From e8cf957a8bf3deda07e608e0c482b38cd573627a Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Fri, 27 Oct 2017 09:37:09 -0400
Subject: modif: --profile-path was deprecated

---
 src/firejail/main.c          | 35 ++++++-----------------------------
 src/man/firejail-profile.txt | 31 -------------------------------
 src/man/firejail.txt         | 15 ---------------
 3 files changed, 6 insertions(+), 75 deletions(-)

(limited to 'src')

diff --git a/src/firejail/main.c b/src/firejail/main.c
index 069aa6ca8..7730e8384 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -888,8 +888,6 @@ int main(int argc, char **argv) {
 	int option_cgroup = 0;
 	int option_force = 0;
 	int custom_profile = 0;	// custom profile loaded
-	char *custom_profile_dir = NULL; // custom profile directory
-
 
 	atexit(clear_atexit);
 
@@ -1497,22 +1495,8 @@ int main(int argc, char **argv) {
 			free(ppath);
 		}
 		else if (strncmp(argv[i], "--profile-path=", 15) == 0) {
-			if (arg_noprofile) {
-				fprintf(stderr, "Error: --noprofile and --profile-path options are mutually exclusive\n");
-				exit(1);
-			}
-			custom_profile_dir = expand_home(argv[i] + 15, cfg.homedir);
-			invalid_filename(custom_profile_dir, 0); // no globbing
-			if (!is_dir(custom_profile_dir) || is_link(custom_profile_dir) || strstr(custom_profile_dir, "..")) {
-				fprintf(stderr, "Error: invalid profile path\n");
-				exit(1);
-			}
-
-			// access call checks as real UID/GID, not as effective UID/GID
-			if (access(custom_profile_dir, R_OK)) {
-				fprintf(stderr, "Error: cannot access profile directory\n");
-				return 1;
-			}
+			if (!arg_quiet)
+				fprintf(stderr, "Warning: --profile-path has been deprecated\n");
 		}
 		else if (strcmp(argv[i], "--noprofile") == 0) {
 			if (custom_profile) {
@@ -2398,11 +2382,7 @@ int main(int argc, char **argv) {
 		}
 		if (!custom_profile) {
 			// look for a user profile in /etc/firejail directory
-			int rv;
-			if (custom_profile_dir)
-				rv = profile_find(cfg.command_name, custom_profile_dir);
-			else
-				rv = profile_find(cfg.command_name, SYSCONFDIR);
+			int rv = profile_find(cfg.command_name, SYSCONFDIR);
 			custom_profile = rv;
 		}
 	}
@@ -2430,13 +2410,10 @@ int main(int argc, char **argv) {
 			custom_profile = profile_find(profile_name, usercfgdir);
 			free(usercfgdir);
 
-			if (!custom_profile) {
+			if (!custom_profile)
 				// look for the profile in /etc/firejail directory
-				if (custom_profile_dir)
-					custom_profile = profile_find(profile_name, custom_profile_dir);
-				else
-					custom_profile = profile_find(profile_name, SYSCONFDIR);
-			}
+				custom_profile = profile_find(profile_name, SYSCONFDIR);
+
 			if (!custom_profile) {
 				fprintf(stderr, "Error: no default.profile installed\n");
 				exit(1);
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index 39680ab0a..77bdffb62 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -594,37 +594,6 @@ instead of the default one.
 Join the sandbox identified by name or start a new one.
 Same as "firejail --join=sandboxname" command if sandbox with specified name exists, otherwise same as "name sandboxname".
 
-.SH RELOCATING PROFILES
-For various reasons some users might want to keep the profile files in a different directory.
-Using \fB--profile-path\fR command line option, Firejail can be instructed to look for profiles
-into this directory.
-
-This is an example of relocating the profile files into a new
-directory, /home/netblue/myprofiles. Start by creating the new directory and copy all
-the profile files in:
-.br
-
-.br
-$ mkdir ~/myprofiles && cd ~/myprofiles && cp /etc/firejail/* .
-.br
-
-.br
-Using \fBsed\fR utility, modify the absolute paths for \fBinclude\fR commands:
-.br
-
-.br
-$ sed -i "s/\\/etc\\/firejail/\\/home\\/netblue\\/myprofiles/g" *.profile
-.br
-$ sed -i "s/\\/etc\\/firejail/\\/home\\/netblue\\/myprofiles/g" *.inc
-.br
-
-.br
-Start Firejail using the new path:
-.br
-
-.br
-$ firejail --profile-path=~/myprofiles
-
 .SH FILES
 /etc/firejail/filename.profile, $HOME/.config/firejail/filename.profile
 
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index d725bb883..476050d9c 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -1451,21 +1451,6 @@ $ firejail \-\-profile.print=browser
 .br
 /etc/firejail/firefox.profile
 .br
-
-.TP
-\fB\-\-profile-path=directory
-Use this directory to look for profile files. Use an absolute path or a path in the home directory starting with ~/.
-For more information, see \fBSECURITY PROFILES\fR section below and \fBRELOCATING PROFILE FILES\fR in
-\fBman 5 firejail-profile\fR.
-.br
-
-.br
-Example:
-.br
-$ firejail \-\-profile-path=~/myprofiles
-.br
-$ firejail \-\-profile-path=/home/netblue/myprofiles
-
 .TP
 \fB\-\-protocol=protocol,protocol,protocol
 Enable protocol filter. The filter is based on seccomp and checks the first argument to socket system call.
-- 
cgit v1.2.3-54-g00ecf