Add --mkdir and --mkfile command line options for firejail #4010
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Profile files are defined as a means to "pass several command line
arguments to firejail" but apparently for example mkdir and mkfile
options are available in context of profile files, but can't be
specified directly from command line.
Add support for -mkdir and --mkfile options so that executing:
firejail --mkdir=${HOME}/directory/path\
--whitelist=${HOME}/directory/path
behaves similarly as having profile file content:
mkdir ${HOME}/directory/path
whitelist ${HOME}/directory/path
Signed-off-by: Simo Piiroinen <[email protected]>
Signed-off-by: Tomi Leppänen <[email protected]>
|
Merged, thanks! |
|
@Tomin1 Do we need bash_completion support for any of this? |
|
No, the completions script picks it automatically form the --help output and a filename completions makes no sense for non-existing files. zsh completion + removal of --audit (in both) is in work. |
|
Reminds me #3743 (comment). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Profile files are defined as a means to "pass several command line arguments to firejail" but apparently for example mkdir and mkfile options are available in context of profile files, but can't be specified directly from command line.
Add support for -mkdir and --mkfile options so that executing:
firejail --mkdir=${HOME}/directory/path
--whitelist=${HOME}/directory/path
behaves similarly as having profile file content:
mkdir ${HOME}/directory/path
whitelist ${HOME}/directory/path
This patches was part of Sailfish's firejail packaging. It was developed as part of implementing firejail sandboxing in Sailfish OS and just like the previous patches written by my colleague and previously reviewed by me or one of my other colleagues. See also #3960 for discussion.