diff options
author | netblue30 <netblue30@yahoo.com> | 2018-05-08 07:45:14 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2018-05-08 07:45:14 -0400 |
commit | ab7a36982bbdf8d5235c5ecb007a773b294109d4 (patch) | |
tree | 6f9661435f7b4c773805613fff26877bff76b382 | |
parent | Merge pull request #1924 from glitsj16/gnome-logs (diff) | |
download | firejail-ab7a36982bbdf8d5235c5ecb007a773b294109d4.tar.gz firejail-ab7a36982bbdf8d5235c5ecb007a773b294109d4.tar.zst firejail-ab7a36982bbdf8d5235c5ecb007a773b294109d4.zip |
errLogExit and --overlay-clean
-rw-r--r-- | src/firejail/util.c | 34 |
1 files changed, 26 insertions, 8 deletions
diff --git a/src/firejail/util.c b/src/firejail/util.c index d6835569d..abebe36a3 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
@@ -33,6 +33,28 @@ | |||
33 | 33 | ||
34 | #define MAX_GROUPS 1024 | 34 | #define MAX_GROUPS 1024 |
35 | 35 | ||
36 | // send the error to /var/log/auth.log and exit after a small delay | ||
37 | void errLogExit(char* fmt, ...) { | ||
38 | va_list args; | ||
39 | va_start(args,fmt); | ||
40 | openlog("firejail", LOG_NDELAY | LOG_PID, LOG_AUTH); | ||
41 | MountData *m = get_last_mount(); | ||
42 | |||
43 | char *msg1; | ||
44 | char *msg2; | ||
45 | if (vasprintf(&msg1, fmt, args) != -1 && | ||
46 | asprintf(&msg2, "Access error: pid %d, last mount %s %s %s - %s", getuid(), m->fsname, m->dir, m->fstype, msg1) != -1) | ||
47 | syslog(LOG_CRIT, "%s", msg2); | ||
48 | closelog(); | ||
49 | |||
50 | fprintf(stderr, "Access error pid %d - ", getuid()); | ||
51 | vfprintf(stderr, fmt, args); | ||
52 | va_end(args); | ||
53 | |||
54 | sleep(2); | ||
55 | exit(1); | ||
56 | } | ||
57 | |||
36 | static void clean_supplementary_groups(gid_t gid) { | 58 | static void clean_supplementary_groups(gid_t gid) { |
37 | assert(cfg.username); | 59 | assert(cfg.username); |
38 | gid_t groups[MAX_GROUPS]; | 60 | gid_t groups[MAX_GROUPS]; |
@@ -869,14 +891,10 @@ int remove_overlay_directory(void) { | |||
869 | errExit("asprintf"); | 891 | errExit("asprintf"); |
870 | 892 | ||
871 | // deal with obvious problems such as symlinks and root ownership | 893 | // deal with obvious problems such as symlinks and root ownership |
872 | if (is_link(path)) { | 894 | if (is_link(path)) |
873 | fprintf(stderr, "Error: cannot follow symbolic link\n"); | 895 | errLogExit("overlay directory is a symlink\n"); |
874 | exit(1); | 896 | if (access(path, R_OK | W_OK | X_OK) == -1) |
875 | } | 897 | errLogExit("no access to overlay directory\n"); |
876 | if (access(path, R_OK | W_OK | X_OK) == -1) { | ||
877 | fprintf(stderr, "Error: cannot access ~/.firejail directory\n"); | ||
878 | exit(1); | ||
879 | } | ||
880 | 898 | ||
881 | EUID_ROOT(); | 899 | EUID_ROOT(); |
882 | if (setreuid(0, 0) < 0 || | 900 | if (setreuid(0, 0) < 0 || |