Add ${USER} macro (containing username of user who runs the firejail)

Question

Add ${USER} macro (containing username of user who runs the firejail)

msva opened this issue 4 months ago · comments

Vadim Misbakh-Soloviov commented 4 months ago

Hi there!

Sometimes, when I write profiles for my software, I facing situations when I need to mkdir/mkfile something in, say, /tmp/<username> for example, but I don't want to hardcode username in profiles, and want to make them username-agnostic.

And, as far as I see in fj manpage and in wiki here on GH, there is no such macro that would help me with that.
Much closer thing is ${RUNUSER}, but it links to /run/user/<UID>, while I sometimes need paths exactly containing username.

Would you please add a macro ${USER} (as corresponding variable in shells) or, at least, ${USERNAME} that will contain the username of the current user?

Vadim Misbakh-Soloviov · Answer 1 · Thu Feb 01 2024 12:31:42 GMT+0800 (China Standard Time)

by the way, maybe it will also be good to add XDG_CACHE_HOME macro (which will inherit corresponding value from environment variable during execution) too (to be able to pre-create cache directory before running the program, whatever value it will have on user's system)

I will hellp to solve issues like

Failed to create /tmp/mva/.cache for shader cache (No such file or directory)---disabling.

When mesa trying to create a place for shaders cache.

Kelvin M. Klann · Answer 2 · Fri Feb 02 2024 03:37:41 GMT+0800 (China Standard Time)

@msva on Feb 1:

Sometimes, when I write profiles for my software, I facing situations when I
need to mkdir/mkfile something in, say, /tmp/<username> for example,
but I don't want to hardcode username in profiles, and want to make them
username-agnostic.

Would you please add a macro ${USER} (as corresponding variable in shells)
or, at least, ${USERNAME} that will contain the username of the current
user?

+1 for ${USER}.

Though note that currently macros are only allowed at the beginning of paths.
The relevant code only handles that case and {} and some other shell
metacharacters are rejected outside of the macro itself. Example:

$ firejail --quiet --noprofile --mkdir='${HOME}/foo'
$ ls -l ~/foo
total 0
$ firejail --quiet --noprofile --mkdir='/tmp/${HOME}'
Error: "/tmp/${HOME}" is an invalid filename: rejected character: "{"

For now I'd suggest using shell script wrappers to create the paths. Example:

~/bin/myprogram:

#!/bin/sh

mkdir -p "/tmp/$USER"
exec firejail --profile=foo /usr/bin/myprogram

Kelvin M. Klann · Answer 3 · Fri Feb 02 2024 03:40:09 GMT+0800 (China Standard Time)

@msva on Feb 1:

by the way, maybe it will also be good to add XDG_CACHE_HOME macro (which
will inherit corresponding value from environment variable during execution)
too (to be able to pre-create cache directory before running the program,
whatever value it will have on user's system)

I will hellp to solve issues like
Failed to create /tmp/mva/.cache for shader cache (No such file or directory)---disabling.
When mesa trying to create a place for shaders cache.

Please open a separate issue for this.

Considering that there is currently support for some XDG-related macros (such
as ${DOCUMENTS}), this may or may not be easier to implement.

Though note that private-cache exists and that it may make more sense to
allow a path argument to it instead (such as private-cache /tmp/mva/.cache in
your example).