From d32509945f13ccb9892ad15303230955bb525fae Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Fri, 9 Aug 2019 15:24:45 +0200
Subject: rewrite/partial revert of 8bff773d6a7bf70c97b3d5b751df9ec0dd6c8b5d

the commit in question introduced an early check of Firejail configuration
file, which broke "firejail in firejail" for some sandboxes.

see issue #2877
---
 src/firejail/checkcfg.c |  2 --
 src/firejail/firejail.h |  1 -
 src/firejail/main.c     | 28 ++++++++++------------------
 3 files changed, 10 insertions(+), 21 deletions(-)

(limited to 'src')

diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c
index 84054fe76..f94b95d60 100644
--- a/src/firejail/checkcfg.c
+++ b/src/firejail/checkcfg.c
@@ -50,7 +50,6 @@ int checkcfg(int val) {
 		cfg_val[CFG_DISABLE_MNT] = 0;
 		cfg_val[CFG_ARP_PROBES] = DEFAULT_ARP_PROBES;
 		cfg_val[CFG_XPRA_ATTACH] = 0;
-		cfg_val[CFG_HOMEDIR_SYMLINK] = 0;
 
 		// open configuration file
 		const char *fname = SYSCONFDIR "/firejail.config";
@@ -86,7 +85,6 @@ int checkcfg(int val) {
 			ptr = line_remove_spaces(buf);
 			if (!ptr)
 				continue;
-			PARSE_YESNO(CFG_HOMEDIR_SYMLINK, "homedir-symlink")
 			PARSE_YESNO(CFG_FILE_TRANSFER, "file-transfer")
 			PARSE_YESNO(CFG_DBUS, "dbus")
 			PARSE_YESNO(CFG_JOIN, "join")
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index d547f9840..14cad4190 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -722,7 +722,6 @@ enum {
 	CFG_PRIVATE_CACHE,
 	CFG_CGROUP,
 	CFG_NAME_CHANGE,
-	CFG_HOMEDIR_SYMLINK,
 	// CFG_FILE_COPY_LIMIT - file copy limit handled using setenv/getenv
 	CFG_MAX // this should always be the last entry
 };
diff --git a/src/firejail/main.c b/src/firejail/main.c
index f5785ff50..9f44c6281 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -259,25 +259,17 @@ static int has_link(const char *dir) {
 	return 0;
 }
 
-static void build_cfg_homedir(const char *dir) {
-	EUID_ASSERT();
-	assert(dir);
-	if (dir[0] != '/' || dir[1] == '\0') { // system users sometimes have root directory as home
-		fprintf(stderr, "Error: invalid user directory \"%s\"\n", dir);
+static void check_homedir(void) {
+	assert(cfg.homedir);
+	if (cfg.homedir[0] != '/' || cfg.homedir[1] == '\0') { // system users sometimes have root directory as home
+		fprintf(stderr, "Error: invalid user directory \"%s\"\n", cfg.homedir);
 		exit(1);
 	}
-	// symlinks are rejected in many places, offer a solution for home directories
-	if (checkcfg(CFG_HOMEDIR_SYMLINK)) {
-		cfg.homedir = realpath(dir, NULL);
-		if (cfg.homedir)
-			return;
+	// symlinks are rejected in many places
+	if (has_link(cfg.homedir)) {
+		fprintf(stderr, "No full support for symbolic links in path of user directory.\n"
+			"Please provide resolved path in password database (/etc/passwd).\n\n");
 	}
-	else if (has_link(dir)) {
-		fwarning("no full support for symbolic links in path of user directory.\n"
-			"Please provide resolved path in password database (/etc/passwd)\n"
-			"or enable symbolic link resolution in Firejail configuration file.\n\n");
-	}
-	cfg.homedir = clean_pathname(dir);
 }
 
 // init configuration
@@ -323,8 +315,8 @@ static void init_cfg(int argc, char **argv) {
 		fprintf(stderr, "Error: user %s doesn't have a user directory assigned\n", cfg.username);
 		exit(1);
 	}
-	build_cfg_homedir(pw->pw_dir);
-	assert(cfg.homedir);
+	cfg.homedir = clean_pathname(pw->pw_dir);
+	check_homedir();
 
 	// initialize random number generator
 	sandbox_pid = getpid();
-- 
cgit v1.2.3-54-g00ecf