +25,7 @@ int arg_debug = 0; char *arg_bindir = "/usr/local/bin"; int arg_guide = 0; +int done_config = 0; static const char *const usage_str = "Firecfg is the desktop configuration utility for Firejail software. The utility\n" @@ -166,7 +167,7 @@ static int append_ignorelist(const char *const str) { return 1; } -static int in_ignorelist(const char *const str) { +int in_ignorelist(const char *const str) { assert(str); int i; for (i = 0; i < ignorelist_len; i++) { @@ -202,8 +203,11 @@ static void set_file(const char *name, const char *firejail_exec) { } // parse a single config file -static void set_links_firecfg(const char *cfgfile) { - printf("Configuring symlinks in %s based on %s\n", arg_bindir, cfgfile); +static void parse_config_file(const char *cfgfile, int do_symlink) { + if (do_symlink) + printf("Configuring symlinks in %s\n", arg_bindir); + + printf("Parsing %s\n", cfgfile); FILE *fp = fopen(cfgfile, "r"); if (!fp) { @@ -246,11 +250,15 @@ static void set_links_firecfg(const char *cfgfile) { continue; } + // skip ignored programs + if (in_ignorelist(start)) { + printf(" %s ignored\n", start); + continue; + } + // set link - if (!in_ignorelist(start)) + if (do_symlink) set_file(start, FIREJAIL_EXEC); - else - printf(" %s ignored\n", start); } fclose(fp); @@ -258,7 +266,7 @@ static void set_links_firecfg(const char *cfgfile) { } // parse all config files matching pattern -static void set_links_firecfg_glob(const char *pattern) { +static void parse_config_glob(const char *pattern, int do_symlink) { printf("Looking for config files in %s\n", pattern); glob_t globbuf; @@ -274,11 +282,23 @@ static void set_links_firecfg_glob(const char *pattern) { size_t i; for (i = 0; i < globbuf.gl_pathc; i++) - set_links_firecfg(globbuf.gl_pathv[i]); + parse_config_file(globbuf.gl_pathv[i], do_symlink); out: globfree(&globbuf); } +// parse all config files +// do_symlink 0 just builds the ignorelist, 1 creates the symlinks +void parse_config_all(int do_symlink) { + if (done_config) + return; + + parse_config_glob(FIRECFG_CONF_GLOB, do_symlink); + parse_config_file(FIRECFG_CFGFILE, do_symlink); + + done_config = 1; +} + // parse ~/.config/firejail/ directory static void set_links_homedir(const char *homedir) { assert(homedir); @@ -520,11 +540,8 @@ int main(int argc, char **argv) { // clear all symlinks clean(); - // set new symlinks based on .conf files - set_links_firecfg_glob(FIRECFG_CONF_GLOB); - - // set new symlinks based on firecfg.config - set_links_firecfg(FIRECFG_CFGFILE); + // set new symlinks based on config files + parse_config_all(1); if (getuid() == 0) { // add user to firejail access database - only for root -- cgit v1.2.3-70-g09d2