From db09546f2946c921da1b07d9d3569c287238989b Mon Sep 17 00:00:00 2001 From: netblue30 Date: Sat, 23 Dec 2023 08:29:33 -0500 Subject: remove LTS and FIRETUNNEL support --- src/firejail/checkcfg.c | 7 ------- src/firejail/main.c | 27 --------------------------- src/man/firejail.1.in | 31 ------------------------------- src/zsh_completion/_firejail.in | 4 ---- 4 files changed, 69 deletions(-) (limited to 'src') diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c index 7792c6541..3283fae13 100644 --- a/src/firejail/checkcfg.c +++ b/src/firejail/checkcfg.c @@ -349,13 +349,6 @@ static const char *const compiletime_support = "disabled" #endif - "\n\t- firetunnel support is " -#ifdef HAVE_FIRETUNNEL - "enabled" -#else - "disabled" -#endif - "\n\t- IDS support is " #ifdef HAVE_IDS "enabled" diff --git a/src/firejail/main.c b/src/firejail/main.c index aaa7c8a2f..76bfcede8 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c @@ -1826,33 +1826,6 @@ int main(int argc, char **argv, char **envp) { else exit_err_feature("overlayfs"); } -#endif -#ifdef HAVE_FIRETUNNEL - else if (strcmp(argv[i], "--tunnel") == 0) { - // try to connect to the default client side of the tunnel - // if this fails, try the default server side of the tunnel - if (access("/run/firetunnel/ftc", R_OK) == 0) - profile_read("/run/firetunnel/ftc"); - else if (access("/run/firetunnel/fts", R_OK) == 0) - profile_read("/run/firetunnel/fts"); - else { - fprintf(stderr, "Error: no default firetunnel found, please specify it using --tunnel=devname option\n"); - exit(1); - } - } - else if (strncmp(argv[i], "--tunnel=", 9) == 0) { - char *fname; - - if (asprintf(&fname, "/run/firetunnel/%s", argv[i] + 9) == -1) - errExit("asprintf"); - invalid_filename(fname, 0); // no globbing - if (access(fname, R_OK) == 0) - profile_read(fname); - else { - fprintf(stderr, "Error: tunnel not found\n"); - exit(1); - } - } #endif else if (strncmp(argv[i], "--include=", 10) == 0) { char *ppath = expand_macros(argv[i] + 10); diff --git a/src/man/firejail.1.in b/src/man/firejail.1.in index 9761edb76..ccc9a50a5 100644 --- a/src/man/firejail.1.in +++ b/src/man/firejail.1.in @@ -42,15 +42,6 @@ Miscellaneous: firejail {\-? | \-\-debug-caps | \-\-debug-errnos | \-\-debug-syscalls | \-\-debug-syscalls32 | \-\-debug-protocols | \-\-help | \-\-version} .RE .SH DESCRIPTION -#ifdef HAVE_LTS -This is Firejail long-term support (LTS), an enterprise focused version of the software, -LTS is usually supported for two or three years. -During this time only bugs and the occasional documentation problems are fixed. -The attack surface of the SUID executable was greatly reduced by removing some of the features. -.br - -.br -#endif Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces, seccomp-bpf and Linux capabilities. @@ -3043,28 +3034,6 @@ $ firejail \-\-tree .br 11970:netblue:transmission-gtk -#ifdef HAVE_FIRETUNNEL -.TP -\fB\-\-tunnel[=devname] -Connect the sandbox to a network overlay/VPN tunnel created by firetunnel utility. This options -tries first the client side of the tunnel. If this fails, it tries the server side. If multiple tunnels are active, -please specify the tunnel device using \-\-tunnel=devname. -.br - -.br -The available tunnel devices are listed in /etc/firetunnel directory, one file for each device. -The files are regular firejail profile files containing the network configuration, -and are created and managed by firetunnel utility. -By default ftc is the client-side device and fts is the server-side device. For more information -please see man 1 firetunnel. -.br - -.br -Example: -.br -$ firejail --tunnel firefox -.br -#endif .TP \fB\-\-version Print program version/compile time support and exit. diff --git a/src/zsh_completion/_firejail.in b/src/zsh_completion/_firejail.in index bea5df2be..c4056b902 100644 --- a/src/zsh_completion/_firejail.in +++ b/src/zsh_completion/_firejail.in @@ -213,10 +213,6 @@ _firejail_args=( '--ls=-[list files in sandbox container name|pid]: :_all_firejails' #endif -#ifdef HAVE_FIRETUNNEL - '--tunnel=-[connect the sandbox to a tunnel created by firetunnel utility]: :' -#endif - #ifdef HAVE_NETWORK '--bandwidth=-[set bandwidth limits name|pid]: :_all_firejails' '--defaultgw=[configure default gateway]: :' -- cgit v1.2.3-54-g00ecf