modif: Standardize and add missing name/hostname checks

[kmk3]

Main changes:

• Unify name and hostname checks
• Use only invalid_name to check the name and hostname instead of
  ad-hoc checks
• Standardize empty/invalid error messages for name/hostname
• Add missing name/hostname checks
• docs: document NAME VALIDATION in firejail.txt

Note: This makes the hostname validation less strict, though it still
forbids control characters and only numbers.

Relates to #5578 #5708.

See also commit b4ffaa2 ("merges; more on cleaning up esc chars",
2023-02-14).

Cc: @layderv @netblue30

[glitsj16]

LGTM, nice work. Only one nitpick, but approving nonetheless.

[kmk3]

@glitsj16 on Jun 15:

Nitpick. The double : reads a bit awkward. What do you think of "Error:
invalid sandbox name (cannot be empty)\n"?

I agree that it looks better in this case, but appending : $reason seems to
be more consistent with the existing error messages.

For example:

Error messages

$ git show --pretty='%h %ai %s' -s
fd1cbf6c9 2023-06-15 03:31:37 -0300 build: mark phony test targets as such
$ git grep -I '"Error: .*: [^(]*"' -- src | wc -l
46
$ git grep -I '"Error: .*: [^(]*"' -- src | head
src/firejail/dhcp.c:                    fprintf(stderr, "Error: dhclient -4 and -6 have the same PID: %ld\n", (long) dhclient4_pid);
src/firejail/fs.c:              fprintf(stderr, "Error: cannot mount tmpfs on %s: not owned by the current user\n", dir);
src/firejail/fs_dev.c:  fprintf(stderr, "Error: cannot create %s device: %s\n", path, strerror(errno));
src/firejail/fs_overlayfs.c:            fprintf(stderr, "Error: cannot extract Linux kernel version: %s\n", u.version);
src/firejail/fs_overlayfs.c:            fprintf(stderr, "Error: cannot remove file: %s\n", strerror(errno));
src/firejail/fs_trace.c:                fprintf(stderr, "Error: cannot write trace log: %s is no regular file\n", arg_tracefile);
src/firejail/main.c:                            fprintf(stderr, "Error: invalid --bandwidth command.\nValid commands: set, clear, status.\n");
src/firejail/main.c:                    fprintf(stderr, "Error: too long argument: argv[%d] len (%zu) >= MAX_ARG_LEN (%d): %s\n",
src/firejail/main.c:                    fprintf(stderr, "Error: cannot extract Linux kernel version: %s\n", u.version);
src/firejail/main.c:                                    fprintf(stderr, "Error: inaccessible profile file: %s\n", ppath);
$ git grep -I '"Error: .*: [^(]*"' -- src | grep dbus
src/firejail/profile.c:                 fprintf(stderr, "Error: Invalid dbus-user.talk name: %s\n", ptr + 15);
src/firejail/profile.c:                 fprintf(stderr, "Error: Invalid dbus-user.own name: %s\n", ptr + 14);
src/firejail/profile.c:                 fprintf(stderr, "Error: Invalid dbus-user.call rule: %s\n", ptr + 15);
src/firejail/profile.c:                 fprintf(stderr, "Error: Invalid dbus-user.broadcast rule: %s\n", ptr + 20);
src/firejail/profile.c:                 fprintf(stderr, "Error: Unknown dbus-system policy: %s\n", ptr);
src/firejail/profile.c:                 fprintf(stderr, "Error: Invalid dbus-system.see name: %s\n", ptr + 17);
src/firejail/profile.c:                 fprintf(stderr, "Error: Invalid dbus-system.talk name: %s\n", ptr + 17);
src/firejail/profile.c:                 fprintf(stderr, "Error: Invalid dbus-system.own name: %s\n", ptr + 16);
src/firejail/profile.c:                 fprintf(stderr, "Error: Invalid dbus-system.call rule: %s\n", ptr + 17);
src/firejail/profile.c:                 fprintf(stderr, "Error: Invalid dbus-system.broadcast rule: %s\n", ptr + 22);

Likewise for warn(3) and errExit:

errno = 1;
warn("foo failed");
// firejail: foo failed: Operation not permitted

errno = 1;
errExit("foo failed");
// Error foo failed: main.c:12 main: Operation not permitted

Misc: It looks like errExit could be improved; I'll open a PR for it later.

Also, originally there were more error messages in the PR and at least one
already contained parentheses:

Error: invalid sandbox name: cannot be empty
Error: invalid sandbox name: name too long (%d > 253)
Error: invalid sandbox name: cannot contain only numbers

It looks more readable to me than the following, for example:

Error: invalid sandbox name (cannot be empty)
Error: invalid sandbox name (name too long (%d > 253))
Error: invalid sandbox name (cannot contain only numbers)

And more consistent than the following example:

Error: invalid sandbox name: (cannot be empty)
Error: invalid sandbox name: name too long (%d > 253)
Error: invalid sandbox name: cannot contain only numbers

Note: The last part doesn't apply to the PR as is, but in general I think it
would be good to follow the existing pattern for new messages.

[glitsj16]

@kmk3

I agree that it looks better in this case, but appending : $reason seems to
be more consistent with the existing error messages.

No problem, let's stick with that format.

Misc: It looks like errExit could be improved; I'll open a PR for it later.

errExit improvements, that would be very welcome. Several years ago I started working on that in #3325 but the PR never left the platform. I do remember wanting to provide users with an indication of where the error message originated from. Back then I used [firejail] Error: $reason\n. Just a FYI.