add support for sandbox name in profile files

7 files changed, 41 insertions, 17 deletions

diff --git a/README.md b/README.md
index 2fc91a0f2..33b0bfe72 100644
--- a/README.md
+++ b/README.md
@@ -137,3 +137,5 @@ $ firejail --profile-path=~/myprofiles
 `````
 
 ### Debian reproductible build
+
+### Added "name" and "hostname" command support in profile files
diff --git a/RELNOTES b/RELNOTES
index 2383b3a71..655f3309e 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -20,6 +20,7 @@ firejail (0.9.36-rc1) baseline; urgency=low
   * filesystem log
   * libtrace enhancements, tracing opendir call
   * added --tracelog option
+  * added "name" command to profile files
   * added "hostname" command to profile files
   * added automated feature testing framework
   * Debian reproductible build
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c
index 4a1990382..356807acf 100644
--- a/src/firejail/sandbox.c
+++ b/src/firejail/sandbox.c
@@ -276,9 +276,9 @@ int sandbox(void* sandbox_arg) {
         //****************************
         // log sandbox data
         //****************************
-        fs_logger2int("sandbox pid:", (int) sandbox_pid);
         if (cfg.name)
                 fs_logger2("sandbox name:", cfg.name);
+        fs_logger2int("sandbox pid:", (int) sandbox_pid);
         if (cfg.chrootdir)
                 fs_logger("sandbox filesystem: chroot");
         else if (arg_overlay)   
diff --git a/src/lib/common.c b/src/lib/common.c
index 7d2ee5362..90cee3e10 100644
--- a/src/lib/common.c
+++ b/src/lib/common.c
@@ -31,6 +31,7 @@
 #include <dirent.h>
 #include <string.h>
 #include "../include/common.h"
+#define BUFLEN 4096
 
 int join_namespace(pid_t pid, char *type) {
         char *path;
@@ -100,6 +101,32 @@ int name2pid(const char *name, pid_t *pid) {
                         char *start = ptr;
                         if (!ptr) {
                                 free(cmd);
+                                
+                                // extract name for /run/mnt/firejail/fslogger file
+                                char *fname;
+                                if (asprintf(&fname, "/proc/%d/root/run/firejail/mnt/fslogger", newpid) == -1)
+                                        errExit("asprintf");
+
+                                struct stat s;
+                                if (stat(fname, &s) == 0) {
+                                        FILE *fp = fopen(fname, "r");
+                                        if (fp) {
+                                                char buf[BUFLEN];
+                                                if (fgets(buf, BUFLEN, fp)) {
+                                                        if (strncmp(buf, "sandbox name: ", 14) == 0) {
+                                                                char *ptr2 = buf + 14;
+                                                                if (strncmp(name, ptr2, strlen(name)) == 0) {
+                                                                        fclose(fp);
+                                                                        *pid = newpid;
+                                                                        closedir(dir);
+                                                                        return 0;
+                                                                }
+                                                        }
+                                                }
+                                                fclose(fp);
+                                        }
+                                }       
+                                
                                 continue;
                         }
                         while (*ptr != ' ' && *ptr != '\t' && *ptr != '\0')
@@ -119,7 +146,6 @@ int name2pid(const char *name, pid_t *pid) {
         return 1;
 }
 
-#define BUFLEN 4096
 char *pid_proc_comm(const pid_t pid) {
         // open /proc/pid/cmdline file
         char *fname;
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index e9cb1aa49..59d4a81ae 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -233,6 +233,13 @@ cgroup /sys/fs/cgroup/g1/tasks
 The sandbox is placed in g1 control group.
 
 .SH User Environment
+.TP
+\fBname sandboxname
+Set sandbox name. Example:
+.br
+
+.br
+name browser
 
 .TP
 \fBenv name=value
diff --git a/test/features/2.2.exp b/test/features/2.2.exp
index 7dc1e6a7d..c562328fd 100755
--- a/test/features/2.2.exp
+++ b/test/features/2.2.exp
@@ -27,10 +27,6 @@ expect {
         "google.com"
 }
 expect {
-        timeout {puts "TESTING ERROR 1.2\n";exit}
-        "google.com"
-}
-expect {
         timeout {puts "TESTING ERROR 1.3\n";exit}
         "SERVER: 4.2.2.1"
 }
@@ -59,10 +55,6 @@ expect {
         "google.com"
 }
 expect {
-        timeout {puts "TESTING ERROR 3.2\n";exit}
-        "google.com"
-}
-expect {
         timeout {puts "TESTING ERROR 3.3\n";exit}
         "SERVER: 4.2.2.1"
 }
@@ -90,10 +82,6 @@ expect {
         "google.com"
 }
 expect {
-        timeout {puts "TESTING ERROR 5.2\n";exit}
-        "google.com"
-}
-expect {
         timeout {puts "TESTING ERROR 5.3\n";exit}
         "SERVER: 4.2.2.1"
 }
diff --git a/test/seccomp-bad-empty.exp b/test/seccomp-bad-empty.exp
index 53b5c2e21..631d67743 100755
--- a/test/seccomp-bad-empty.exp
+++ b/test/seccomp-bad-empty.exp
@@ -25,14 +25,14 @@ expect {
 send --  "firejail --profile=seccomp-bad-empty.profile\r"
 expect {
         timeout {puts "TESTING ERROR 6\n";exit}
-        "Error: line 1 in the custom profile is invalid"
+        "Error: line 1 in seccomp-bad-empty.profile is invalid"
 }
 
 send --  "firejail --profile=seccomp-bad-empty2.profile\r"
 expect {
         timeout {puts "TESTING ERROR 7\n";exit}
-        "Error: line 1 in the custom profile is invalid"
+        "Error: line 1 in seccomp-bad-empty2.profile is invalid"
 }
 sleep 1
-puts "\n"
+puts "\nall done\n"