diff options
author | curiosity-seeker <my-github@mailbox.org> | 2019-06-14 12:49:21 +0200 |
---|---|---|
committer | Vincent43 <31109921+Vincent43@users.noreply.github.com> | 2019-06-14 10:49:21 +0000 |
commit | cedf414da537cc308f4e5a909266ad2555ecfb86 (patch) | |
tree | ebdd6a760bda376bbe44a444c97b4eaf4be86f75 /contrib | |
parent | New profiles: newsbeuter, keepassxc-{cli,proxy} (diff) | |
download | firejail-cedf414da537cc308f4e5a909266ad2555ecfb86.tar.gz firejail-cedf414da537cc308f4e5a909266ad2555ecfb86.tar.zst firejail-cedf414da537cc308f4e5a909266ad2555ecfb86.zip |
Create syscalls file (#2754)
* Create syscalls file
A little script to determine the necessary syscalls for a program.
Diffstat (limited to 'contrib')
-rw-r--r-- | contrib/syscalls.sh | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/contrib/syscalls.sh b/contrib/syscalls.sh new file mode 100644 index 000000000..9ab6acf5b --- /dev/null +++ b/contrib/syscalls.sh | |||
@@ -0,0 +1,30 @@ | |||
1 | #!/bin/bash | ||
2 | |||
3 | STRACE_OUTPUT_FILE="$(pwd)/strace_output.txt" | ||
4 | SYSCALLS_OUTPUT_FILE="$(pwd)/syscalls.txt" | ||
5 | |||
6 | if [ $# -eq 0 ] | ||
7 | then | ||
8 | echo | ||
9 | echo " *** No program specified!!! ***" | ||
10 | echo | ||
11 | echo -e "Make this file executable and execute it as:\\n" | ||
12 | echo -e "\\e[96m syscalls.sh /full/path/to/program\\n" | ||
13 | echo -e "\\e[39mif you saved this script in a directory in your PATH (e.g., in ${HOME}/bin), otherwise as:\\n" | ||
14 | echo -e "\\e[96m ./syscalls.sh /full/path/to/program\\n" | ||
15 | echo -e "\\e[39mUse the full path to the respective program to avoid executing it sandboxed with Firejail\\n(if a Firejail profile for it already exits and 'sudo firecfg' was executed earlier)\\nin order to determine the necessary system calls." | ||
16 | echo | ||
17 | exit 0 | ||
18 | |||
19 | else | ||
20 | |||
21 | strace -cfo "$STRACE_OUTPUT_FILE" "$@" && awk '{print $NF}' "$STRACE_OUTPUT_FILE" | sed '/syscall\|-\|total/d' | sort -u | awk -vORS=, '{ print $1 }' | sed 's/,$/\n/' > "$SYSCALLS_OUTPUT_FILE" | ||
22 | echo | ||
23 | echo -e "\e[39mThese are the sorted syscalls:\n\e[93m" | ||
24 | cat "$SYSCALLS_OUTPUT_FILE" | ||
25 | echo | ||
26 | echo -e "\e[39mThe sorted syscalls were saved to:\n\n\e[96m$SYSCALLS_OUTPUT_FILE" | ||
27 | echo | ||
28 | exit 0 | ||
29 | |||
30 | fi | ||