shell none set as default (2)

2 files changed, 32 insertions, 19 deletions

diff --git a/src/firejail/main.c b/src/firejail/main.c
index 640605a6c..200a510a3 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -157,6 +157,7 @@ int arg_dbus_log_user = 0;
 int arg_dbus_log_system = 0;
 int arg_tab = 0;
 int login_shell = 0;
+int just_run_the_shell = 0;
 
 int parent_to_child_fds[2];
 int child_to_parent_fds[2];
@@ -795,15 +796,10 @@ static void run_cmd_and_exit(int i, int argc, char **argv) {
                 if (checkcfg(CFG_JOIN) || getuid() == 0) {
                         logargs(argc, argv);
 
-                        if (arg_shell_none) {
-                                if (argc <= (i+1)) {
-                                        fprintf(stderr, "Error: --shell=none set, but no command specified\n");
-                                        exit(1);
-                                }
-                                cfg.original_program_index = i + 1;
-                        }
-
-                        if (!cfg.shell && !arg_shell_none)
+                        if (argc <= (i+1))
+                                just_run_the_shell = 1;
+                        cfg.original_program_index = i + 1;
+                        if (!cfg.shell)
                                 cfg.shell = cfg.usershell;
 
                         // join sandbox by pid or by name
@@ -821,19 +817,17 @@ static void run_cmd_and_exit(int i, int argc, char **argv) {
                 if (checkcfg(CFG_JOIN) || getuid() == 0) {
                         logargs(argc, argv);
 
-                        if (arg_shell_none) {
-                                if (argc <= (i+1)) {
-                                        fprintf(stderr, "Error: --shell=none set, but no command specified\n");
-                                        exit(1);
-                                }
-                                cfg.original_program_index = i + 1;
-                        }
+                        if (argc <= (i+1))
+                                just_run_the_shell = 1;
+                        cfg.original_program_index = i + 1;
+
+                        if (!cfg.shell)
+                                cfg.shell = cfg.usershell;
 
+printf("***** %d\n", just_run_the_shell);
                         // try to join by name only
                         pid_t pid;
                         if (!read_pid(argv[i] + 16, &pid)) {
-                                if (!cfg.shell && !arg_shell_none)
-                                        cfg.shell = cfg.usershell;
 
                                 join(pid, argc, argv, i + 1);
                                 exit(0);
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c
index 4ad9eb678..7f74635ec 100644
--- a/src/firejail/sandbox.c
+++ b/src/firejail/sandbox.c
@@ -51,6 +51,7 @@
 #endif
 
 static int force_nonewprivs = 0;
+extern int just_run_the_shell;
 
 static int monitored_pid = 0;
 static void sandbox_handler(int sig){
@@ -506,10 +507,28 @@ void start_application(int no_sandbox, int fd, char *set_sandbox_status) {
                 printf("LD_PRELOAD=%s\n", getenv("LD_PRELOAD"));
         }
 
+        if (just_run_the_shell) {
+                char *arg[2];
+                arg[0] = cfg.usershell;
+                arg[1] = NULL;
+
+                if (!arg_command && !arg_quiet)
+                        print_time();
+
+                __gcov_dump();
+
+                seccomp_install_filters();
+
+                if (set_sandbox_status)
+                        *set_sandbox_status = SANDBOX_DONE;
+                execvp(arg[0], arg);
+
+
+        }
         //****************************************
         // start the program without using a shell
         //****************************************
-        if (arg_shell_none) {
+        else if (arg_shell_none) {
                 if (arg_debug) {
                         int i;
                         for (i = cfg.original_program_index; i < cfg.original_argc; i++) {