more on firecfg --guide: fzenity

2026-05-16 14:16:16 -06:00 · 2022-04-25 15:34:24 -04:00 · 2022-04-25 15:34:24 -04:00 · 1cdfa6f955
commit 1cdfa6f955
parent d4106f7aaa
7 changed files with 209 additions and 8 deletions
--- a/Makefile.in
+++ b/Makefile.in
@ -27,7 +27,7 @@ COMPLETIONDIRS = src/zsh_completion src/bash_completion
 all: all_items mydirs $(MAN_TARGET) filters
 APPS = src/firecfg/firecfg src/firejail/firejail src/firemon/firemon src/profstats/profstats src/jailcheck/jailcheck
 SBOX_APPS = src/fbuilder/fbuilder src/ftee/ftee src/fids/fids
-SBOX_APPS_NON_DUMPABLE = src/fcopy/fcopy src/fldd/fldd src/fnet/fnet src/fnetfilter/fnetfilter
+SBOX_APPS_NON_DUMPABLE = src/fcopy/fcopy src/fldd/fldd src/fnet/fnet src/fnetfilter/fnetfilter src/fzenity/fzenity
 SBOX_APPS_NON_DUMPABLE += src/fsec-optimize/fsec-optimize src/fsec-print/fsec-print src/fseccomp/fseccomp
 SBOX_APPS_NON_DUMPABLE += src/fnettrace/fnettrace src/fnettrace-dns/fnettrace-dns src/fnettrace-sni/fnettrace-sni
 MYDIRS = src/lib $(MAN_SRC) $(COMPLETIONDIRS)
--- a/3
+++ b/3
@ -4288,7 +4288,7 @@ fi

 ac_config_files="$ac_config_files mkdeb.sh"

-ac_config_files="$ac_config_files Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile src/ftee/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile src/profstats/Makefile src/man/Makefile src/zsh_completion/Makefile src/bash_completion/Makefile test/Makefile src/jailcheck/Makefile src/fids/Makefile src/fnettrace/Makefile src/fnettrace-dns/Makefile src/fnettrace-sni/Makefile"
+ac_config_files="$ac_config_files Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile src/ftee/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile src/fzenity/Makefile src/profstats/Makefile src/man/Makefile src/zsh_completion/Makefile src/bash_completion/Makefile test/Makefile src/jailcheck/Makefile src/fids/Makefile src/fnettrace/Makefile src/fnettrace-dns/Makefile src/fnettrace-sni/Makefile"

 cat >confcache <<\_ACEOF
 # This file is a shell script that caches the results of configure
@ -5016,6 +5016,7 @@ do
    "src/fldd/Makefile") CONFIG_FILES="$CONFIG_FILES src/fldd/Makefile" ;;
    "src/libpostexecseccomp/Makefile") CONFIG_FILES="$CONFIG_FILES src/libpostexecseccomp/Makefile" ;;
    "src/fsec-optimize/Makefile") CONFIG_FILES="$CONFIG_FILES src/fsec-optimize/Makefile" ;;
+    "src/fzenity/Makefile") CONFIG_FILES="$CONFIG_FILES src/fzenity/Makefile" ;;
    "src/profstats/Makefile") CONFIG_FILES="$CONFIG_FILES src/profstats/Makefile" ;;
    "src/man/Makefile") CONFIG_FILES="$CONFIG_FILES src/man/Makefile" ;;
    "src/zsh_completion/Makefile") CONFIG_FILES="$CONFIG_FILES src/zsh_completion/Makefile" ;;
--- a/configure.ac
+++ b/configure.ac
@ -279,7 +279,7 @@ AC_CONFIG_FILES([mkdeb.sh], [chmod +x mkdeb.sh])
 AC_CONFIG_FILES([Makefile src/common.mk src/lib/Makefile src/fcopy/Makefile src/fnet/Makefile src/firejail/Makefile src/fnetfilter/Makefile \
 src/firemon/Makefile src/libtrace/Makefile src/libtracelog/Makefile src/firecfg/Makefile src/fbuilder/Makefile src/fsec-print/Makefile \
 src/ftee/Makefile src/fseccomp/Makefile src/fldd/Makefile src/libpostexecseccomp/Makefile src/fsec-optimize/Makefile \
-src/profstats/Makefile src/man/Makefile src/zsh_completion/Makefile src/bash_completion/Makefile test/Makefile \
+src/fzenity/Makefile src/profstats/Makefile src/man/Makefile src/zsh_completion/Makefile src/bash_completion/Makefile test/Makefile \
 src/jailcheck/Makefile src/fids/Makefile src/fnettrace/Makefile src/fnettrace-dns/Makefile src/fnettrace-sni/Makefile])
 AC_OUTPUT

--- a/src/firecfg/firejail-welcome.sh
+++ b/src/firecfg/firejail-welcome.sh
@ -36,12 +36,13 @@ enable_nonewprivs=false
 read -r -d $'\0' MSG_INTRO <<EOM
 <big><b>Welcome to Firejail!</b></big>

-This guide will walk you through some of the most common sandbox customizations. At the end of the
-guide you'll have the option to save your changes in Firejail's global config file at
-<b>/etc/firejail/firejail.config</b>. A copy of the original file is stored as
-<b>/etc/firejal/firejail.config-</b>.
+This guide will walk you through some of the most common sandbox customizations.
+At the end of the guide you'll have the option to save your changes in Firejail's
+global config file at <b>/etc/firejail/firejail.config</b>. A copy of the original file is saved
+as <b>/etc/firejal/firejail.config-</b>.

-Please note that running this script a second time can set new options, but does not clear options set in a previous run.
+Please note that running this script a second time can set new options, but does
+not clear options set in a previous run.

 Press OK to continue, or close this window to stop the program.

--- a/src/firecfg/main.c
+++ b/src/firecfg/main.c
@ -444,8 +444,14 @@ int main(int argc, char **argv) {

 	if (arg_guide) {
 		char *cmd;
+if (arg_debug) {
+		if (asprintf(&cmd, "sudo %s/firejail/firejail-welcome.sh /usr/lib/firejail/fzenity %s %s", LIBDIR, SYSCONFDIR, user) == -1)
+			errExit("asprintf");
+}
+else {
 		if (asprintf(&cmd, "sudo %s/firejail/firejail-welcome.sh /usr/bin/zenity %s %s", LIBDIR, SYSCONFDIR, user) == -1)
 			errExit("asprintf");
+}
 		int status = system(cmd);
 		if (status == -1) {
 			fprintf(stderr, "Error: cannot run firejail-welcome.sh\n");
--- a/src/fzenity/Makefile.in
+++ b/src/fzenity/Makefile.in
@ -0,0 +1,17 @@
+.PHONY: all
+all: fzenity
+
+include ../common.mk
+
+%.o : %.c $(H_FILE_LIST) ../include/common.h
+	$(CC) $(CFLAGS) $(EXTRA_CFLAGS) $(INCLUDE) -c $< -o $@
+
+fzenity: $(OBJS)
+	$(CC)  $(LDFLAGS) -o $@ $(OBJS) $(LIBS) $(EXTRA_LDFLAGS)
+
+.PHONY: clean
+clean:; rm -fr *.o fzenity *.gcov *.gcda *.gcno *.plist
+
+.PHONY: distclean
+distclean: clean
+	rm -fr Makefile
--- a/src/fzenity/main.c
+++ b/src/fzenity/main.c
@ -0,0 +1,176 @@
+#include "../include/common.h"
+#include <sys/ioctl.h>
+
+static char *arg_title = NULL;
+static char *arg_text = NULL;
+static int arg_info = 0;
+static int arg_question = 0;
+
+static inline void ansi_topleft(void) {
+	char str[] = {0x1b, '[', '1', ';',  '1', 'H', '\0'};
+	printf("%s", str);
+	fflush(0);
+}
+
+static inline void ansi_clrscr(void) {
+	ansi_topleft();
+	char str[] = {0x1b, '[', '0', 'J', '\0'};
+	printf("%s", str);
+	fflush(0);
+}
+
+char *remove_markup(char *in) {
+	char *out = malloc(strlen(in) + 1);
+	if (!out)
+		errExit("malloc");
+	memset(out, 0, strlen(in) + 1);
+
+	char *ptr = in;
+	char *outptr = out;
+	while (*ptr != '\0') {
+		// skip <> markup
+		if (*ptr == '<') {
+			while (*ptr != '\0' && *ptr != '>')
+				ptr++;
+			if (*ptr == '\0') {
+				fprintf(stderr, "Error: invalid markup\n");
+				exit(0);
+			}
+			ptr++;
+		}
+		// replace literal \n with char '\n'
+		else if (*ptr == '\\' && *(ptr + 1) == 'n') {
+			ptr += 2;
+			*outptr++ = '\n';
+			continue;
+		}
+		// replace '/n' with ' '
+		else if (*ptr == '\n') {
+			if (*(ptr + 1) == '\n') {
+				*outptr++ = '\n';
+				*outptr++ = '\n';
+				ptr += 2;
+			}
+			else {
+				*outptr++ = ' ';
+				ptr++;
+			}
+		}
+		else
+			*outptr++ = *ptr++;
+	}
+
+	return out;
+}
+
+char *print_line(char *in, int col) {
+	char *ptr = in;
+	int i = 0;
+	while (*ptr !=  '\n' && *ptr != '\0' && i < col) {
+		ptr++;
+		i++;
+	}
+
+	if (*ptr == '\n') {
+		*ptr++ = '\0';
+		printf("%s\n", in);
+		return ptr++;
+	}
+	else if (i == col) {
+		while (*ptr != ' ' && ptr != in)
+			ptr--;
+		*ptr++ = '\0';
+		printf("%s\n", in);
+		return ptr;
+	}
+	assert(0);
+	return NULL;
+}
+
+void paginate(char *in) {
+	struct winsize w;
+	int col = 80;
+	if (ioctl(0, TIOCGWINSZ, &w) == 0)
+		col = w.ws_col;
+
+	char *ptr = in;
+	while (*ptr != '\0') {
+		if (strlen(ptr) < col) {
+			printf("%s", ptr);
+			return;
+		}
+		ptr =print_line(ptr, col);
+	}
+
+	return;
+}
+
+static void info(void) {
+	ansi_clrscr();
+	if (arg_text == NULL) {
+		fprintf(stderr, "Error: --text argument required\n");
+		exit(1);
+	}
+
+	if (arg_title)
+		printf("%s\n\n", arg_title);
+
+	char *ptr = strstr(arg_text, "Press OK to continue");
+	if (ptr)
+		*ptr = '\0';
+	char *out = remove_markup(arg_text);
+	paginate(out);
+	free(out);
+
+	printf("\nContinue? (Y/N): ");
+
+	int c = getchar();
+	if (c == 'y' || c == 'Y')
+		exit(0);
+	exit(1);
+}
+
+static void question(void) {
+	ansi_clrscr();
+	if (arg_text == NULL) {
+		fprintf(stderr, "Error: --text argument required\n");
+		exit(1);
+	}
+
+	if (arg_title)
+		printf("%s\n\n", arg_title);
+
+	char *ptr = strstr(arg_text, "Press OK to continue");
+	if (ptr)
+		*ptr = '\0';
+	char *out = remove_markup(arg_text);
+	paginate(out);
+	free(out);
+
+	printf("\n\n(Y/N): ");
+
+	int c = getchar();
+	if (c == 'y' || c == 'Y')
+		exit(0);
+	exit(1);
+}
+
+int main(int argc, char **argv) {
+	int i;
+	for (i = 1; i < argc; i++) {
+//printf("argv %d: #%s#\n", i, argv[i]);
+		if (strcmp(argv[i], "--info") == 0)
+			arg_info = 1;
+		else if (strcmp(argv[i], "--question") == 0)
+			arg_question = 1;
+		else if (strncmp(argv[i], "--text=", 7) == 0)
+			arg_text = argv[i] + 7;
+	}
+
+	if (arg_question)
+		question();
+	else if (arg_info)
+		info();
+
+	return 0;
+}