diff options
author | smitsohu <smitsohu@gmail.com> | 2021-01-06 13:14:22 +0100 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2021-01-06 19:50:48 +0100 |
commit | 1e3891ed00c99a913f98fc1f42805fafe38f7ff5 (patch) | |
tree | 78adb56ff3a988e3ecfdbfca53549d65d3e7ef18 | |
parent | non-dumpable plugins (diff) | |
download | firejail-1e3891ed00c99a913f98fc1f42805fafe38f7ff5.tar.gz firejail-1e3891ed00c99a913f98fc1f42805fafe38f7ff5.tar.zst firejail-1e3891ed00c99a913f98fc1f42805fafe38f7ff5.zip |
fix broken tests and regression on 45304621a6c600d8e30e98bfbef05149caaf56c5
-rw-r--r-- | src/firejail/fs_lib.c | 13 | ||||
-rw-r--r-- | src/firejail/fs_lib2.c | 7 |
2 files changed, 12 insertions, 8 deletions
diff --git a/src/firejail/fs_lib.c b/src/firejail/fs_lib.c index 5cfd33b42..941d6ad82 100644 --- a/src/firejail/fs_lib.c +++ b/src/firejail/fs_lib.c | |||
@@ -336,6 +336,12 @@ void fs_private_lib(void) { | |||
336 | // start timetrace | 336 | // start timetrace |
337 | timetrace_start(); | 337 | timetrace_start(); |
338 | 338 | ||
339 | // bring in firejail executable libraries in case we are redirected here by a firejail symlink from /usr/local/bin/firejail | ||
340 | fslib_install_list(PATH_FIREJAIL); | ||
341 | |||
342 | // bring in firejail directory | ||
343 | fslib_install_list("firejail"); | ||
344 | |||
339 | // copy the libs in the new lib directory for the main exe | 345 | // copy the libs in the new lib directory for the main exe |
340 | if (cfg.original_program_index > 0) { | 346 | if (cfg.original_program_index > 0) { |
341 | if (arg_debug || arg_debug_private_lib) | 347 | if (arg_debug || arg_debug_private_lib) |
@@ -374,13 +380,6 @@ void fs_private_lib(void) { | |||
374 | printf("Installing system libraries\n"); | 380 | printf("Installing system libraries\n"); |
375 | fslib_install_system(); | 381 | fslib_install_system(); |
376 | 382 | ||
377 | // bring in firejail directory for --trace and seccomp post exec | ||
378 | // bring in firejail executable libraries in case we are redirected here by a firejail symlink from /usr/local/bin/firejail | ||
379 | fslib_install_list("/usr/bin/firejail,firejail"); // todo: use the installed path for the executable | ||
380 | |||
381 | // install libraries needed by fcopy | ||
382 | fslib_install_list(PATH_FCOPY); | ||
383 | |||
384 | fmessage("Installed %d %s and %d %s\n", lib_cnt, (lib_cnt == 1)? "library": "libraries", | 383 | fmessage("Installed %d %s and %d %s\n", lib_cnt, (lib_cnt == 1)? "library": "libraries", |
385 | dir_cnt, (dir_cnt == 1)? "directory": "directories"); | 384 | dir_cnt, (dir_cnt == 1)? "directory": "directories"); |
386 | 385 | ||
diff --git a/src/firejail/fs_lib2.c b/src/firejail/fs_lib2.c index b2ae07f3e..758e079a4 100644 --- a/src/firejail/fs_lib2.c +++ b/src/firejail/fs_lib2.c | |||
@@ -30,6 +30,7 @@ extern void fslib_copy_dir(const char *full_path); | |||
30 | //*************************************************************** | 30 | //*************************************************************** |
31 | // standard libc libraries based on Debian's libc6 package | 31 | // standard libc libraries based on Debian's libc6 package |
32 | // selinux seems to be linked in most command line utilities | 32 | // selinux seems to be linked in most command line utilities |
33 | // libpcre2 is a dependency of selinux | ||
33 | // locale (/usr/lib/locale) - without it, the program will default to "C" locale | 34 | // locale (/usr/lib/locale) - without it, the program will default to "C" locale |
34 | typedef struct liblist_t { | 35 | typedef struct liblist_t { |
35 | const char *name; | 36 | const char *name; |
@@ -38,6 +39,7 @@ typedef struct liblist_t { | |||
38 | 39 | ||
39 | static LibList libc_list[] = { | 40 | static LibList libc_list[] = { |
40 | { "libselinux.so.", 0 }, | 41 | { "libselinux.so.", 0 }, |
42 | { "libpcre2-8.so.", 0 }, | ||
41 | { "libapparmor.so.", 0}, | 43 | { "libapparmor.so.", 0}, |
42 | { "ld-linux-x86-64.so.", 0 }, | 44 | { "ld-linux-x86-64.so.", 0 }, |
43 | { "libanl.so.", 0 }, | 45 | { "libanl.so.", 0 }, |
@@ -104,16 +106,19 @@ static void stdc(const char *dirname) { | |||
104 | 106 | ||
105 | void fslib_install_stdc(void) { | 107 | void fslib_install_stdc(void) { |
106 | // install standard C libraries | 108 | // install standard C libraries |
109 | timetrace_start(); | ||
107 | struct stat s; | 110 | struct stat s; |
108 | char *stdclib = "/lib64"; // CentOS, Fedora, Arch | 111 | char *stdclib = "/lib64"; // CentOS, Fedora, Arch |
109 | 112 | ||
110 | if (stat("/lib/x86_64-linux-gnu", &s) == 0) { // Debian & friends | 113 | if (stat("/lib/x86_64-linux-gnu", &s) == 0) { // Debian & friends |
114 | // PT_INTERP | ||
115 | fslib_duplicate("/lib64/ld-linux-x86-64.so.2"); | ||
116 | |||
111 | mkdir_attr(RUN_LIB_DIR "/x86_64-linux-gnu", 0755, 0, 0); | 117 | mkdir_attr(RUN_LIB_DIR "/x86_64-linux-gnu", 0755, 0, 0); |
112 | selinux_relabel_path(RUN_LIB_DIR "/x86_64-linux-gnu", "/lib/x86_64-linux-gnu"); | 118 | selinux_relabel_path(RUN_LIB_DIR "/x86_64-linux-gnu", "/lib/x86_64-linux-gnu"); |
113 | stdclib = "/lib/x86_64-linux-gnu"; | 119 | stdclib = "/lib/x86_64-linux-gnu"; |
114 | } | 120 | } |
115 | 121 | ||
116 | timetrace_start(); | ||
117 | stdc(stdclib); | 122 | stdc(stdclib); |
118 | 123 | ||
119 | // install locale | 124 | // install locale |