diff options
author | netblue30 <netblue30@yahoo.com> | 2020-08-22 08:21:51 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2020-08-22 08:21:51 -0400 |
commit | c64ce295a7ddc097dd9393428e15ba4c520632af (patch) | |
tree | 210da678e16d56655373500517c85bc8b2b2cf9f /src/firejail/util.c | |
parent | Merge branch 'master' of https://github.com/netblue30/firejail (diff) | |
download | firejail-c64ce295a7ddc097dd9393428e15ba4c520632af.tar.gz firejail-c64ce295a7ddc097dd9393428e15ba4c520632af.tar.zst firejail-c64ce295a7ddc097dd9393428e15ba4c520632af.zip |
minor cleanup: move pid functions from main.c to util.c
Diffstat (limited to 'src/firejail/util.c')
-rw-r--r-- | src/firejail/util.c | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/src/firejail/util.c b/src/firejail/util.c index 3aa0584d6..d65ac0071 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
@@ -29,6 +29,7 @@ | |||
29 | #include <sys/ioctl.h> | 29 | #include <sys/ioctl.h> |
30 | #include <termios.h> | 30 | #include <termios.h> |
31 | #include <sys/wait.h> | 31 | #include <sys/wait.h> |
32 | #include <limits.h> | ||
32 | 33 | ||
33 | #include <fcntl.h> | 34 | #include <fcntl.h> |
34 | #ifndef O_PATH | 35 | #ifndef O_PATH |
@@ -1265,3 +1266,72 @@ void enter_network_namespace(pid_t pid) { | |||
1265 | exit(1); | 1266 | exit(1); |
1266 | } | 1267 | } |
1267 | } | 1268 | } |
1269 | |||
1270 | // return 1 if error, 0 if a valid pid was found | ||
1271 | static int extract_pid(const char *name, pid_t *pid) { | ||
1272 | int retval = 0; | ||
1273 | EUID_ASSERT(); | ||
1274 | if (!name || strlen(name) == 0) { | ||
1275 | fprintf(stderr, "Error: invalid sandbox name\n"); | ||
1276 | exit(1); | ||
1277 | } | ||
1278 | |||
1279 | EUID_ROOT(); | ||
1280 | if (name2pid(name, pid)) { | ||
1281 | retval = 1; | ||
1282 | } | ||
1283 | EUID_USER(); | ||
1284 | return retval; | ||
1285 | } | ||
1286 | |||
1287 | // return 1 if error, 0 if a valid pid was found | ||
1288 | int read_pid(const char *name, pid_t *pid) { | ||
1289 | char *endptr; | ||
1290 | errno = 0; | ||
1291 | long int pidtmp = strtol(name, &endptr, 10); | ||
1292 | if ((errno == ERANGE && (pidtmp == LONG_MAX || pidtmp == LONG_MIN)) | ||
1293 | || (errno != 0 && pidtmp == 0)) { | ||
1294 | return extract_pid(name,pid); | ||
1295 | } | ||
1296 | // endptr points to '\0' char in name if the entire string is valid | ||
1297 | if (endptr == NULL || endptr[0]!='\0') { | ||
1298 | return extract_pid(name,pid); | ||
1299 | } | ||
1300 | *pid =(pid_t)pidtmp; | ||
1301 | return 0; | ||
1302 | } | ||
1303 | |||
1304 | pid_t require_pid(const char *name) { | ||
1305 | pid_t pid; | ||
1306 | if (read_pid(name,&pid)) { | ||
1307 | fprintf(stderr, "Error: cannot find sandbox %s\n", name); | ||
1308 | exit(1); | ||
1309 | } | ||
1310 | return pid; | ||
1311 | } | ||
1312 | |||
1313 | // return 1 if there is a link somewhere in path of directory | ||
1314 | static int has_link(const char *dir) { | ||
1315 | assert(dir); | ||
1316 | int fd = safe_fd(dir, O_PATH|O_DIRECTORY|O_NOFOLLOW|O_CLOEXEC); | ||
1317 | if (fd == -1) { | ||
1318 | if (errno == ENOTDIR && is_dir(dir)) | ||
1319 | return 1; | ||
1320 | } | ||
1321 | else | ||
1322 | close(fd); | ||
1323 | return 0; | ||
1324 | } | ||
1325 | |||
1326 | void check_homedir(void) { | ||
1327 | assert(cfg.homedir); | ||
1328 | if (cfg.homedir[0] != '/') { | ||
1329 | fprintf(stderr, "Error: invalid user directory \"%s\"\n", cfg.homedir); | ||
1330 | exit(1); | ||
1331 | } | ||
1332 | // symlinks are rejected in many places | ||
1333 | if (has_link(cfg.homedir)) { | ||
1334 | fprintf(stderr, "No full support for symbolic links in path of user directory.\n" | ||
1335 | "Please provide resolved path in password database (/etc/passwd).\n\n"); | ||
1336 | } | ||
1337 | } | ||