Housekeeping

Make sure all files end with a newline
Strip extra newlines and trailing whitespace from files

.gitignore

@@ -40,4 +40,3 @@ seccomp.64
 seccomp.block_secondary
 seccomp.mdwx
 src/common.mk
-

src/common.mk.in

@@ -32,4 +32,3 @@ CFLAGS += -ggdb $(HAVE_FATAL_WARNINGS) -O2 -DVERSION='"$(VERSION)"'  $(HAVE_GCOV
 LDFLAGS += -pie -Wl,-z,relro -Wl,-z,now -lpthread
 EXTRA_LDFLAGS +=@EXTRA_LDFLAGS@
 EXTRA_CFLAGS +=@EXTRA_CFLAGS@
-

src/fbuilder/build_fs.c

@@ -314,4 +314,3 @@ void build_dev(const char *fname, FILE *fp) {
 		fprintf(fp, "\n");
 	}
 }
-

src/fbuilder/build_seccomp.c

@@ -189,4 +189,3 @@ void build_protocol(const char *fname, FILE *fp) {
 		fprintf(fp, "netfilter\n");
 	}
 }
-

src/fbuilder/fbuilder.h

@@ -67,4 +67,4 @@ FileDB *filedb_add(FileDB *head, const char *fname);
 FileDB *filedb_find(FileDB *head, const char *fname);
 void filedb_print(FileDB *head, const char *prefix, FILE *fp);
 
-#endif
+#endif

src/fbuilder/filedb.c

@@ -76,4 +76,3 @@ void filedb_print(FileDB *head, const char *prefix, FILE *fp) {
 		ptr = ptr->next;
 	}
 }
-

src/firecfg/desktop_files.c

@@ -322,5 +322,3 @@ void fix_desktop_files(char *homedir) {
 	closedir(dir);
 	free(user_apps_dir);
 }
-
-

src/firecfg/firecfg.h

@@ -48,4 +48,3 @@ void sound(void);
 
 // desktop_files.c
 void fix_desktop_files(char *homedir);
-

src/firecfg/sound.c

@@ -65,4 +65,3 @@ errexit:
 	fprintf(stderr, "Error: cannot configure sound file\n");
 	exit(1);
 }
-

src/firejail/fs_lib2.c

@@ -308,8 +308,3 @@ void fslib_install_system(void) {
 		ptr++;
 	}
 }
-
-
-
-
-

src/firejail/network_main.c

@@ -378,4 +378,4 @@ void net_print(pid_t pid) {
 
 	enter_network_namespace(pid);
 	sbox_run(SBOX_ROOT | SBOX_CAPS_NETWORK | SBOX_SECCOMP, 2, PATH_FNET_MAIN, "printif");
-}
+}

src/firejail/preproc.c

@@ -189,4 +189,3 @@ void preproc_clean_run(void) {
 
 	free(pidarr);
 }
-

src/firejail/shutdown.c

@@ -63,7 +63,7 @@ void shut(pid_t pid) {
 	while (monsec) {
 		sleep(1);
 		monsec--;
-		
+
 		FILE *fp = fopen(monfile, "r");
 		if (!fp) {
 			killdone = 1;

src/fsec-optimize/fsec_optimize.h

@@ -27,4 +27,4 @@
 struct sock_filter *duplicate(struct sock_filter *filter, int entries);
 int optimize(struct sock_filter * filter, int entries);
 
-#endif
+#endif

src/fsec-optimize/optimizer.c

@@ -133,4 +133,3 @@ struct sock_filter *duplicate(struct sock_filter *filter, int entries) {
 	memcpy(rv, filter, len);
 	return rv;
 }
-

src/fsec-print/fsec_print.h

@@ -29,4 +29,4 @@ void print(struct sock_filter *filter, int entries);
 // syscall_list.c
 const char *syscall_find_nr(int nr);
 
-#endif
+#endif

src/fsec-print/print.c

@@ -330,4 +330,3 @@ void print(struct sock_filter *filter, int entries) {
 		printf("\n");
 	}
 }
-

src/include/ldd_utils.h

@@ -43,4 +43,4 @@ int is_lib_64(const char *exe);
 
 
 
-#endif
+#endif

test/apps/apps.sh

@@ -19,4 +19,3 @@ for app in $LIST; do
 		echo "TESTING SKIP: $app not found"
 	fi
 done
-

test/filters/memwrexe.c

@@ -20,7 +20,7 @@ int main(int argc, char **argv) {
 		usage();
 		return 1;
 	}
-	
+
 	if (strcmp(argv[1], "mmap") == 0) {
 		// open some file
 		int fd = open("memwrexe.c", O_RDONLY);
@@ -28,13 +28,13 @@ int main(int argc, char **argv) {
 			fprintf(stderr, "TESTING ERROR: file not found, cannot run mmap test\n");
 			return 1;
 		}
-	
+
 		int size = lseek(fd, 0, SEEK_END);
 		if (size == -1) {
 			fprintf(stderr, "TESTING ERROR: file not found, cannot run mmap test\n");
 			return 1;
 		}
-		
+
 		void *p = mmap (0, size, PROT_WRITE|PROT_READ|PROT_EXEC, MAP_SHARED, fd, 0);
 		printf("mmap successful\n");
 
@@ -51,19 +51,19 @@ int main(int argc, char **argv) {
 			fprintf(stderr, "TESTING ERROR: file not found, cannot run mmap test\n");
 			return 1;
 		}
-	
+
 		int size = lseek(fd, 0, SEEK_END);
 		if (size == -1) {
 			fprintf(stderr, "TESTING ERROR: file not found, cannot run mmap test\n");
 			return 1;
 		}
-		
+
 		void *p = mmap (0, size, PROT_READ, MAP_SHARED, fd, 0);
 		if (!p) {
 			fprintf(stderr, "TESTING ERROR: cannot map file for mprotect test\n");
 			return 1;
 		}
-		
+
 		mprotect(p, size, PROT_READ|PROT_WRITE|PROT_EXEC);
 		printf("mprotect successful\n");
 
@@ -73,4 +73,3 @@ int main(int argc, char **argv) {
 		return 0;
 	}
 }
-	

test/fnetfilter/test1.net

@@ -16,4 +16,3 @@
 -A OUTPUT -p tcp --dport 3478 -j DROP
 -A OUTPUT -p tcp --dport 3479 -j DROP
 COMMIT
-

test/fnetfilter/test2.net

@@ -9,11 +9,10 @@
 #-A INPUT -p icmp --$ARG1 echo-reply -j ACCEPT
 -A INPUT -p icmp --$ARG1 $ARG2 -j ACCEPT
 -A INPUT -p icmp --$ARG1 $ARG3 -j ACCEPT
--A INPUT -p icmp --$ARG1 $ARG4 -j ACCEPT 
+-A INPUT -p icmp --$ARG1 $ARG4 -j ACCEPT
 # disable STUN
 -A OUTPUT -p udp --dport $ARG5 -j DROP
 -A OUTPUT -p udp --dport $ARG6 -j DROP
 -A OUTPUT -p tcp --dport $ARG5 -j DROP
 -A OUTPUT -p tcp --dport $ARG6 -j DROP
 COMMIT
-

test/hidepid-howto

@@ -23,5 +23,3 @@ $ cat /proc/mounts | grep proc
 proc /proc proc rw,nosuid,nodev,noexec,relatime,gid=618,hidepid=2 0 0
 
 3. Test "firejail --list", "firejail --top", "firejail --tree", "firejail --netstats"
-
-

test/network/tcpserver.c

@@ -35,7 +35,7 @@ int main(int argc, char **argv) {
 		return 1;
 	}
 	int portno = atoi(argv[1]);
-	
+
 	// init socket
 	fd = socket(AF_INET, SOCK_STREAM, 0);
 	if (fd < 0) {
@@ -82,7 +82,7 @@ int main(int argc, char **argv) {
 		if (pid == 0) {
 			// child
 			close(fd);
-#define MAXBUF 4096			
+#define MAXBUF 4096
 			char buf[MAXBUF];
 			memset(buf, 0, MAXBUF);
 
@@ -103,6 +103,6 @@ int main(int argc, char **argv) {
 		else
 			close(newfd);
 	}
-	
+
 	return 0;
 }

test/profiles/profiles.sh

@@ -43,4 +43,3 @@ do
 	echo "TESTING: $PROFILE"
 	./test-profile.exp $PROFILE
 done
-

test/profiles/test3.profile

@@ -1 +1 @@
-include test3.profile
+include test3.profile

test/root/option_tmpfs.exp

@@ -37,4 +37,3 @@ after 100
 
 
 puts "\nall done\n"
-

test/utils/caps2.profile

@@ -1 +1 @@
-caps.keep chown,kill
+caps.keep chown,kill