diff options
author | Kristóf Marussy <kris7topher@gmail.com> | 2020-05-04 19:11:54 +0200 |
---|---|---|
committer | Kristóf Marussy <kristof@marussy.com> | 2020-05-07 01:56:40 +0200 |
commit | 416d385ea749d59529d5624de87a0c5c1b44cdb6 (patch) | |
tree | ac2ef6934fa84f5088c949594eb6ffd7da6f6b76 /src/firejail/dbus.c | |
parent | Add dbus-*.call and dbus-*.broadcast commands (diff) | |
download | firejail-416d385ea749d59529d5624de87a0c5c1b44cdb6.tar.gz firejail-416d385ea749d59529d5624de87a0c5c1b44cdb6.tar.zst firejail-416d385ea749d59529d5624de87a0c5c1b44cdb6.zip |
Add options for D-Bus logging
--dbus-user.log and --dbus-system.log instruct xdg-dbus-proxy to log
interactions with the session and system buses, respectively.
--dbus-log= can specify the location of the log file. If no location is
specified, log output is written to stdout.
Diffstat (limited to 'src/firejail/dbus.c')
-rw-r--r-- | src/firejail/dbus.c | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/src/firejail/dbus.c b/src/firejail/dbus.c index 5b47567e2..18576612d 100644 --- a/src/firejail/dbus.c +++ b/src/firejail/dbus.c | |||
@@ -285,6 +285,8 @@ static char *find_user_socket(void) { | |||
285 | void dbus_proxy_start(void) { | 285 | void dbus_proxy_start(void) { |
286 | dbus_create_user_dir(); | 286 | dbus_create_user_dir(); |
287 | 287 | ||
288 | EUID_USER(); | ||
289 | |||
288 | int status_pipe[2]; | 290 | int status_pipe[2]; |
289 | if (pipe(status_pipe) == -1) | 291 | if (pipe(status_pipe) == -1) |
290 | errExit("pipe"); | 292 | errExit("pipe"); |
@@ -299,10 +301,21 @@ void dbus_proxy_start(void) { | |||
299 | errExit("fork"); | 301 | errExit("fork"); |
300 | if (dbus_proxy_pid == 0) { | 302 | if (dbus_proxy_pid == 0) { |
301 | int i; | 303 | int i; |
302 | for (i = 3; i < FIREJAIL_MAX_FD; i++) { | 304 | for (i = STDERR_FILENO + 1; i < FIREJAIL_MAX_FD; i++) { |
303 | if (i != status_pipe[1] && i != args_pipe[0]) | 305 | if (i != status_pipe[1] && i != args_pipe[0]) |
304 | close(i); // close open files | 306 | close(i); // close open files |
305 | } | 307 | } |
308 | if (arg_dbus_log_file != NULL) { | ||
309 | int output_fd = creat(arg_dbus_log_file, 0666); | ||
310 | if (output_fd < 0) | ||
311 | errExit("creat"); | ||
312 | if (output_fd != STDOUT_FILENO) { | ||
313 | if (dup2(output_fd, STDOUT_FILENO) != STDOUT_FILENO) | ||
314 | errExit("dup2"); | ||
315 | close(output_fd); | ||
316 | } | ||
317 | } | ||
318 | close(STDIN_FILENO); | ||
306 | char *args[4] = {XDG_DBUS_PROXY_PATH, NULL, NULL, NULL}; | 319 | char *args[4] = {XDG_DBUS_PROXY_PATH, NULL, NULL, NULL}; |
307 | if (asprintf(&args[1], "--fd=%d", status_pipe[1]) == -1 | 320 | if (asprintf(&args[1], "--fd=%d", status_pipe[1]) == -1 |
308 | || asprintf(&args[2], "--args=%d", args_pipe[0]) == -1) | 321 | || asprintf(&args[2], "--args=%d", args_pipe[0]) == -1) |
@@ -328,6 +341,9 @@ void dbus_proxy_start(void) { | |||
328 | (int) getuid(), (int) getpid()) == -1) | 341 | (int) getuid(), (int) getpid()) == -1) |
329 | errExit("asprintf"); | 342 | errExit("asprintf"); |
330 | write_arg(args_pipe[1], "%s", dbus_user_proxy_socket); | 343 | write_arg(args_pipe[1], "%s", dbus_user_proxy_socket); |
344 | if (arg_dbus_log_user) { | ||
345 | write_arg(args_pipe[1], "--log"); | ||
346 | } | ||
331 | write_arg(args_pipe[1], "--filter"); | 347 | write_arg(args_pipe[1], "--filter"); |
332 | write_profile(args_pipe[1], "dbus-user."); | 348 | write_profile(args_pipe[1], "dbus-user."); |
333 | } | 349 | } |
@@ -344,6 +360,9 @@ void dbus_proxy_start(void) { | |||
344 | (int) getuid(), (int) getpid()) == -1) | 360 | (int) getuid(), (int) getpid()) == -1) |
345 | errExit("asprintf"); | 361 | errExit("asprintf"); |
346 | write_arg(args_pipe[1], "%s", dbus_system_proxy_socket); | 362 | write_arg(args_pipe[1], "%s", dbus_system_proxy_socket); |
363 | if (arg_dbus_log_system) { | ||
364 | write_arg(args_pipe[1], "--log"); | ||
365 | } | ||
347 | write_arg(args_pipe[1], "--filter"); | 366 | write_arg(args_pipe[1], "--filter"); |
348 | write_profile(args_pipe[1], "dbus-system."); | 367 | write_profile(args_pipe[1], "dbus-system."); |
349 | } | 368 | } |