colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

sanebox: remove extraneous quotes

Browse Source 
probably some still remain
This commit is contained in:
Colin
2024-05-17 23:01:24 +00:00
parent 76434b6970
commit bf98da0061
1 changed files with 65 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

128
pkgs/additional/sanebox/sanebox
View File

@@ -150,8 +150,8 @@ usage() {
# if `path` is absolute, returns `path` # if `path` is absolute, returns `path`
# otherwise, joins `path` onto `$PWD` # otherwise, joins `path` onto `$PWD`
relativeToPwd() { relativeToPwd() {
local outvar="$1" local outvar=$1
local path="$2" local path=$2
if [ "${path:0:1}" == "/" ]; then if [ "${path:0:1}" == "/" ]; then
declare -g "$outvar"="$path" declare -g "$outvar"="$path"
else else
@@ -169,15 +169,15 @@ relativeToPwd() {
# myHead=/top # myHead=/top
# myTail= # myTail=
splitHead() { splitHead() {
local outHead="$1" local outHead=$1
local outTail="$2" local outTail=$2
local path="$3" local path=$3
# chomp leading `/` # chomp leading `/`
path="${path:1}" path=${path:1}
local leadingComp="${path%%/*}" local leadingComp=${path%%/*}
local compLen="${#leadingComp}" local compLen=${#leadingComp}
local tail="${path:$compLen}" local tail=${path:$compLen}
declare -g "$outHead"="/$leadingComp" declare -g "$outHead"="/$leadingComp"
declare -g "$outTail"="$tail" declare -g "$outTail"="$tail"
@@ -189,13 +189,13 @@ splitHead() {
# chomps trailing slashes. # chomps trailing slashes.
# does not resolve symlinks, nor check for existence of any component of the path. # does not resolve symlinks, nor check for existence of any component of the path.
normPath() { normPath() {
local outVar="$1" local outVar=$1
local unparsed="$2" local unparsed=$2
local comps=() local comps=()
while [ -n "$unparsed" ]; do while [ -n "$unparsed" ]; do
splitHead _npThisComp _npUnparsed "$unparsed" splitHead _npThisComp _npUnparsed "$unparsed"
unparsed="$_npUnparsed" unparsed=$_npUnparsed
local thisComp="$_npThisComp" local thisComp=$_npThisComp
if [ "$thisComp" = "/.." ]; then if [ "$thisComp" = "/.." ]; then
# "go up" path component => delete the leaf dir (if any) # "go up" path component => delete the leaf dir (if any)
@@ -214,7 +214,7 @@ normPath() {
else else
local joined= local joined=
for comp in "${comps[@]}"; do for comp in "${comps[@]}"; do
joined="$joined$comp" joined=$joined$comp
done done
declare -g "$outVar"="$joined" declare -g "$outVar"="$joined"
fi fi
@@ -258,21 +258,22 @@ locate() {
# `urldecode outVar <uri>` # `urldecode outVar <uri>`
# convert e.g. `file:///Local%20Users/foo.mp3` to `file:///Local Users/foo.mp3` # convert e.g. `file:///Local%20Users/foo.mp3` to `file:///Local Users/foo.mp3`
urldecode() { urldecode() {
local outVar="$1" local outVar=$1
shift shift
# source: <https://stackoverflow.com/q/6250698> # source: <https://stackoverflow.com/q/6250698>
# replace each `+` with space # replace each `+` with space
local i="${*//+/ }" local i=${*//+/ }
# then replace each `%` with `\x` # then replace each `%` with `\x`
# and have `echo` evaluate the escape sequences # and have `echo` evaluate the escape sequences
declare -g "$outVar"="$(echo -e "${i//%/\\x}")" local decoded=$(echo -e "${i//%/\\x}")
declare -g "$outVar"="$decoded"
} }
# `contains needle ${haystack[0]} ${haystack[1]} ...` # `contains needle ${haystack[0]} ${haystack[1]} ...`
# evals `true` if the first argument is equal to any of the other args # evals `true` if the first argument is equal to any of the other args
contains() { contains() {
local needle="$1" local needle=$1
shift shift
for item in "$@"; do for item in "$@"; do
if [ "$needle" = "$item" ]; then if [ "$needle" = "$item" ]; then
@@ -287,21 +288,21 @@ contains() {
# unlink `derefOnce`, this only acts if the leaf of `path` is a symlink, # unlink `derefOnce`, this only acts if the leaf of `path` is a symlink,
# not if it's an ordinary entry within a symlinked directory. # not if it's an ordinary entry within a symlinked directory.
readlinkOnce() { readlinkOnce() {
local outVar="$1" local outVar=$1
local path="$2" local path=$2
local linkTarget= local linkTarget=
if [ -v linkCache["$path"] ]; then if [ -v linkCache[$path] ]; then
linkTarget="${linkCache["$path"]}" linkTarget=${linkCache["$path"]}
elif [ -L "$path" ]; then elif [ -L "$path" ]; then
# path is a link, but not in the cache # path is a link, but not in the cache
linkTarget="$(readlink "$path")" linkTarget=$(readlink "$path")
# insert it into the cache, in case we traverse it again # insert it into the cache, in case we traverse it again
linkCache["$path"]="$linkTarget" linkCache[$path]=$linkTarget
else else
# remember for later that this path doesn't represent a link. # remember for later that this path doesn't represent a link.
# empty target is used to indicate a non-symlink (i.e. ordinary file/directory). # empty target is used to indicate a non-symlink (i.e. ordinary file/directory).
# i think a symlink can *technically* point to "" (via `symlink` syscall), but `ln -s` doesn't allow it # i think a symlink can *technically* point to "" (via `symlink` syscall), but `ln -s` doesn't allow it
linkCache["$path"]= linkCache[$path]=
fi fi
declare -g "$outVar"="$linkTarget" declare -g "$outVar"="$linkTarget"
} }
@@ -311,20 +312,20 @@ readlinkOnce() {
# the dereferenced path may yet contain more unresolved symlinks. # the dereferenced path may yet contain more unresolved symlinks.
# if no links are encountered, then `outVar` is set empty. # if no links are encountered, then `outVar` is set empty.
derefOnce() { derefOnce() {
local outVar="$1" local outVar=$1
local source="$2" local source=$2
local target= local target=
local walked= local walked=
local unwalked="$source" local unwalked=$source
while [ -n "$unwalked" ]; do while [ -n "$unwalked" ]; do
splitHead _head _unwalked "$unwalked" splitHead _head _unwalked "$unwalked"
unwalked="$_unwalked" unwalked=$_unwalked
walked="$walked$_head" walked=$walked$_head
readlinkOnce _linkTarget "$walked" readlinkOnce _linkTarget "$walked"
if [ -n "$_linkTarget" ]; then if [ -n "$_linkTarget" ]; then
target="$_linkTarget$unwalked" target=$_linkTarget$unwalked
break break
fi fi
done done
@@ -334,11 +335,11 @@ derefOnce() {
if [ "${target:0:1}" != "/" ]; then if [ "${target:0:1}" != "/" ]; then
# `walked` is a relative link. # `walked` is a relative link.
# then, the link is relative to the parent directory of `walked` # then, the link is relative to the parent directory of `walked`
target="$walked/../$target" target=$walked/../$target
fi fi
# canonicalize # canonicalize
normPath _normTarget "$target" normPath _normTarget "$target"
target="$_normTarget" target=$_normTarget
fi fi
declare -g "$outVar"="$target" declare -g "$outVar"="$target"
} }
@@ -350,8 +351,8 @@ derefOnce() {
# adds an entry to `paths` and evals `true` on success; # adds an entry to `paths` and evals `true` on success;
# evals `false` if the path couldn't be added, for any reason. # evals `false` if the path couldn't be added, for any reason.
tryPath() { tryPath() {
local path="$1" local path=$1
local how="$2" local how=$2
if [ "$how" = "existing" ]; then if [ "$how" = "existing" ]; then
# the caller wants to access either a file, or a directory (possibly a symlink to such a thing) # the caller wants to access either a file, or a directory (possibly a symlink to such a thing)
@@ -386,24 +387,24 @@ tryPath() {
# this function ingests absolute, relative, or file:///-type URIs. # this function ingests absolute, relative, or file:///-type URIs.
# but it converts any such path into an absolute path before adding it to paths. # but it converts any such path into an absolute path before adding it to paths.
tryArgAsPath() { tryArgAsPath() {
local arg="$1" local arg=$1
local how="$2" local how=$2
path= path=
if [ "${arg:0:1}" = "/" ]; then if [ "${arg:0:1}" = "/" ]; then
# absolute path # absolute path
path="$arg" path=$arg
elif [ "${arg:0:8}" = "file:///" ]; then elif [ "${arg:0:8}" = "file:///" ]; then
# URI to an absolute path which is presumably on this vfs # URI to an absolute path which is presumably on this vfs
# commonly found when xdg-open/mimeo passes a path on to an application # commonly found when xdg-open/mimeo passes a path on to an application
# if URIs to relative paths exist, this implementation doesn't support them # if URIs to relative paths exist, this implementation doesn't support them
urldecode _path "${arg:7}" urldecode _path "${arg:7}"
path="$_path" path=$_path
elif [ "${path:0:1}" = "-" ]; then elif [ "${path:0:1}" = "-" ]; then
# 99% chance it's a CLI argument. if not, use `./-<...>` # 99% chance it's a CLI argument. if not, use `./-<...>`
return return
else else
# assume relative path # assume relative path
_path="$PWD/$arg" _path=$PWD/$arg
fi fi
tryPath "$path" "$how" tryPath "$path" "$how"
@@ -416,7 +417,7 @@ tryArgAsPath() {
parseArgsExtra=() parseArgsExtra=()
parseArgs() { parseArgs() {
while [ "$#" -ne 0 ]; do while [ "$#" -ne 0 ]; do
local arg="$1" local arg=$1
shift shift
case "$arg" in case "$arg" in
(--) (--)
@@ -456,7 +457,7 @@ parseArgs() {
isDryRun=1 isDryRun=1
;; ;;
(--sanebox-method) (--sanebox-method)
method="$1" method=$1
shift shift
;; ;;
(--sanebox-autodetect) (--sanebox-autodetect)
@@ -464,11 +465,11 @@ parseArgs() {
# this is handy for e.g. media players or document viewers. # this is handy for e.g. media players or document viewers.
# it's best combined with some two-tiered thing. # it's best combined with some two-tiered thing.
# e.g. first drop to the broadest path set of interest (Music,Videos,tmp, ...), then drop via autodetect. # e.g. first drop to the broadest path set of interest (Music,Videos,tmp, ...), then drop via autodetect.
autodetect="$1" autodetect=$1
shift shift
;; ;;
(--sanebox-cap) (--sanebox-cap)
local cap="$1" local cap=$1
shift shift
capabilities+=("$cap") capabilities+=("$cap")
;; ;;
@@ -485,27 +486,28 @@ parseArgs() {
;; ;;
(--sanebox-dns) (--sanebox-dns)
# N.B.: these named temporary variables ensure that "set -x" causes $1 to be printed # N.B.: these named temporary variables ensure that "set -x" causes $1 to be printed
local dns="$1" local dns=$1
shift shift
dns+=("$dns") dns+=("$dns")
;; ;;
(--sanebox-firejail-arg) (--sanebox-firejail-arg)
local fjFlag="$1" local fjFlag=$1
shift shift
firejailFlags+=("$fjFlag") firejailFlags+=("$fjFlag")
;; ;;
(--sanebox-bwrap-arg) (--sanebox-bwrap-arg)
local bwrapFlag="$1" local bwrapFlag=$1
shift shift
bwrapFlags+=("$bwrapFlag") bwrapFlags+=("$bwrapFlag")
;; ;;
(--sanebox-net) (--sanebox-net)
net="$1" net=$1
shift shift
;; ;;
(--sanebox-keep-namespace) (--sanebox-keep-namespace)
local namespace="$1" local namespace=$1
shift shift
# TODO: should this include `net` namespace??
if [ "$namespace" = all ]; then if [ "$namespace" = all ]; then
keepNamespace+=("cgroup" "ipc" "pid" "uts") keepNamespace+=("cgroup" "ipc" "pid" "uts")
else else
@@ -513,18 +515,18 @@ parseArgs() {
fi fi
;; ;;
(--sanebox-path) (--sanebox-path)
local path="$1" local path=$1
shift shift
relativeToPwd _absPath "$path" relativeToPwd _absPath "$path"
paths+=("$_absPath") paths+=("$_absPath")
;; ;;
(--sanebox-home-path) (--sanebox-home-path)
local path="$1" local path=$1
shift shift
paths+=("$HOME/$path") paths+=("$HOME/$path")
;; ;;
(--sanebox-run-path) (--sanebox-run-path)
local path="$1" local path=$1
shift shift
paths+=("$XDG_RUNTIME_DIR/$path") paths+=("$XDG_RUNTIME_DIR/$path")
;; ;;
@@ -701,9 +703,9 @@ landlockIngestPath() {
# sandboxer will error if that part fails. # sandboxer will error if that part fails.
if [ -z "$landlockPaths" ]; then if [ -z "$landlockPaths" ]; then
# avoid leading :, which would otherwise cause a "no such file" error. # avoid leading :, which would otherwise cause a "no such file" error.
landlockPaths="$1" landlockPaths=$1
else else
landlockPaths="$landlockPaths:$1" landlockPaths=$landlockPaths:$1
fi fi
fi fi
} }
@@ -760,9 +762,9 @@ capshonlyIngestCapability() {
# therefore, only grant it those capabilities i know will succeed. # therefore, only grant it those capabilities i know will succeed.
if capsh "--has-p=cap_$1" 2>/dev/null; then if capsh "--has-p=cap_$1" 2>/dev/null; then
if [ -z "$capshCapsArg" ]; then if [ -z "$capshCapsArg" ]; then
capshCapsArg="cap_$1=eip" capshCapsArg=cap_$1=eip
else else
capshCapsArg="cap_$1,$capshCapsArg" capshCapsArg=cap_$1,$capshCapsArg
fi fi
else else
debug "capsh: don't have capability $1" debug "capsh: don't have capability $1"
@@ -806,9 +808,9 @@ loadLinkCache() {
readarray -t _linkCacheArray < /etc/sanebox/symlink-cache readarray -t _linkCacheArray < /etc/sanebox/symlink-cache
for link in "${_linkCacheArray[@]}"; do for link in "${_linkCacheArray[@]}"; do
# XXX: bash doesn't give a good way to escape the tab character, but that's what we're splitting on here. # XXX: bash doesn't give a good way to escape the tab character, but that's what we're splitting on here.
local from="${link%% *}" local from=${link%% *}
local to="${link##* }" local to=${link##* }
linkCache["$from"]="$to" linkCache[$from]=$to
done done
} }
@@ -929,10 +931,10 @@ parseArgsAndEnvironment "$@"
# N.B.: SANEBOX_DEBUG FREQUENTLY BREAKS APPLICATIONS WHICH PARSE STDOUT # N.B.: SANEBOX_DEBUG FREQUENTLY BREAKS APPLICATIONS WHICH PARSE STDOUT
# example is wireshark parsing stdout of dumpcap; # example is wireshark parsing stdout of dumpcap;
# in such a case invoke the app with --sanebox-debug instead of the env var. # in such a case invoke the app with --sanebox-debug instead of the env var.
export SANEBOX_DEBUG="$SANEBOX_DEBUG" export SANEBOX_DEBUG=$SANEBOX_DEBUG
export SANEBOX_DISABLE="$SANEBOX_DISABLE" export SANEBOX_DISABLE=$SANEBOX_DISABLE
export SANEBOX_PREPEND="$SANEBOX_PREPEND" export SANEBOX_PREPEND=$SANEBOX_PREPEND
export SANEBOX_APPEND="$SANEBOX_APPEND" export SANEBOX_APPEND=$SANEBOX_APPEND
if [ -z "$isDisable" ]; then if [ -z "$isDisable" ]; then
loadLinkCache loadLinkCache