Use special profiles for Portmaster components and mark them as internal
This commit is contained in:
Daniel
@@ -2,30 +2,16 @@ package profile
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
"github.com/safing/portbase/database"
|
||||
|
||||
"github.com/safing/portbase/dataroot"
|
||||
|
||||
"github.com/safing/portbase/database/query"
|
||||
"github.com/safing/portbase/database/record"
|
||||
"github.com/safing/portbase/log"
|
||||
"golang.org/x/sync/singleflight"
|
||||
)
|
||||
|
||||
const (
|
||||
// UnidentifiedProfileID is the profile ID used for unidentified processes.
|
||||
UnidentifiedProfileID = "_unidentified"
|
||||
|
||||
// SystemProfileID is the profile ID used for the system/kernel.
|
||||
SystemProfileID = "_system"
|
||||
|
||||
// SystemProfileID is the profile ID used for the Portmaster itself.
|
||||
PortmasterProfileID = "_portmaster"
|
||||
)
|
||||
|
||||
var getProfileSingleInflight singleflight.Group
|
||||
|
||||
// GetProfile fetches a profile. This function ensures that the loaded profile
|
||||
@@ -69,15 +55,8 @@ func GetProfile(source profileSource, id, linkedPath string) ( //nolint:gocognit
|
||||
// If we cannot find a profile, check if the request is for a special
|
||||
// profile we can create.
|
||||
if errors.Is(err, database.ErrNotFound) {
|
||||
switch id {
|
||||
case UnidentifiedProfileID:
|
||||
profile = New(SourceLocal, UnidentifiedProfileID, linkedPath)
|
||||
err = nil
|
||||
case SystemProfileID:
|
||||
profile = New(SourceLocal, SystemProfileID, linkedPath)
|
||||
err = nil
|
||||
case PortmasterProfileID:
|
||||
profile = New(SourceLocal, PortmasterProfileID, linkedPath)
|
||||
profile = getSpecialProfile(id, linkedPath)
|
||||
if profile != nil {
|
||||
err = nil
|
||||
}
|
||||
}
|
||||
@@ -177,7 +156,7 @@ func findProfile(linkedPath string) (profile *Profile, err error) {
|
||||
|
||||
// Check if the profile should be marked as internal.
|
||||
// This is the case whenever the binary resides within the data root dir.
|
||||
if strings.HasPrefix(linkedPath, dataroot.Root().Dir+string(os.PathSeparator)) {
|
||||
if updatesPath != "" && strings.HasPrefix(linkedPath, updatesPath) {
|
||||
profile.Internal = true
|
||||
}
|
||||
|
||||
|
||||
@@ -1,17 +1,21 @@
|
||||
package profile
|
||||
|
||||
import (
|
||||
"os"
|
||||
|
||||
"github.com/safing/portbase/log"
|
||||
|
||||
"github.com/safing/portbase/modules"
|
||||
|
||||
// module dependencies
|
||||
_ "github.com/safing/portmaster/core/base"
|
||||
"github.com/safing/portmaster/updates"
|
||||
_ "github.com/safing/portmaster/updates" // dependency of semi-dependency filterlists
|
||||
)
|
||||
|
||||
var (
|
||||
module *modules.Module
|
||||
module *modules.Module
|
||||
updatesPath string
|
||||
)
|
||||
|
||||
func init() {
|
||||
@@ -33,6 +37,11 @@ func prep() error {
|
||||
}
|
||||
|
||||
func start() error {
|
||||
updatesPath = updates.RootPath() + string(os.PathSeparator)
|
||||
if updatesPath != "" {
|
||||
updatesPath += string(os.PathSeparator)
|
||||
}
|
||||
|
||||
err := registerValidationDBHook()
|
||||
if err != nil {
|
||||
return err
|
||||
|
||||
@@ -394,7 +394,7 @@ func (profile *Profile) UpdateMetadata(processName, binaryPath string) (changed
|
||||
}
|
||||
|
||||
// Update LinkedPath if if differs from the process path.
|
||||
// This will (at the moment) only be the case for the Portmaster profile.
|
||||
// This will be the case for profiles that are assigned in a special way.
|
||||
if profile.LinkedPath != binaryPath {
|
||||
profile.LinkedPath = binaryPath
|
||||
changed = true
|
||||
|
||||
61
profile/special.go
Normal file
61
profile/special.go
Normal file
@@ -0,0 +1,61 @@
|
||||
package profile
|
||||
|
||||
const (
|
||||
// UnidentifiedProfileID is the profile ID used for unidentified processes.
|
||||
UnidentifiedProfileID = "_unidentified"
|
||||
|
||||
// SystemProfileID is the profile ID used for the system/kernel.
|
||||
SystemProfileID = "_system"
|
||||
|
||||
// PortmasterProfileID is the profile ID used for the Portmaster Core itself.
|
||||
PortmasterProfileID = "_portmaster"
|
||||
|
||||
// PortmasterAppProfileID is the profile ID used for the Portmaster App.
|
||||
PortmasterAppProfileID = "_portmaster-app"
|
||||
|
||||
// PortmasterNotifierProfileID is the profile ID used for the Portmaster Notifier.
|
||||
PortmasterNotifierProfileID = "_portmaster-notifier"
|
||||
)
|
||||
|
||||
func getSpecialProfile(profileID, linkedPath string) *Profile {
|
||||
switch profileID {
|
||||
case UnidentifiedProfileID:
|
||||
return New(SourceLocal, UnidentifiedProfileID, linkedPath)
|
||||
|
||||
case SystemProfileID:
|
||||
return New(SourceLocal, SystemProfileID, linkedPath)
|
||||
|
||||
case PortmasterProfileID:
|
||||
profile := New(SourceLocal, PortmasterProfileID, linkedPath)
|
||||
profile.Name = "Portmaster Core Service"
|
||||
profile.Internal = true
|
||||
return profile
|
||||
|
||||
case PortmasterAppProfileID:
|
||||
profile := New(SourceLocal, PortmasterAppProfileID, linkedPath)
|
||||
profile.Name = "Portmaster User Interface"
|
||||
profile.Internal = true
|
||||
profile.Config = map[string]interface{}{
|
||||
CfgOptionDefaultActionKey: "block",
|
||||
CfgOptionEndpointsKey: []string{
|
||||
"+ Localhost",
|
||||
},
|
||||
}
|
||||
return profile
|
||||
|
||||
case PortmasterNotifierProfileID:
|
||||
profile := New(SourceLocal, PortmasterNotifierProfileID, linkedPath)
|
||||
profile.Name = "Portmaster Notifier"
|
||||
profile.Internal = true
|
||||
profile.Config = map[string]interface{}{
|
||||
CfgOptionDefaultActionKey: "block",
|
||||
CfgOptionEndpointsKey: []string{
|
||||
"+ Localhost",
|
||||
},
|
||||
}
|
||||
return profile
|
||||
|
||||
default:
|
||||
return nil
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user