Baseline firejail 0.9.28

author: netblue30 <netblue30@yahoo.com> 2015-08-08 19:12:30 -0400
committer: netblue30 <netblue30@yahoo.com> 2015-08-08 19:12:30 -0400
commit: 1379851360349d6617ad32944a25ee5e2bb74fc2 (patch)
tree: f69b48e90708bfa3c2723d5a27ed3e024c827b43 /src/firejail/restricted_shell.c
parent: delete files (diff)
download: firejail-1379851360349d6617ad32944a25ee5e2bb74fc2.tar.gz
firejail-1379851360349d6617ad32944a25ee5e2bb74fc2.tar.zst
firejail-1379851360349d6617ad32944a25ee5e2bb74fc2.zip
1 files changed, 96 insertions, 0 deletions
diff --git a/src/firejail/restricted_shell.c b/src/firejail/restricted_shell.c
new file mode 100644
index 000000000..ba3aae759
--- /dev/null
+++ b/src/firejail/restricted_shell.c
@@ -0,0 +1,96 @@
+/*
+ * Copyright (C) 2014, 2015 netblue30 (netblue30@yahoo.com)
+ *
+ * This file is part of firejail project
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*/
+#include "firejail.h"
+#define MAX_READ 4096   // maximum line length
+char *restricted_user = NULL;
+int restricted_shell(const char *user) {
+        assert(user);
+        // open profile file:
+        FILE *fp = fopen("/etc/firejail/login.users", "r");
+        if (fp == NULL)
+                return 0;
+        int lineno = 0;
+        char buf[MAX_READ];
+        while (fgets(buf, MAX_READ, fp)) {
+                lineno++;
+                
+                // remove empty spaces at the beginning of the line
+                char *ptr = buf;
+                while (*ptr == ' ' || *ptr == '\t') { 
+                        ptr++;
+                }
+                if (*ptr == '\n' || *ptr == '#')
+                        continue;
+                
+                // parse line   
+                char *usr = ptr;
+                char *args = strchr(usr, ':');
+                if (args == NULL) {
+                        fprintf(stderr, "Error: users.conf line %d\n", lineno);
+                        exit(1);
+                }
+                *args = '\0';
+                args++;
+                ptr = strchr(args, '\n');
+                if (ptr)
+                        *ptr = '\0';
+                        
+                if (strcmp(user, usr) == 0) {
+                        restricted_user = strdup(user);
+                        // extract program arguments
+                        fullargv[0] = "firejail";
+                        int i;
+                        ptr = args;
+                        for (i = 1; i < MAX_ARGS; i++) {
+                                fullargv[i] = ptr;
+                                while (*ptr != ' ' && *ptr != '\t' && *ptr != '\0')
+                                        ptr++;
+                                if (*ptr != '\0') {
+                                        *ptr ='\0';
+                                        fullargv[i] = strdup(fullargv[i]);
+                                        if (fullargv[i] == NULL) {
+                                                fprintf(stderr, "Error: cannot allocate memory\n");
+                                                exit(1);
+                                        }
+                                        ptr++;
+                                        while (*ptr == ' ' || *ptr == '\t')
+                                                ptr++;
+                                        if (*ptr != '\0')
+                                                continue;
+                                }
+                                fullargv[i] = strdup(fullargv[i]);
+                                fclose(fp);
+                                return i + 1;
+                        }
+                        fprintf(stderr, "Error: too many program arguments in users.conf line %d\n", lineno);
+                        exit(1);
+                }
+        }
+        fclose(fp);
+                         
+        return 0;   
+}
author	netblue30 <netblue30@yahoo.com>	2015-08-08 19:12:30 -0400
committer	netblue30 <netblue30@yahoo.com>	2015-08-08 19:12:30 -0400
commit	1379851360349d6617ad32944a25ee5e2bb74fc2 (patch)
tree	f69b48e90708bfa3c2723d5a27ed3e024c827b43 /src/firejail/restricted_shell.c
parent	delete files (diff)
download	firejail-1379851360349d6617ad32944a25ee5e2bb74fc2.tar.gz firejail-1379851360349d6617ad32944a25ee5e2bb74fc2.tar.zst firejail-1379851360349d6617ad32944a25ee5e2bb74fc2.zip

diff --git a/src/firejail/restricted_shell.c b/src/firejail/restricted_shell.c new file mode 100644 index 000000000..ba3aae759 --- /dev/null +++ b/src/firejail/restricted_shell.c
@@ -0,0 +1,96 @@
	1	/*
	2	* Copyright (C) 2014, 2015 netblue30 (netblue30@yahoo.com)
	3	*
	4	* This file is part of firejail project
	5	*
	6	* This program is free software; you can redistribute it and/or modify
	7	* it under the terms of the GNU General Public License as published by
	8	* the Free Software Foundation; either version 2 of the License, or
	9	* (at your option) any later version.
	10	*
	11	* This program is distributed in the hope that it will be useful,
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	14	* GNU General Public License for more details.
	15	*
	16	* You should have received a copy of the GNU General Public License along
	17	* with this program; if not, write to the Free Software Foundation, Inc.,
	18	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
	19	*/
	20	#include "firejail.h"
	21
	22	#define MAX_READ 4096 // maximum line length
	23	char *restricted_user = NULL;
	24
	25
	26	int restricted_shell(const char *user) {
	27	assert(user);
	28
	29	// open profile file:
	30	FILE *fp = fopen("/etc/firejail/login.users", "r");
	31	if (fp == NULL)
	32	return 0;
	33
	34	int lineno = 0;
	35	char buf[MAX_READ];
	36	while (fgets(buf, MAX_READ, fp)) {
	37	lineno++;
	38
	39	// remove empty spaces at the beginning of the line
	40	char *ptr = buf;
	41	while (ptr == ' ' \|\| ptr == '\t') {
	42	ptr++;
	43	}
	44	if (ptr == '\n' \|\| ptr == '#')
	45	continue;
	46
	47	// parse line
	48	char *usr = ptr;
	49	char *args = strchr(usr, ':');
	50	if (args == NULL) {
	51	fprintf(stderr, "Error: users.conf line %d\n", lineno);
	52	exit(1);
	53	}
	54	*args = '\0';
	55	args++;
	56	ptr = strchr(args, '\n');
	57	if (ptr)
	58	*ptr = '\0';
	59
	60	if (strcmp(user, usr) == 0) {
	61	restricted_user = strdup(user);
	62	// extract program arguments
	63
	64	fullargv[0] = "firejail";
	65	int i;
	66	ptr = args;
	67	for (i = 1; i < MAX_ARGS; i++) {
	68	fullargv[i] = ptr;
	69	while (ptr != ' ' && ptr != '\t' && *ptr != '\0')
	70	ptr++;
	71	if (*ptr != '\0') {
	72	*ptr ='\0';
	73	fullargv[i] = strdup(fullargv[i]);
	74	if (fullargv[i] == NULL) {
	75	fprintf(stderr, "Error: cannot allocate memory\n");
	76	exit(1);
	77	}
	78	ptr++;
	79	while (ptr == ' ' \|\| ptr == '\t')
	80	ptr++;
	81	if (*ptr != '\0')
	82	continue;
	83	}
	84	fullargv[i] = strdup(fullargv[i]);
	85	fclose(fp);
	86	return i + 1;
	87	}
	88	fprintf(stderr, "Error: too many program arguments in users.conf line %d\n", lineno);
	89	exit(1);
	90	}
	91	}
	92	fclose(fp);
	93
	94	return 0;
	95	}
	96