Add gdb-firejail.sh to contrib for easy debugging of firejail with gdb.

author: Glenn Washburn <development@efficientek.com> 2019-07-09 16:41:34 -0500
committer: Glenn Washburn <development@efficientek.com> 2019-07-09 16:41:34 -0500
commit: 5e09cfb4f901d944c0418fcb041d4e96448028a2 (patch)
tree: a2d128dc02a152741dbb9561d2051e42d5860959 /contrib/gdb-firejail.sh
parent: Sort private-bin in obs.profile (#2848) (diff)
download: firejail-5e09cfb4f901d944c0418fcb041d4e96448028a2.tar.gz
firejail-5e09cfb4f901d944c0418fcb041d4e96448028a2.tar.zst
firejail-5e09cfb4f901d944c0418fcb041d4e96448028a2.zip
1 files changed, 21 insertions, 0 deletions
diff --git a/contrib/gdb-firejail.sh b/contrib/gdb-firejail.sh
new file mode 100755
index 000000000..3ee3fffb3
--- /dev/null
+++ b/contrib/gdb-firejail.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+set -x
+# gdb setuid helper script.
+# This script forks a background process as the current user which will
+# immediately send itself a `STOP` signal.  Then gdb running as root will
+# attach to that process, which will send it the `CONT` signal to continue
+# execution.  Then the backgrounded process will exec the program with the
+# given arguments.  This will allow the root gdb to trace the unprivileged
+# setuid firejail process from the absolute beginning.
+if [ -z "${1##*/firejail}" ]; then
+    FIREJAIL=$1
+else
+    # First argument is not named firejail, then add default unless environment
+    # variable already set.
+    set -- ${FIREJAIL:=$(which firejail)} "$@"
+fi
+bash -c "kill -STOP \$\$; exec \"\$0\" \"\$@\"" "$@" &
+sudo gdb -e  "$FIREJAIL" -p "$!"
+\ No newline at end of file
author	Glenn Washburn <development@efficientek.com>	2019-07-09 16:41:34 -0500
committer	Glenn Washburn <development@efficientek.com>	2019-07-09 16:41:34 -0500
commit	5e09cfb4f901d944c0418fcb041d4e96448028a2 (patch)
tree	a2d128dc02a152741dbb9561d2051e42d5860959 /contrib/gdb-firejail.sh
parent	Sort private-bin in obs.profile (#2848) (diff)
download	firejail-5e09cfb4f901d944c0418fcb041d4e96448028a2.tar.gz firejail-5e09cfb4f901d944c0418fcb041d4e96448028a2.tar.zst firejail-5e09cfb4f901d944c0418fcb041d4e96448028a2.zip

diff --git a/contrib/gdb-firejail.sh b/contrib/gdb-firejail.sh new file mode 100755 index 000000000..3ee3fffb3 --- /dev/null +++ b/contrib/gdb-firejail.sh
@@ -0,0 +1,21 @@
	1	#!/bin/bash
	2	set -x
	3
	4	# gdb setuid helper script.
	5	# This script forks a background process as the current user which will
	6	# immediately send itself a `STOP` signal. Then gdb running as root will
	7	# attach to that process, which will send it the `CONT` signal to continue
	8	# execution. Then the backgrounded process will exec the program with the
	9	# given arguments. This will allow the root gdb to trace the unprivileged
	10	# setuid firejail process from the absolute beginning.
	11
	12	if [ -z "${1##*/firejail}" ]; then
	13	FIREJAIL=$1
	14	else
	15	# First argument is not named firejail, then add default unless environment
	16	# variable already set.
	17	set -- ${FIREJAIL:=$(which firejail)} "$@"
	18	fi
	19
	20	bash -c "kill -STOP \$\$; exec \"\$0\" \"\$@\"" "$@" &
	21	sudo gdb -e "$FIREJAIL" -p "$!" \ No newline at end of file