aboutsummaryrefslogtreecommitdiffstats
path: root/src/firejail/util.c
diff options
context:
space:
mode:
authorLibravatar smitsohu <smitsohu@gmail.com>2021-10-18 17:36:49 +0200
committerLibravatar smitsohu <smitsohu@gmail.com>2021-10-18 17:36:49 +0200
commitaadd5c92cd8c8dc6370b1e321ce6a7b77bb4b032 (patch)
treea73b73ad27af600e690d89c9dad74a8837bd7acb /src/firejail/util.c
parentcleanup (diff)
downloadfirejail-aadd5c92cd8c8dc6370b1e321ce6a7b77bb4b032.tar.gz
firejail-aadd5c92cd8c8dc6370b1e321ce6a7b77bb4b032.tar.zst
firejail-aadd5c92cd8c8dc6370b1e321ce6a7b77bb4b032.zip
readability
Diffstat (limited to 'src/firejail/util.c')
-rw-r--r--src/firejail/util.c72
1 files changed, 41 insertions, 31 deletions
diff --git a/src/firejail/util.c b/src/firejail/util.c
index 53c76db6d..55dcdc246 100644
--- a/src/firejail/util.c
+++ b/src/firejail/util.c
@@ -484,13 +484,6 @@ int is_link(const char *fname) {
484 if (*fname == '\0') 484 if (*fname == '\0')
485 return 0; 485 return 0;
486 486
487 int called_as_root = 0;
488 if (geteuid() == 0)
489 called_as_root = 1;
490
491 if (called_as_root)
492 EUID_USER();
493
494 // remove trailing '/' if any 487 // remove trailing '/' if any
495 char *tmp = strdup(fname); 488 char *tmp = strdup(fname);
496 if (!tmp) 489 if (!tmp)
@@ -498,12 +491,9 @@ int is_link(const char *fname) {
498 trim_trailing_slash_or_dot(tmp); 491 trim_trailing_slash_or_dot(tmp);
499 492
500 char c; 493 char c;
501 ssize_t rv = readlink(tmp, &c, 1); 494 ssize_t rv = readlink_as_user(tmp, &c, 1);
502 free(tmp); 495 free(tmp);
503 496
504 if (called_as_root)
505 EUID_ROOT();
506
507 return (rv != -1); 497 return (rv != -1);
508} 498}
509 499
@@ -525,6 +515,24 @@ char *realpath_as_user(const char *fname) {
525 return rv; 515 return rv;
526} 516}
527 517
518ssize_t readlink_as_user(const char *fname, char *buf, size_t sz) {
519 assert(fname && buf && sz);
520
521 int called_as_root = 0;
522 if (geteuid() == 0)
523 called_as_root = 1;
524
525 if (called_as_root)
526 EUID_USER();
527
528 ssize_t rv = readlink(fname, buf, sz);
529
530 if (called_as_root)
531 EUID_ROOT();
532
533 return rv;
534}
535
528int stat_as_user(const char *fname, struct stat *s) { 536int stat_as_user(const char *fname, struct stat *s) {
529 assert(fname); 537 assert(fname);
530 538
@@ -997,31 +1005,33 @@ int create_empty_dir_as_user(const char *dir, mode_t mode) {
997 assert(dir); 1005 assert(dir);
998 mode &= 07777; 1006 mode &= 07777;
999 1007
1000 if (access(dir, F_OK) != 0) { 1008 if (access(dir, F_OK) == 0)
1009 return 0;
1010
1011 pid_t child = fork();
1012 if (child < 0)
1013 errExit("fork");
1014 if (child == 0) {
1015 // drop privileges
1016 drop_privs(0);
1017
1001 if (arg_debug) 1018 if (arg_debug)
1002 printf("Creating empty %s directory\n", dir); 1019 printf("Creating empty %s directory\n", dir);
1003 pid_t child = fork(); 1020 if (mkdir(dir, mode) == 0) {
1004 if (child < 0) 1021 int err = chmod(dir, mode);
1005 errExit("fork"); 1022 (void) err;
1006 if (child == 0) { 1023 }
1007 // drop privileges 1024 else if (arg_debug)
1008 drop_privs(0); 1025 printf("Directory %s not created: %s\n", dir, strerror(errno));
1009
1010 if (mkdir(dir, mode) == 0) {
1011 int err = chmod(dir, mode);
1012 (void) err;
1013 }
1014 else if (arg_debug)
1015 printf("Directory %s not created: %s\n", dir, strerror(errno));
1016 1026
1017 __gcov_flush(); 1027 __gcov_flush();
1018 1028
1019 _exit(0); 1029 _exit(0);
1020 }
1021 waitpid(child, NULL, 0);
1022 if (access(dir, F_OK) == 0)
1023 return 1;
1024 } 1030 }
1031 waitpid(child, NULL, 0);
1032
1033 if (access(dir, F_OK) == 0)
1034 return 1;
1025 return 0; 1035 return 0;
1026} 1036}
1027 1037
generated by cgit v1.2.3-54-g00ecf (git 2.45.1) at 2024-06-02 05:15:32 +0000