appimage: automatically detect profile

2026-05-21 06:45:29 -06:00 · 2021-06-14 10:15:35 -04:00 · 2021-06-14 10:15:35 -04:00 · e770ab6d85
commit e770ab6d85
parent e182eccac8
4 changed files with 43 additions and 3 deletions
--- a/1
+++ b/1
@ -500,6 +500,7 @@ Jean-Philippe Eisenbarth (https://github.com/jpeisenbarth)
 	- fixed spotify.profile
 Jeff Squyres (https://github.com/jsquyres)
 	- various manpage fixes
+	- cmdline.c: optionally quote the resulting command line
 Jericho (https://github.com/attritionorg)
 	- spelling
 Jesse Smith (https://github.com/slicer69)
--- a/src/firejail/appimage.c
+++ b/src/firejail/appimage.c
@ -30,6 +30,7 @@

 static char *devloop = NULL;	// device file
 static long unsigned size = 0;	// offset into appimage file
+#define MAXBUF 4096

 #ifdef LOOP_CTL_GET_FREE	// test for older kernels; this definition is found in /usr/include/linux/loop.h
 static void err_loop(void) {
@ -38,6 +39,32 @@ static void err_loop(void) {
 }
 #endif

+// return 1 if found
+int appimage_find_profile(const char *archive) {
+	assert(archive);
+	assert(strlen(archive));
+
+	// try to match the name of the archive with the list of programs in /usr/lib/firejail/firecfg.config
+	FILE *fp = fopen(LIBDIR "/firejail/firecfg.config", "r");
+	if (!fp) {
+		fprintf(stderr, "Error: cannot find %s, firejail is not correctly installed\n", LIBDIR "/firejail/firecfg.config");
+		exit(1);
+	}
+	char buf[MAXBUF];
+	while (fgets(buf, MAXBUF, fp)) {
+		if (*buf == '#')
+			continue;
+		char *ptr = strchr(buf, '\n');
+		if (ptr)
+			*ptr = '\0';
+		if (strcasestr(archive, buf))
+			return profile_find_firejail(buf, 1);
+	}
+	return 0;
+
+}
+
+
 void appimage_set(const char *appimage) {
 	assert(appimage);
 	assert(devloop == NULL);	// don't call this twice!
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@ -5,7 +5,7 @@
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
+ * the Free Software Foundation; eithe r version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
@ -815,6 +815,7 @@ int checkcfg(int val);
 void print_compiletime_support(void);

 // appimage.c
+int appimage_find_profile(const char *archive);
 void appimage_set(const char *appimage_path);
 void appimage_mount(void);
 void appimage_clear(void);
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@ -2819,6 +2819,11 @@ int main(int argc, char **argv, char **envp) {
 	// build the sandbox command
 	if (prog_index == -1 && cfg.shell) {
 		assert(cfg.command_line == NULL); // runs cfg.shell
+		if (arg_appimage) {
+			fprintf(stderr, "Error: no appimage archive specified\n");
+			exit(1);
+		}
+
 		cfg.window_title = cfg.shell;
 		cfg.command_name = cfg.shell;
 	}
@ -2844,7 +2849,13 @@ int main(int argc, char **argv, char **envp) {

 	// load the profile
 	if (!arg_noprofile && !custom_profile) {
-		custom_profile = profile_find_firejail(cfg.command_name, 1);
+		if (arg_appimage) {
+			custom_profile = appimage_find_profile(cfg.command_name);
+			// disable shell=* for appimages
+			arg_shell_none = 0;
+		}
+		else
+			custom_profile = profile_find_firejail(cfg.command_name, 1);
 	}

 	// use default.profile as the default
@ -2858,7 +2869,7 @@ int main(int argc, char **argv, char **envp) {
 		custom_profile = profile_find_firejail(profile_name, 1);

 		if (!custom_profile) {
-			fprintf(stderr, "Error: no default.profile installed\n");
+			fprintf(stderr, "Error: no %s installed\n", profile_name);
 			exit(1);
 		}