Allow changing protocol list after initial set #4009
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Tomin1
force-pushed
the
protocol_list_improvements
branch
from
660c548
to
17312a1
Compare
A lot of profile options deal with manipulating strings containing comma separated list of things, using several strains of similar but not exactly the same code, duplicated for the purposes of processing command line arguments and parsing configuration files. Having utility functions available for handling such list strings can make higher level logic shorter, cleaner and function in more uniform manner. Signed-off-by: Simo Piiroinen <[email protected]> Signed-off-by: Tomi Leppänen <[email protected]>
Firejail uses set-once logic for "protocol" list. This makes it impossible to accumulate list of allowed protocols from multiple include files. Use profile_list_augment() for maintaining list of protocols. This implicitly means protocols can be added/removed via any number of command line options / profile configuration files. Signed-off-by: Simo Piiroinen <[email protected]> Signed-off-by: Tomi Leppänen <[email protected]>
Tomin1
force-pushed
the
protocol_list_improvements
branch
from
17312a1
to
5ffd928
Compare
|
Merged, thanks! |
|
@Tomin1 Do we need bash_completion support for any of this? |
|
There is/was no completion of the value of |
|
@rusty-snake Good, that's settled thanks |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Firejail uses set-once logic for protocol list. This makes it impossible to accumulate list of allowed protocols from multiple include files. Instead of mandating that protocol is set once, allow constructing the list from multiple protocol rules.
These patches were part of Sailfish's firejail packaging. These were developed as part of implementing firejail sandboxing in Sailfish OS and just like the previous patches these were written by my colleague and previously reviewed by me or one of my other colleagues. See also #3960 for discussion.