diff options
author | netblue30 <netblue30@yahoo.com> | 2020-08-22 08:21:51 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2020-08-22 08:21:51 -0400 |
commit | c64ce295a7ddc097dd9393428e15ba4c520632af (patch) | |
tree | 210da678e16d56655373500517c85bc8b2b2cf9f /src/firejail/main.c | |
parent | Merge branch 'master' of https://github.com/netblue30/firejail (diff) | |
download | firejail-c64ce295a7ddc097dd9393428e15ba4c520632af.tar.gz firejail-c64ce295a7ddc097dd9393428e15ba4c520632af.tar.zst firejail-c64ce295a7ddc097dd9393428e15ba4c520632af.zip |
minor cleanup: move pid functions from main.c to util.c
Diffstat (limited to 'src/firejail/main.c')
-rw-r--r-- | src/firejail/main.c | 70 |
1 files changed, 1 insertions, 69 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index 072651c4d..df890ecea 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -31,7 +31,7 @@ | |||
31 | #include <dirent.h> | 31 | #include <dirent.h> |
32 | #include <pwd.h> | 32 | #include <pwd.h> |
33 | #include <errno.h> | 33 | #include <errno.h> |
34 | #include <limits.h> | 34 | //#include <limits.h> |
35 | #include <sys/file.h> | 35 | #include <sys/file.h> |
36 | #include <sys/prctl.h> | 36 | #include <sys/prctl.h> |
37 | #include <signal.h> | 37 | #include <signal.h> |
@@ -215,74 +215,6 @@ static void install_handler(void) { | |||
215 | sigaction(SIGTERM, &sga, NULL); | 215 | sigaction(SIGTERM, &sga, NULL); |
216 | } | 216 | } |
217 | 217 | ||
218 | // return 1 if error, 0 if a valid pid was found | ||
219 | static int extract_pid(const char *name, pid_t *pid) { | ||
220 | int retval = 0; | ||
221 | EUID_ASSERT(); | ||
222 | if (!name || strlen(name) == 0) { | ||
223 | fprintf(stderr, "Error: invalid sandbox name\n"); | ||
224 | exit(1); | ||
225 | } | ||
226 | |||
227 | EUID_ROOT(); | ||
228 | if (name2pid(name, pid)) { | ||
229 | retval = 1; | ||
230 | } | ||
231 | EUID_USER(); | ||
232 | return retval; | ||
233 | } | ||
234 | |||
235 | // return 1 if error, 0 if a valid pid was found | ||
236 | static int read_pid(const char *name, pid_t *pid) { | ||
237 | char *endptr; | ||
238 | errno = 0; | ||
239 | long int pidtmp = strtol(name, &endptr, 10); | ||
240 | if ((errno == ERANGE && (pidtmp == LONG_MAX || pidtmp == LONG_MIN)) | ||
241 | || (errno != 0 && pidtmp == 0)) { | ||
242 | return extract_pid(name,pid); | ||
243 | } | ||
244 | // endptr points to '\0' char in name if the entire string is valid | ||
245 | if (endptr == NULL || endptr[0]!='\0') { | ||
246 | return extract_pid(name,pid); | ||
247 | } | ||
248 | *pid =(pid_t)pidtmp; | ||
249 | return 0; | ||
250 | } | ||
251 | |||
252 | static pid_t require_pid(const char *name) { | ||
253 | pid_t pid; | ||
254 | if (read_pid(name,&pid)) { | ||
255 | fprintf(stderr, "Error: cannot find sandbox %s\n", name); | ||
256 | exit(1); | ||
257 | } | ||
258 | return pid; | ||
259 | } | ||
260 | |||
261 | // return 1 if there is a link somewhere in path of directory | ||
262 | static int has_link(const char *dir) { | ||
263 | assert(dir); | ||
264 | int fd = safe_fd(dir, O_PATH|O_DIRECTORY|O_NOFOLLOW|O_CLOEXEC); | ||
265 | if (fd == -1) { | ||
266 | if (errno == ENOTDIR && is_dir(dir)) | ||
267 | return 1; | ||
268 | } | ||
269 | else | ||
270 | close(fd); | ||
271 | return 0; | ||
272 | } | ||
273 | |||
274 | static void check_homedir(void) { | ||
275 | assert(cfg.homedir); | ||
276 | if (cfg.homedir[0] != '/') { | ||
277 | fprintf(stderr, "Error: invalid user directory \"%s\"\n", cfg.homedir); | ||
278 | exit(1); | ||
279 | } | ||
280 | // symlinks are rejected in many places | ||
281 | if (has_link(cfg.homedir)) { | ||
282 | fprintf(stderr, "No full support for symbolic links in path of user directory.\n" | ||
283 | "Please provide resolved path in password database (/etc/passwd).\n\n"); | ||
284 | } | ||
285 | } | ||
286 | 218 | ||
287 | // init configuration | 219 | // init configuration |
288 | static void init_cfg(int argc, char **argv) { | 220 | static void init_cfg(int argc, char **argv) { |