allow/noallow/deny/nodeny aliases for whitelist/nowhitelist/blacklist/noblacklist

src/firejail/main.c

@@ -1565,6 +1565,8 @@ int main(int argc, char **argv, char **envp) {
 			profile_check_line(line, 0, NULL);	// will exit if something wrong
 			profile_add(line);
 		}
+
+		// blacklist/deny
 		else if (strncmp(argv[i], "--blacklist=", 12) == 0) {
 			char *line;
 			if (asprintf(&line, "blacklist %s", argv[i] + 12) == -1)
@@ -1573,6 +1575,14 @@ int main(int argc, char **argv, char **envp) {
 			profile_check_line(line, 0, NULL);	// will exit if something wrong
 			profile_add(line);
 		}
+		else if (strncmp(argv[i], "--deny=", 7) == 0) {
+			char *line;
+			if (asprintf(&line, "blacklist %s", argv[i] + 7) == -1)
+				errExit("asprintf");
+
+			profile_check_line(line, 0, NULL);	// will exit if something wrong
+			profile_add(line);
+		}
 		else if (strncmp(argv[i], "--noblacklist=", 14) == 0) {
 			char *line;
 			if (asprintf(&line, "noblacklist %s", argv[i] + 14) == -1)
@@ -1581,6 +1591,16 @@ int main(int argc, char **argv, char **envp) {
 			profile_check_line(line, 0, NULL);	// will exit if something wrong
 			profile_add(line);
 		}
+		else if (strncmp(argv[i], "--nodeny=", 9) == 0) {
+			char *line;
+			if (asprintf(&line, "noblacklist %s", argv[i] + 9) == -1)
+				errExit("asprintf");
+
+			profile_check_line(line, 0, NULL);	// will exit if something wrong
+			profile_add(line);
+		}
+
+		// whitelist
 		else if (strncmp(argv[i], "--whitelist=", 12) == 0) {
 			if (checkcfg(CFG_WHITELIST)) {
 				char *line;
@@ -1593,6 +1613,18 @@ int main(int argc, char **argv, char **envp) {
 			else
 				exit_err_feature("whitelist");
 		}
+		else if (strncmp(argv[i], "--allow=", 8) == 0) {
+			if (checkcfg(CFG_WHITELIST)) {
+				char *line;
+				if (asprintf(&line, "whitelist %s", argv[i] + 8) == -1)
+					errExit("asprintf");
+
+				profile_check_line(line, 0, NULL);	// will exit if something wrong
+				profile_add(line);
+			}
+			else
+				exit_err_feature("whitelist");
+		}
 		else if (strncmp(argv[i], "--nowhitelist=", 14) == 0) {
 			char *line;
 			if (asprintf(&line, "nowhitelist %s", argv[i] + 14) == -1)
@@ -1601,6 +1633,16 @@ int main(int argc, char **argv, char **envp) {
 			profile_check_line(line, 0, NULL);	// will exit if something wrong
 			profile_add(line);
 		}
+		else if (strncmp(argv[i], "--noallow=", 10) == 0) {
+			char *line;
+			if (asprintf(&line, "nowhitelist %s", argv[i] + 10) == -1)
+				errExit("asprintf");
+
+			profile_check_line(line, 0, NULL);	// will exit if something wrong
+			profile_add(line);
+		}
+
+
 		else if (strncmp(argv[i], "--mkdir=", 8) == 0) {
 			char *line;
 			if (asprintf(&line, "mkdir %s", argv[i] + 8) == -1)

src/firejail/profile.c

@@ -1746,6 +1746,37 @@ void profile_read(const char *fname) {
 			continue;
 		}
 
+		// translate allow/deny to whitelist/blacklist
+		if (strncmp(ptr, "allow ", 6) == 0) {
+			char *tmp;
+			if (asprintf(&tmp, "whitelist %s", ptr + 6) == -1)
+				errExit("asprintf");
+			free(ptr);
+			ptr = tmp;
+		}
+		else if (strncmp(ptr, "deny ", 5) == 0) {
+			char *tmp;
+			if (asprintf(&tmp, "blacklist %s", ptr + 5) == -1)
+				errExit("asprintf");
+			free(ptr);
+			ptr = tmp;
+		}
+		// translate noallow/nodeny to nowhitelist/noblacklist
+		else if (strncmp(ptr, "noallow ", 8) == 0) {
+			char *tmp;
+			if (asprintf(&tmp, "nowhitelist %s", ptr + 8) == -1)
+				errExit("asprintf");
+			free(ptr);
+			ptr = tmp;
+		}
+		else if (strncmp(ptr, "nodeny ", 7) == 0) {
+			char *tmp;
+			if (asprintf(&tmp, "noblacklist %s", ptr + 7) == -1)
+				errExit("asprintf");
+			free(ptr);
+			ptr = tmp;
+		}
+
 		// process quiet
 		// todo: a quiet in the profile file cannot be disabled by --ignore on command line
 		if (strcmp(ptr, "quiet") == 0) {