diff options
| author |  Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2017-05-24 14:13:52 -0500 |
|---|---|---|
| committer | Fred Barclay <Fred-Barclay@users.noreply.github.com> | 2017-05-24 14:13:52 -0500 |
| commit | 96c920e166b40bbe50f216e294f2efac154a1cb2 (patch) | |
| tree | fa80a34e81863ab897f2f2b8ec4124b10d023516 /src/firejail/fs_home.c | |
| parent | remove trailing whitespace from etc/ (diff) | |
| download | firejail-96c920e166b40bbe50f216e294f2efac154a1cb2.tar.gz firejail-96c920e166b40bbe50f216e294f2efac154a1cb2.tar.zst firejail-96c920e166b40bbe50f216e294f2efac154a1cb2.zip | |
Remove trailing whitespace from src/
Diffstat (limited to 'src/firejail/fs_home.c')
| -rw-r--r-- | src/firejail/fs_home.c | 40 |
1 files changed, 20 insertions, 20 deletions
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c index 70f0388e6..e5e068583 100644 --- a/src/firejail/fs_home.c +++ b/src/firejail/fs_home.c | |||
| @@ -63,7 +63,7 @@ static void skel(const char *homedir, uid_t u, gid_t g) { | |||
| 63 | if (asprintf(&fname, "%s/.cshrc", homedir) == -1) | 63 | if (asprintf(&fname, "%s/.cshrc", homedir) == -1) |
| 64 | errExit("asprintf"); | 64 | errExit("asprintf"); |
| 65 | struct stat s; | 65 | struct stat s; |
| 66 | 66 | ||
| 67 | // don't copy it if we already have the file | 67 | // don't copy it if we already have the file |
| 68 | if (stat(fname, &s) == 0) | 68 | if (stat(fname, &s) == 0) |
| 69 | return; | 69 | return; |
| @@ -88,7 +88,7 @@ static void skel(const char *homedir, uid_t u, gid_t g) { | |||
| 88 | errExit("asprintf"); | 88 | errExit("asprintf"); |
| 89 | struct stat s; | 89 | struct stat s; |
| 90 | // don't copy it if we already have the file | 90 | // don't copy it if we already have the file |
| 91 | if (stat(fname, &s) == 0) | 91 | if (stat(fname, &s) == 0) |
| 92 | return; | 92 | return; |
| 93 | if (is_link(fname)) { // stat on dangling symlinks fails, try again using lstat | 93 | if (is_link(fname)) { // stat on dangling symlinks fails, try again using lstat |
| 94 | fprintf(stderr, "Error: invalid %s file\n", fname); | 94 | fprintf(stderr, "Error: invalid %s file\n", fname); |
| @@ -113,10 +113,10 @@ static int store_xauthority(void) { | |||
| 113 | SET_PERMS_STREAM(fp, getuid(), getgid(), 0600); | 113 | SET_PERMS_STREAM(fp, getuid(), getgid(), 0600); |
| 114 | fclose(fp); | 114 | fclose(fp); |
| 115 | } | 115 | } |
| 116 | 116 | ||
| 117 | if (asprintf(&src, "%s/.Xauthority", cfg.homedir) == -1) | 117 | if (asprintf(&src, "%s/.Xauthority", cfg.homedir) == -1) |
| 118 | errExit("asprintf"); | 118 | errExit("asprintf"); |
| 119 | 119 | ||
| 120 | struct stat s; | 120 | struct stat s; |
| 121 | if (stat(src, &s) == 0) { | 121 | if (stat(src, &s) == 0) { |
| 122 | if (is_link(src)) { | 122 | if (is_link(src)) { |
| @@ -128,7 +128,7 @@ static int store_xauthority(void) { | |||
| 128 | fs_logger2("clone", dest); | 128 | fs_logger2("clone", dest); |
| 129 | return 1; // file copied | 129 | return 1; // file copied |
| 130 | } | 130 | } |
| 131 | 131 | ||
| 132 | return 0; | 132 | return 0; |
| 133 | } | 133 | } |
| 134 | 134 | ||
| @@ -143,10 +143,10 @@ static int store_asoundrc(void) { | |||
| 143 | SET_PERMS_STREAM(fp, getuid(), getgid(), 0644); | 143 | SET_PERMS_STREAM(fp, getuid(), getgid(), 0644); |
| 144 | fclose(fp); | 144 | fclose(fp); |
| 145 | } | 145 | } |
| 146 | 146 | ||
| 147 | if (asprintf(&src, "%s/.asoundrc", cfg.homedir) == -1) | 147 | if (asprintf(&src, "%s/.asoundrc", cfg.homedir) == -1) |
| 148 | errExit("asprintf"); | 148 | errExit("asprintf"); |
| 149 | 149 | ||
| 150 | struct stat s; | 150 | struct stat s; |
| 151 | if (stat(src, &s) == 0) { | 151 | if (stat(src, &s) == 0) { |
| 152 | if (is_link(src)) { | 152 | if (is_link(src)) { |
| @@ -168,7 +168,7 @@ static int store_asoundrc(void) { | |||
| 168 | fs_logger2("clone", dest); | 168 | fs_logger2("clone", dest); |
| 169 | return 1; // file copied | 169 | return 1; // file copied |
| 170 | } | 170 | } |
| 171 | 171 | ||
| 172 | return 0; | 172 | return 0; |
| 173 | } | 173 | } |
| 174 | 174 | ||
| @@ -178,7 +178,7 @@ static void copy_xauthority(void) { | |||
| 178 | char *dest; | 178 | char *dest; |
| 179 | if (asprintf(&dest, "%s/.Xauthority", cfg.homedir) == -1) | 179 | if (asprintf(&dest, "%s/.Xauthority", cfg.homedir) == -1) |
| 180 | errExit("asprintf"); | 180 | errExit("asprintf"); |
| 181 | 181 | ||
| 182 | // if destination is a symbolic link, exit the sandbox!!! | 182 | // if destination is a symbolic link, exit the sandbox!!! |
| 183 | if (is_link(dest)) { | 183 | if (is_link(dest)) { |
| 184 | fprintf(stderr, "Error: %s is a symbolic link\n", dest); | 184 | fprintf(stderr, "Error: %s is a symbolic link\n", dest); |
| @@ -187,7 +187,7 @@ static void copy_xauthority(void) { | |||
| 187 | 187 | ||
| 188 | copy_file_as_user(src, dest, getuid(), getgid(), S_IRUSR | S_IWUSR); // regular user | 188 | copy_file_as_user(src, dest, getuid(), getgid(), S_IRUSR | S_IWUSR); // regular user |
| 189 | fs_logger2("clone", dest); | 189 | fs_logger2("clone", dest); |
| 190 | 190 | ||
| 191 | // delete the temporary file | 191 | // delete the temporary file |
| 192 | unlink(src); | 192 | unlink(src); |
| 193 | } | 193 | } |
| @@ -198,7 +198,7 @@ static void copy_asoundrc(void) { | |||
| 198 | char *dest; | 198 | char *dest; |
| 199 | if (asprintf(&dest, "%s/.asoundrc", cfg.homedir) == -1) | 199 | if (asprintf(&dest, "%s/.asoundrc", cfg.homedir) == -1) |
| 200 | errExit("asprintf"); | 200 | errExit("asprintf"); |
| 201 | 201 | ||
| 202 | // if destination is a symbolic link, exit the sandbox!!! | 202 | // if destination is a symbolic link, exit the sandbox!!! |
| 203 | if (is_link(dest)) { | 203 | if (is_link(dest)) { |
| 204 | fprintf(stderr, "Error: %s is a symbolic link\n", dest); | 204 | fprintf(stderr, "Error: %s is a symbolic link\n", dest); |
| @@ -222,10 +222,10 @@ void fs_private_homedir(void) { | |||
| 222 | char *private_homedir = cfg.home_private; | 222 | char *private_homedir = cfg.home_private; |
| 223 | assert(homedir); | 223 | assert(homedir); |
| 224 | assert(private_homedir); | 224 | assert(private_homedir); |
| 225 | 225 | ||
| 226 | int xflag = store_xauthority(); | 226 | int xflag = store_xauthority(); |
| 227 | int aflag = store_asoundrc(); | 227 | int aflag = store_asoundrc(); |
| 228 | 228 | ||
| 229 | uid_t u = getuid(); | 229 | uid_t u = getuid(); |
| 230 | gid_t g = getgid(); | 230 | gid_t g = getgid(); |
| 231 | 231 | ||
| @@ -258,7 +258,7 @@ void fs_private_homedir(void) { | |||
| 258 | errExit("mounting home directory"); | 258 | errExit("mounting home directory"); |
| 259 | fs_logger("tmpfs /home"); | 259 | fs_logger("tmpfs /home"); |
| 260 | } | 260 | } |
| 261 | 261 | ||
| 262 | 262 | ||
| 263 | skel(homedir, u, g); | 263 | skel(homedir, u, g); |
| 264 | if (xflag) | 264 | if (xflag) |
| @@ -309,7 +309,7 @@ void fs_private(void) { | |||
| 309 | errExit("chown"); | 309 | errExit("chown"); |
| 310 | fs_logger2("mkdir", homedir); | 310 | fs_logger2("mkdir", homedir); |
| 311 | } | 311 | } |
| 312 | 312 | ||
| 313 | skel(homedir, u, g); | 313 | skel(homedir, u, g); |
| 314 | if (xflag) | 314 | if (xflag) |
| 315 | copy_xauthority(); | 315 | copy_xauthority(); |
| @@ -322,12 +322,12 @@ void fs_private(void) { | |||
| 322 | void fs_check_private_dir(void) { | 322 | void fs_check_private_dir(void) { |
| 323 | EUID_ASSERT(); | 323 | EUID_ASSERT(); |
| 324 | invalid_filename(cfg.home_private); | 324 | invalid_filename(cfg.home_private); |
| 325 | 325 | ||
| 326 | // Expand the home directory | 326 | // Expand the home directory |
| 327 | char *tmp = expand_home(cfg.home_private, cfg.homedir); | 327 | char *tmp = expand_home(cfg.home_private, cfg.homedir); |
| 328 | cfg.home_private = realpath(tmp, NULL); | 328 | cfg.home_private = realpath(tmp, NULL); |
| 329 | free(tmp); | 329 | free(tmp); |
| 330 | 330 | ||
| 331 | if (!cfg.home_private | 331 | if (!cfg.home_private |
| 332 | || !is_dir(cfg.home_private) | 332 | || !is_dir(cfg.home_private) |
| 333 | || is_link(cfg.home_private) | 333 | || is_link(cfg.home_private) |
| @@ -383,7 +383,7 @@ static char *check_dir_or_file(const char *name) { | |||
| 383 | // we allow only files in user home directory or symbolic links to files or directories owned by the user | 383 | // we allow only files in user home directory or symbolic links to files or directories owned by the user |
| 384 | struct stat s; | 384 | struct stat s; |
| 385 | if (lstat(fname, &s) == 0 && S_ISLNK(s.st_mode)) { | 385 | if (lstat(fname, &s) == 0 && S_ISLNK(s.st_mode)) { |
| 386 | if (stat(fname, &s) == 0) { | 386 | if (stat(fname, &s) == 0) { |
| 387 | if (s.st_uid != getuid()) { | 387 | if (s.st_uid != getuid()) { |
| 388 | fprintf(stderr, "Error: symbolic link %s to file or directory not owned by the user\n", fname); | 388 | fprintf(stderr, "Error: symbolic link %s to file or directory not owned by the user\n", fname); |
| 389 | exit(1); | 389 | exit(1); |
| @@ -404,7 +404,7 @@ static char *check_dir_or_file(const char *name) { | |||
| 404 | fprintf(stderr, "Error: invalid file %s\n", name); | 404 | fprintf(stderr, "Error: invalid file %s\n", name); |
| 405 | exit(1); | 405 | exit(1); |
| 406 | } | 406 | } |
| 407 | 407 | ||
| 408 | // only top files and directories in user home are allowed | 408 | // only top files and directories in user home are allowed |
| 409 | char *ptr = rname + strlen(cfg.homedir); | 409 | char *ptr = rname + strlen(cfg.homedir); |
| 410 | assert(*ptr != '\0'); | 410 | assert(*ptr != '\0'); |
| @@ -480,7 +480,7 @@ void fs_private_home_list(void) { | |||
| 480 | char *dlist = strdup(cfg.home_private_keep); | 480 | char *dlist = strdup(cfg.home_private_keep); |
| 481 | if (!dlist) | 481 | if (!dlist) |
| 482 | errExit("strdup"); | 482 | errExit("strdup"); |
| 483 | 483 | ||
| 484 | char *ptr = strtok(dlist, ","); | 484 | char *ptr = strtok(dlist, ","); |
| 485 | duplicate(ptr); | 485 | duplicate(ptr); |
| 486 | while ((ptr = strtok(NULL, ",")) != NULL) | 486 | while ((ptr = strtok(NULL, ",")) != NULL) |