diff options
author | Kristóf Marussy <kris7topher@gmail.com> | 2020-05-04 19:11:54 +0200 |
---|---|---|
committer | Kristóf Marussy <kristof@marussy.com> | 2020-05-07 01:56:40 +0200 |
commit | 416d385ea749d59529d5624de87a0c5c1b44cdb6 (patch) | |
tree | ac2ef6934fa84f5088c949594eb6ffd7da6f6b76 /src/firejail/main.c | |
parent | Add dbus-*.call and dbus-*.broadcast commands (diff) | |
download | firejail-416d385ea749d59529d5624de87a0c5c1b44cdb6.tar.gz firejail-416d385ea749d59529d5624de87a0c5c1b44cdb6.tar.zst firejail-416d385ea749d59529d5624de87a0c5c1b44cdb6.zip |
Add options for D-Bus logging
--dbus-user.log and --dbus-system.log instruct xdg-dbus-proxy to log
interactions with the session and system buses, respectively.
--dbus-log= can specify the location of the log file. If no location is
specified, log output is written to stdout.
Diffstat (limited to 'src/firejail/main.c')
-rw-r--r-- | src/firejail/main.c | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index 8d60d3790..e458d16f4 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -148,6 +148,9 @@ int arg_nou2f = 0; // --nou2f | |||
148 | int arg_deterministic_exit_code = 0; // always exit with first child's exit status | 148 | int arg_deterministic_exit_code = 0; // always exit with first child's exit status |
149 | DbusPolicy arg_dbus_user = DBUS_POLICY_ALLOW; // --dbus-user | 149 | DbusPolicy arg_dbus_user = DBUS_POLICY_ALLOW; // --dbus-user |
150 | DbusPolicy arg_dbus_system = DBUS_POLICY_ALLOW; // --dbus-system | 150 | DbusPolicy arg_dbus_system = DBUS_POLICY_ALLOW; // --dbus-system |
151 | const char *arg_dbus_log_file = NULL; | ||
152 | int arg_dbus_log_user = 0; | ||
153 | int arg_dbus_log_system = 0; | ||
151 | int login_shell = 0; | 154 | int login_shell = 0; |
152 | 155 | ||
153 | //********************************************************************************** | 156 | //********************************************************************************** |
@@ -2067,6 +2070,10 @@ int main(int argc, char **argv, char **envp) { | |||
2067 | } | 2070 | } |
2068 | arg_dbus_user = DBUS_POLICY_FILTER; | 2071 | arg_dbus_user = DBUS_POLICY_FILTER; |
2069 | } else if (strcmp("none", argv[i] + 12) == 0) { | 2072 | } else if (strcmp("none", argv[i] + 12) == 0) { |
2073 | if (arg_dbus_log_user) { | ||
2074 | fprintf(stderr, "Error: --dbus-user.log requires --dbus-user=filter\n"); | ||
2075 | exit(1); | ||
2076 | } | ||
2070 | arg_dbus_user = DBUS_POLICY_BLOCK; | 2077 | arg_dbus_user = DBUS_POLICY_BLOCK; |
2071 | } else { | 2078 | } else { |
2072 | fprintf(stderr, "Unknown dbus-user policy: %s\n", argv[i] + 12); | 2079 | fprintf(stderr, "Unknown dbus-user policy: %s\n", argv[i] + 12); |
@@ -2121,6 +2128,10 @@ int main(int argc, char **argv, char **envp) { | |||
2121 | } | 2128 | } |
2122 | arg_dbus_system = DBUS_POLICY_FILTER; | 2129 | arg_dbus_system = DBUS_POLICY_FILTER; |
2123 | } else if (strcmp("none", argv[i] + 14) == 0) { | 2130 | } else if (strcmp("none", argv[i] + 14) == 0) { |
2131 | if (arg_dbus_log_system) { | ||
2132 | fprintf(stderr, "Error: --dbus-system.log requires --dbus-system=filter\n"); | ||
2133 | exit(1); | ||
2134 | } | ||
2124 | arg_dbus_system = DBUS_POLICY_BLOCK; | 2135 | arg_dbus_system = DBUS_POLICY_BLOCK; |
2125 | } else { | 2136 | } else { |
2126 | fprintf(stderr, "Unknown dbus-system policy: %s\n", argv[i] + 14); | 2137 | fprintf(stderr, "Unknown dbus-system policy: %s\n", argv[i] + 14); |
@@ -2167,6 +2178,27 @@ int main(int argc, char **argv, char **envp) { | |||
2167 | profile_check_line(line, 0, NULL); // will exit if something wrong | 2178 | profile_check_line(line, 0, NULL); // will exit if something wrong |
2168 | profile_add(line); | 2179 | profile_add(line); |
2169 | } | 2180 | } |
2181 | else if (strncmp(argv[i], "--dbus-log=", 11) == 0) { | ||
2182 | if (arg_dbus_log_file != NULL) { | ||
2183 | fprintf(stderr, "Error: --dbus-log option already specified\n"); | ||
2184 | exit(1); | ||
2185 | } | ||
2186 | arg_dbus_log_file = argv[i] + 11; | ||
2187 | } | ||
2188 | else if (strcmp(argv[i], "--dbus-user.log") == 0) { | ||
2189 | if (arg_dbus_user != DBUS_POLICY_FILTER) { | ||
2190 | fprintf(stderr, "Error: --dbus-user.log requires --dbus-user=filter\n"); | ||
2191 | exit(1); | ||
2192 | } | ||
2193 | arg_dbus_log_user = 1; | ||
2194 | } | ||
2195 | else if (strcmp(argv[i], "--dbus-system.log") == 0) { | ||
2196 | if (arg_dbus_system != DBUS_POLICY_FILTER) { | ||
2197 | fprintf(stderr, "Error: --dbus-system.log requires --dbus-system=filter\n"); | ||
2198 | exit(1); | ||
2199 | } | ||
2200 | arg_dbus_log_system = 1; | ||
2201 | } | ||
2170 | 2202 | ||
2171 | //************************************* | 2203 | //************************************* |
2172 | // network | 2204 | // network |