diff options
author | Kristóf Marussy <kristof@marussy.com> | 2020-06-01 18:20:28 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-06-01 18:20:28 +0200 |
commit | 18f99d17a46f84f403b49dd36bf5eeb8167a8746 (patch) | |
tree | 52c26d787fef55c05a76de3a50e3d0fda0cc2f3a /src/firejail | |
parent | Avoid dbus-*=filter breakage (#3432) (diff) | |
parent | Turn attempted DBus policy downgrade into warning (fixes #3408) (diff) | |
download | firejail-18f99d17a46f84f403b49dd36bf5eeb8167a8746.tar.gz firejail-18f99d17a46f84f403b49dd36bf5eeb8167a8746.tar.zst firejail-18f99d17a46f84f403b49dd36bf5eeb8167a8746.zip |
Merge pull request #3406 from kris7t/dbus-proxy
DBus filtering enhancements
Diffstat (limited to 'src/firejail')
-rw-r--r-- | src/firejail/dbus.c | 93 | ||||
-rw-r--r-- | src/firejail/firejail.h | 4 | ||||
-rw-r--r-- | src/firejail/main.c | 92 | ||||
-rw-r--r-- | src/firejail/profile.c | 58 | ||||
-rw-r--r-- | src/firejail/usage.c | 9 |
5 files changed, 242 insertions, 14 deletions
diff --git a/src/firejail/dbus.c b/src/firejail/dbus.c index 0f4f18c57..18576612d 100644 --- a/src/firejail/dbus.c +++ b/src/firejail/dbus.c | |||
@@ -48,7 +48,7 @@ static int dbus_proxy_status_fd = -1; | |||
48 | static char *dbus_user_proxy_socket = NULL; | 48 | static char *dbus_user_proxy_socket = NULL; |
49 | static char *dbus_system_proxy_socket = NULL; | 49 | static char *dbus_system_proxy_socket = NULL; |
50 | 50 | ||
51 | int dbus_check_name(const char *name) { | 51 | static int check_bus_or_interface_name(const char *name, int hyphens_allowed) { |
52 | unsigned long length = strlen(name); | 52 | unsigned long length = strlen(name); |
53 | if (length == 0 || length > DBUS_MAX_NAME_LENGTH) | 53 | if (length == 0 || length > DBUS_MAX_NAME_LENGTH) |
54 | return 0; | 54 | return 0; |
@@ -62,14 +62,48 @@ int dbus_check_name(const char *name) { | |||
62 | if (*p == '.') { | 62 | if (*p == '.') { |
63 | ++segments; | 63 | ++segments; |
64 | in_segment = 0; | 64 | in_segment = 0; |
65 | } else if (!alpha && !digit && *p != '_' && *p != '-') { | 65 | } else if (!alpha && !digit && *p != '_' && (!hyphens_allowed || *p != '-')) { |
66 | return 0; | ||
67 | } | ||
68 | } | ||
69 | else { | ||
70 | if (*p == '*') { | ||
71 | return *(p + 1) == '\0'; | ||
72 | } else if (!alpha && *p != '_' && (!hyphens_allowed || *p != '-')) { | ||
73 | return 0; | ||
74 | } | ||
75 | in_segment = 1; | ||
76 | } | ||
77 | ++p; | ||
78 | } | ||
79 | return in_segment && segments >= 2; | ||
80 | } | ||
81 | |||
82 | static int check_object_path(const char *path) { | ||
83 | unsigned long length = strlen(path); | ||
84 | if (length == 0 || path[0] != '/') | ||
85 | return 0; | ||
86 | // The root path "/" is the only path allowed to have a trailing slash. | ||
87 | if (length == 1) | ||
88 | return 1; | ||
89 | const char *p = path + 1; | ||
90 | int segments = 1; | ||
91 | int in_segment = 0; | ||
92 | while (*p) { | ||
93 | int alpha = (*p >= 'a' && *p <= 'z') || (*p >= 'A' && *p <= 'Z'); | ||
94 | int digit = *p >= '0' && *p <= '9'; | ||
95 | if (in_segment) { | ||
96 | if (*p == '/') { | ||
97 | ++segments; | ||
98 | in_segment = 0; | ||
99 | } else if (!alpha && !digit && *p != '_') { | ||
66 | return 0; | 100 | return 0; |
67 | } | 101 | } |
68 | } | 102 | } |
69 | else { | 103 | else { |
70 | if (*p == '*') { | 104 | if (*p == '*') { |
71 | return *(p + 1) == '\0'; | 105 | return *(p + 1) == '\0'; |
72 | } else if (!alpha && *p != '_' && *p != '-') { | 106 | } else if (!alpha && *p != '_') { |
73 | return 0; | 107 | return 0; |
74 | } | 108 | } |
75 | in_segment = 1; | 109 | in_segment = 1; |
@@ -79,6 +113,38 @@ int dbus_check_name(const char *name) { | |||
79 | return in_segment && segments >= 2; | 113 | return in_segment && segments >= 2; |
80 | } | 114 | } |
81 | 115 | ||
116 | int dbus_check_name(const char *name) { | ||
117 | return check_bus_or_interface_name(name, 1); | ||
118 | } | ||
119 | |||
120 | int dbus_check_call_rule(const char *rule) { | ||
121 | char buf[DBUS_MAX_NAME_LENGTH + 1]; | ||
122 | char *name_end = strchr(rule, '='); | ||
123 | if (name_end == NULL) | ||
124 | return 0; | ||
125 | size_t name_length = (size_t) (name_end - rule); | ||
126 | if (name_length > DBUS_MAX_NAME_LENGTH) | ||
127 | return 0; | ||
128 | strncpy(buf, rule, (size_t) name_length); | ||
129 | buf[name_length] = '\0'; | ||
130 | if (!dbus_check_name(buf)) | ||
131 | return 0; | ||
132 | ++name_end; | ||
133 | char *interface_end = strchr(name_end, '@'); | ||
134 | if (interface_end == NULL) | ||
135 | return check_bus_or_interface_name(name_end, 0); | ||
136 | size_t interface_length = (size_t) (interface_end - name_end); | ||
137 | if (interface_length > DBUS_MAX_NAME_LENGTH) | ||
138 | return 0; | ||
139 | if (interface_length > 0) { | ||
140 | strncpy(buf, name_end, interface_length); | ||
141 | buf[interface_length] = '\0'; | ||
142 | if (!check_bus_or_interface_name(buf, 0)) | ||
143 | return 0; | ||
144 | } | ||
145 | return check_object_path(interface_end + 1); | ||
146 | } | ||
147 | |||
82 | static void dbus_check_bus_profile(char const *prefix, DbusPolicy *policy) { | 148 | static void dbus_check_bus_profile(char const *prefix, DbusPolicy *policy) { |
83 | if (*policy == DBUS_POLICY_FILTER) { | 149 | if (*policy == DBUS_POLICY_FILTER) { |
84 | struct stat s; | 150 | struct stat s; |
@@ -219,6 +285,8 @@ static char *find_user_socket(void) { | |||
219 | void dbus_proxy_start(void) { | 285 | void dbus_proxy_start(void) { |
220 | dbus_create_user_dir(); | 286 | dbus_create_user_dir(); |
221 | 287 | ||
288 | EUID_USER(); | ||
289 | |||
222 | int status_pipe[2]; | 290 | int status_pipe[2]; |
223 | if (pipe(status_pipe) == -1) | 291 | if (pipe(status_pipe) == -1) |
224 | errExit("pipe"); | 292 | errExit("pipe"); |
@@ -233,10 +301,21 @@ void dbus_proxy_start(void) { | |||
233 | errExit("fork"); | 301 | errExit("fork"); |
234 | if (dbus_proxy_pid == 0) { | 302 | if (dbus_proxy_pid == 0) { |
235 | int i; | 303 | int i; |
236 | for (i = 3; i < FIREJAIL_MAX_FD; i++) { | 304 | for (i = STDERR_FILENO + 1; i < FIREJAIL_MAX_FD; i++) { |
237 | if (i != status_pipe[1] && i != args_pipe[0]) | 305 | if (i != status_pipe[1] && i != args_pipe[0]) |
238 | close(i); // close open files | 306 | close(i); // close open files |
239 | } | 307 | } |
308 | if (arg_dbus_log_file != NULL) { | ||
309 | int output_fd = creat(arg_dbus_log_file, 0666); | ||
310 | if (output_fd < 0) | ||
311 | errExit("creat"); | ||
312 | if (output_fd != STDOUT_FILENO) { | ||
313 | if (dup2(output_fd, STDOUT_FILENO) != STDOUT_FILENO) | ||
314 | errExit("dup2"); | ||
315 | close(output_fd); | ||
316 | } | ||
317 | } | ||
318 | close(STDIN_FILENO); | ||
240 | char *args[4] = {XDG_DBUS_PROXY_PATH, NULL, NULL, NULL}; | 319 | char *args[4] = {XDG_DBUS_PROXY_PATH, NULL, NULL, NULL}; |
241 | if (asprintf(&args[1], "--fd=%d", status_pipe[1]) == -1 | 320 | if (asprintf(&args[1], "--fd=%d", status_pipe[1]) == -1 |
242 | || asprintf(&args[2], "--args=%d", args_pipe[0]) == -1) | 321 | || asprintf(&args[2], "--args=%d", args_pipe[0]) == -1) |
@@ -262,6 +341,9 @@ void dbus_proxy_start(void) { | |||
262 | (int) getuid(), (int) getpid()) == -1) | 341 | (int) getuid(), (int) getpid()) == -1) |
263 | errExit("asprintf"); | 342 | errExit("asprintf"); |
264 | write_arg(args_pipe[1], "%s", dbus_user_proxy_socket); | 343 | write_arg(args_pipe[1], "%s", dbus_user_proxy_socket); |
344 | if (arg_dbus_log_user) { | ||
345 | write_arg(args_pipe[1], "--log"); | ||
346 | } | ||
265 | write_arg(args_pipe[1], "--filter"); | 347 | write_arg(args_pipe[1], "--filter"); |
266 | write_profile(args_pipe[1], "dbus-user."); | 348 | write_profile(args_pipe[1], "dbus-user."); |
267 | } | 349 | } |
@@ -278,6 +360,9 @@ void dbus_proxy_start(void) { | |||
278 | (int) getuid(), (int) getpid()) == -1) | 360 | (int) getuid(), (int) getpid()) == -1) |
279 | errExit("asprintf"); | 361 | errExit("asprintf"); |
280 | write_arg(args_pipe[1], "%s", dbus_system_proxy_socket); | 362 | write_arg(args_pipe[1], "%s", dbus_system_proxy_socket); |
363 | if (arg_dbus_log_system) { | ||
364 | write_arg(args_pipe[1], "--log"); | ||
365 | } | ||
281 | write_arg(args_pipe[1], "--filter"); | 366 | write_arg(args_pipe[1], "--filter"); |
282 | write_profile(args_pipe[1], "dbus-system."); | 367 | write_profile(args_pipe[1], "dbus-system."); |
283 | } | 368 | } |
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 9b288b1b9..1ef4887ea 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
@@ -349,6 +349,9 @@ typedef enum { | |||
349 | } DbusPolicy; | 349 | } DbusPolicy; |
350 | extern DbusPolicy arg_dbus_user; // --dbus-user | 350 | extern DbusPolicy arg_dbus_user; // --dbus-user |
351 | extern DbusPolicy arg_dbus_system; // --dbus-system | 351 | extern DbusPolicy arg_dbus_system; // --dbus-system |
352 | extern int arg_dbus_log_user; | ||
353 | extern int arg_dbus_log_system; | ||
354 | extern const char *arg_dbus_log_file; | ||
352 | 355 | ||
353 | extern int login_shell; | 356 | extern int login_shell; |
354 | extern int parent_to_child_fds[2]; | 357 | extern int parent_to_child_fds[2]; |
@@ -847,6 +850,7 @@ void set_profile_run_file(pid_t pid, const char *fname); | |||
847 | 850 | ||
848 | // dbus.c | 851 | // dbus.c |
849 | int dbus_check_name(const char *name); | 852 | int dbus_check_name(const char *name); |
853 | int dbus_check_call_rule(const char *name); | ||
850 | void dbus_check_profile(void); | 854 | void dbus_check_profile(void); |
851 | void dbus_proxy_start(void); | 855 | void dbus_proxy_start(void); |
852 | void dbus_proxy_stop(void); | 856 | void dbus_proxy_stop(void); |
diff --git a/src/firejail/main.c b/src/firejail/main.c index dc213b988..958374c43 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -148,6 +148,9 @@ int arg_nou2f = 0; // --nou2f | |||
148 | int arg_deterministic_exit_code = 0; // always exit with first child's exit status | 148 | int arg_deterministic_exit_code = 0; // always exit with first child's exit status |
149 | DbusPolicy arg_dbus_user = DBUS_POLICY_ALLOW; // --dbus-user | 149 | DbusPolicy arg_dbus_user = DBUS_POLICY_ALLOW; // --dbus-user |
150 | DbusPolicy arg_dbus_system = DBUS_POLICY_ALLOW; // --dbus-system | 150 | DbusPolicy arg_dbus_system = DBUS_POLICY_ALLOW; // --dbus-system |
151 | const char *arg_dbus_log_file = NULL; | ||
152 | int arg_dbus_log_user = 0; | ||
153 | int arg_dbus_log_system = 0; | ||
151 | int login_shell = 0; | 154 | int login_shell = 0; |
152 | 155 | ||
153 | //********************************************************************************** | 156 | //********************************************************************************** |
@@ -2062,17 +2065,29 @@ int main(int argc, char **argv, char **envp) { | |||
2062 | else if (strncmp("--dbus-user=", argv[i], 12) == 0) { | 2065 | else if (strncmp("--dbus-user=", argv[i], 12) == 0) { |
2063 | if (strcmp("filter", argv[i] + 12) == 0) { | 2066 | if (strcmp("filter", argv[i] + 12) == 0) { |
2064 | if (arg_dbus_user == DBUS_POLICY_BLOCK) { | 2067 | if (arg_dbus_user == DBUS_POLICY_BLOCK) { |
2065 | fprintf(stderr, "Error: Cannot relax --dbus-user policy, it is already set to block\n"); | 2068 | fprintf(stderr, "Warning: Cannot relax --dbus-user policy, it is already set to block\n"); |
2066 | exit(1); | 2069 | } else { |
2070 | arg_dbus_user = DBUS_POLICY_FILTER; | ||
2067 | } | 2071 | } |
2068 | arg_dbus_user = DBUS_POLICY_FILTER; | ||
2069 | } else if (strcmp("none", argv[i] + 12) == 0) { | 2072 | } else if (strcmp("none", argv[i] + 12) == 0) { |
2073 | if (arg_dbus_log_user) { | ||
2074 | fprintf(stderr, "Error: --dbus-user.log requires --dbus-user=filter\n"); | ||
2075 | exit(1); | ||
2076 | } | ||
2070 | arg_dbus_user = DBUS_POLICY_BLOCK; | 2077 | arg_dbus_user = DBUS_POLICY_BLOCK; |
2071 | } else { | 2078 | } else { |
2072 | fprintf(stderr, "Unknown dbus-user policy: %s\n", argv[i] + 12); | 2079 | fprintf(stderr, "Unknown dbus-user policy: %s\n", argv[i] + 12); |
2073 | exit(1); | 2080 | exit(1); |
2074 | } | 2081 | } |
2075 | } | 2082 | } |
2083 | else if (strncmp(argv[i], "--dbus-user.see=", 16) == 0) { | ||
2084 | char *line; | ||
2085 | if (asprintf(&line, "dbus-user.see %s", argv[i] + 16) == -1) | ||
2086 | errExit("asprintf"); | ||
2087 | |||
2088 | profile_check_line(line, 0, NULL); // will exit if something wrong | ||
2089 | profile_add(line); | ||
2090 | } | ||
2076 | else if (strncmp(argv[i], "--dbus-user.talk=", 17) == 0) { | 2091 | else if (strncmp(argv[i], "--dbus-user.talk=", 17) == 0) { |
2077 | char *line; | 2092 | char *line; |
2078 | if (asprintf(&line, "dbus-user.talk %s", argv[i] + 17) == -1) | 2093 | if (asprintf(&line, "dbus-user.talk %s", argv[i] + 17) == -1) |
@@ -2089,20 +2104,48 @@ int main(int argc, char **argv, char **envp) { | |||
2089 | profile_check_line(line, 0, NULL); // will exit if something wrong | 2104 | profile_check_line(line, 0, NULL); // will exit if something wrong |
2090 | profile_add(line); | 2105 | profile_add(line); |
2091 | } | 2106 | } |
2107 | else if (strncmp(argv[i], "--dbus-user.call=", 17) == 0) { | ||
2108 | char *line; | ||
2109 | if (asprintf(&line, "dbus-user.call %s", argv[i] + 17) == -1) | ||
2110 | errExit("asprintf"); | ||
2111 | |||
2112 | profile_check_line(line, 0, NULL); // will exit if something wrong | ||
2113 | profile_add(line); | ||
2114 | } | ||
2115 | else if (strncmp(argv[i], "--dbus-user.broadcast=", 22) == 0) { | ||
2116 | char *line; | ||
2117 | if (asprintf(&line, "dbus-user.broadcast %s", argv[i] + 22) == -1) | ||
2118 | errExit("asprintf"); | ||
2119 | |||
2120 | profile_check_line(line, 0, NULL); // will exit if something wrong | ||
2121 | profile_add(line); | ||
2122 | } | ||
2092 | else if (strncmp("--dbus-system=", argv[i], 14) == 0) { | 2123 | else if (strncmp("--dbus-system=", argv[i], 14) == 0) { |
2093 | if (strcmp("filter", argv[i] + 14) == 0) { | 2124 | if (strcmp("filter", argv[i] + 14) == 0) { |
2094 | if (arg_dbus_system == DBUS_POLICY_BLOCK) { | 2125 | if (arg_dbus_system == DBUS_POLICY_BLOCK) { |
2095 | fprintf(stderr, "Error: Cannot relax --dbus-system policy, it is already set to block\n"); | 2126 | fprintf(stderr, "Warning: Cannot relax --dbus-system policy, it is already set to block\n"); |
2096 | exit(1); | 2127 | } else { |
2128 | arg_dbus_system = DBUS_POLICY_FILTER; | ||
2097 | } | 2129 | } |
2098 | arg_dbus_system = DBUS_POLICY_FILTER; | ||
2099 | } else if (strcmp("none", argv[i] + 14) == 0) { | 2130 | } else if (strcmp("none", argv[i] + 14) == 0) { |
2131 | if (arg_dbus_log_system) { | ||
2132 | fprintf(stderr, "Error: --dbus-system.log requires --dbus-system=filter\n"); | ||
2133 | exit(1); | ||
2134 | } | ||
2100 | arg_dbus_system = DBUS_POLICY_BLOCK; | 2135 | arg_dbus_system = DBUS_POLICY_BLOCK; |
2101 | } else { | 2136 | } else { |
2102 | fprintf(stderr, "Unknown dbus-system policy: %s\n", argv[i] + 14); | 2137 | fprintf(stderr, "Unknown dbus-system policy: %s\n", argv[i] + 14); |
2103 | exit(1); | 2138 | exit(1); |
2104 | } | 2139 | } |
2105 | } | 2140 | } |
2141 | else if (strncmp(argv[i], "--dbus-system.see=", 18) == 0) { | ||
2142 | char *line; | ||
2143 | if (asprintf(&line, "dbus-system.see %s", argv[i] + 18) == -1) | ||
2144 | errExit("asprintf"); | ||
2145 | |||
2146 | profile_check_line(line, 0, NULL); // will exit if something wrong | ||
2147 | profile_add(line); | ||
2148 | } | ||
2106 | else if (strncmp(argv[i], "--dbus-system.talk=", 19) == 0) { | 2149 | else if (strncmp(argv[i], "--dbus-system.talk=", 19) == 0) { |
2107 | char *line; | 2150 | char *line; |
2108 | if (asprintf(&line, "dbus-system.talk %s", argv[i] + 19) == -1) | 2151 | if (asprintf(&line, "dbus-system.talk %s", argv[i] + 19) == -1) |
@@ -2119,6 +2162,43 @@ int main(int argc, char **argv, char **envp) { | |||
2119 | profile_check_line(line, 0, NULL); // will exit if something wrong | 2162 | profile_check_line(line, 0, NULL); // will exit if something wrong |
2120 | profile_add(line); | 2163 | profile_add(line); |
2121 | } | 2164 | } |
2165 | else if (strncmp(argv[i], "--dbus-system.call=", 19) == 0) { | ||
2166 | char *line; | ||
2167 | if (asprintf(&line, "dbus-system.call %s", argv[i] + 19) == -1) | ||
2168 | errExit("asprintf"); | ||
2169 | |||
2170 | profile_check_line(line, 0, NULL); // will exit if something wrong | ||
2171 | profile_add(line); | ||
2172 | } | ||
2173 | else if (strncmp(argv[i], "--dbus-system.broadcast=", 24) == 0) { | ||
2174 | char *line; | ||
2175 | if (asprintf(&line, "dbus-system.broadcast %s", argv[i] + 24) == -1) | ||
2176 | errExit("asprintf"); | ||
2177 | |||
2178 | profile_check_line(line, 0, NULL); // will exit if something wrong | ||
2179 | profile_add(line); | ||
2180 | } | ||
2181 | else if (strncmp(argv[i], "--dbus-log=", 11) == 0) { | ||
2182 | if (arg_dbus_log_file != NULL) { | ||
2183 | fprintf(stderr, "Error: --dbus-log option already specified\n"); | ||
2184 | exit(1); | ||
2185 | } | ||
2186 | arg_dbus_log_file = argv[i] + 11; | ||
2187 | } | ||
2188 | else if (strcmp(argv[i], "--dbus-user.log") == 0) { | ||
2189 | if (arg_dbus_user != DBUS_POLICY_FILTER) { | ||
2190 | fprintf(stderr, "Error: --dbus-user.log requires --dbus-user=filter\n"); | ||
2191 | exit(1); | ||
2192 | } | ||
2193 | arg_dbus_log_user = 1; | ||
2194 | } | ||
2195 | else if (strcmp(argv[i], "--dbus-system.log") == 0) { | ||
2196 | if (arg_dbus_system != DBUS_POLICY_FILTER) { | ||
2197 | fprintf(stderr, "Error: --dbus-system.log requires --dbus-system=filter\n"); | ||
2198 | exit(1); | ||
2199 | } | ||
2200 | arg_dbus_log_system = 1; | ||
2201 | } | ||
2122 | 2202 | ||
2123 | //************************************* | 2203 | //************************************* |
2124 | // network | 2204 | // network |
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 0be119903..a87222824 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
@@ -441,10 +441,14 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
441 | if (strcmp("filter", ptr) == 0) { | 441 | if (strcmp("filter", ptr) == 0) { |
442 | if (arg_dbus_user == DBUS_POLICY_BLOCK) { | 442 | if (arg_dbus_user == DBUS_POLICY_BLOCK) { |
443 | fprintf(stderr, "Error: Cannot relax dbus-user policy, it is already set to block\n"); | 443 | fprintf(stderr, "Error: Cannot relax dbus-user policy, it is already set to block\n"); |
444 | exit(1); | 444 | } else { |
445 | arg_dbus_user = DBUS_POLICY_FILTER; | ||
445 | } | 446 | } |
446 | arg_dbus_user = DBUS_POLICY_FILTER; | ||
447 | } else if (strcmp("none", ptr) == 0) { | 447 | } else if (strcmp("none", ptr) == 0) { |
448 | if (arg_dbus_log_user) { | ||
449 | fprintf(stderr, "Error: --dbus-user.log requires --dbus-user=filter\n"); | ||
450 | exit(1); | ||
451 | } | ||
448 | arg_dbus_user = DBUS_POLICY_BLOCK; | 452 | arg_dbus_user = DBUS_POLICY_BLOCK; |
449 | } else { | 453 | } else { |
450 | fprintf(stderr, "Unknown dbus-user policy: %s\n", ptr); | 454 | fprintf(stderr, "Unknown dbus-user policy: %s\n", ptr); |
@@ -452,6 +456,13 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
452 | } | 456 | } |
453 | return 0; | 457 | return 0; |
454 | } | 458 | } |
459 | else if (strncmp(ptr, "dbus-user.see ", 14) == 0) { | ||
460 | if (!dbus_check_name(ptr + 14)) { | ||
461 | printf("Invalid dbus-user.see name: %s\n", ptr + 15); | ||
462 | exit(1); | ||
463 | } | ||
464 | return 1; | ||
465 | } | ||
455 | else if (strncmp(ptr, "dbus-user.talk ", 15) == 0) { | 466 | else if (strncmp(ptr, "dbus-user.talk ", 15) == 0) { |
456 | if (!dbus_check_name(ptr + 15)) { | 467 | if (!dbus_check_name(ptr + 15)) { |
457 | printf("Invalid dbus-user.talk name: %s\n", ptr + 15); | 468 | printf("Invalid dbus-user.talk name: %s\n", ptr + 15); |
@@ -466,15 +477,33 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
466 | } | 477 | } |
467 | return 1; | 478 | return 1; |
468 | } | 479 | } |
480 | else if (strncmp(ptr, "dbus-user.call ", 15) == 0) { | ||
481 | if (!dbus_check_call_rule(ptr + 15)) { | ||
482 | fprintf(stderr, "Invalid dbus-user.call rule: %s\n", ptr + 15); | ||
483 | exit(1); | ||
484 | } | ||
485 | return 1; | ||
486 | } | ||
487 | else if (strncmp(ptr, "dbus-user.broadcast ", 20) == 0) { | ||
488 | if (!dbus_check_call_rule(ptr + 20)) { | ||
489 | fprintf(stderr, "Invalid dbus-user.broadcast rule: %s\n", ptr + 20); | ||
490 | exit(1); | ||
491 | } | ||
492 | return 1; | ||
493 | } | ||
469 | else if (strncmp("dbus-system ", ptr, 12) == 0) { | 494 | else if (strncmp("dbus-system ", ptr, 12) == 0) { |
470 | ptr += 12; | 495 | ptr += 12; |
471 | if (strcmp("filter", ptr) == 0) { | 496 | if (strcmp("filter", ptr) == 0) { |
472 | if (arg_dbus_system == DBUS_POLICY_BLOCK) { | 497 | if (arg_dbus_system == DBUS_POLICY_BLOCK) { |
473 | fprintf(stderr, "Error: Cannot relax dbus-system policy, it is already set to block\n"); | 498 | fprintf(stderr, "Error: Cannot relax dbus-system policy, it is already set to block\n"); |
474 | exit(1); | 499 | } else { |
500 | arg_dbus_system = DBUS_POLICY_FILTER; | ||
475 | } | 501 | } |
476 | arg_dbus_system = DBUS_POLICY_FILTER; | ||
477 | } else if (strcmp("none", ptr) == 0) { | 502 | } else if (strcmp("none", ptr) == 0) { |
503 | if (arg_dbus_log_system) { | ||
504 | fprintf(stderr, "Error: --dbus-system.log requires --dbus-system=filter\n"); | ||
505 | exit(1); | ||
506 | } | ||
478 | arg_dbus_system = DBUS_POLICY_BLOCK; | 507 | arg_dbus_system = DBUS_POLICY_BLOCK; |
479 | } else { | 508 | } else { |
480 | fprintf(stderr, "Unknown dbus-system policy: %s\n", ptr); | 509 | fprintf(stderr, "Unknown dbus-system policy: %s\n", ptr); |
@@ -482,6 +511,13 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
482 | } | 511 | } |
483 | return 0; | 512 | return 0; |
484 | } | 513 | } |
514 | else if (strncmp(ptr, "dbus-system.see ", 16) == 0) { | ||
515 | if (!dbus_check_name(ptr + 16)) { | ||
516 | fprintf(stderr, "Invalid dbus-system.see name: %s\n", ptr + 17); | ||
517 | exit(1); | ||
518 | } | ||
519 | return 1; | ||
520 | } | ||
485 | else if (strncmp(ptr, "dbus-system.talk ", 17) == 0) { | 521 | else if (strncmp(ptr, "dbus-system.talk ", 17) == 0) { |
486 | if (!dbus_check_name(ptr + 17)) { | 522 | if (!dbus_check_name(ptr + 17)) { |
487 | fprintf(stderr, "Invalid dbus-system.talk name: %s\n", ptr + 17); | 523 | fprintf(stderr, "Invalid dbus-system.talk name: %s\n", ptr + 17); |
@@ -496,6 +532,20 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
496 | } | 532 | } |
497 | return 1; | 533 | return 1; |
498 | } | 534 | } |
535 | else if (strncmp(ptr, "dbus-system.call ", 17) == 0) { | ||
536 | if (!dbus_check_call_rule(ptr + 17)) { | ||
537 | fprintf(stderr, "Invalid dbus-system.call rule: %s\n", ptr + 17); | ||
538 | exit(1); | ||
539 | } | ||
540 | return 1; | ||
541 | } | ||
542 | else if (strncmp(ptr, "dbus-system.broadcast ", 22) == 0) { | ||
543 | if (!dbus_check_call_rule(ptr + 22)) { | ||
544 | fprintf(stderr, "Invalid dbus-system.broadcast rule: %s\n", ptr + 22); | ||
545 | exit(1); | ||
546 | } | ||
547 | return 1; | ||
548 | } | ||
499 | else if (strcmp(ptr, "nou2f") == 0) { | 549 | else if (strcmp(ptr, "nou2f") == 0) { |
500 | arg_nou2f = 1; | 550 | arg_nou2f = 1; |
501 | return 0; | 551 | return 0; |
diff --git a/src/firejail/usage.c b/src/firejail/usage.c index 08546fa51..4ab464289 100644 --- a/src/firejail/usage.c +++ b/src/firejail/usage.c | |||
@@ -53,11 +53,20 @@ static char *usage_str = | |||
53 | #endif | 53 | #endif |
54 | " --cpu=cpu-number,cpu-number - set cpu affinity.\n" | 54 | " --cpu=cpu-number,cpu-number - set cpu affinity.\n" |
55 | " --cpu.print=name|pid - print the cpus in use.\n" | 55 | " --cpu.print=name|pid - print the cpus in use.\n" |
56 | " --dbus-log=file - set DBus log file location.\n" | ||
56 | " --dbus-system=filter|none - set system DBus access policy.\n" | 57 | " --dbus-system=filter|none - set system DBus access policy.\n" |
58 | " --dbus-system.broadcast=rule - allow signals on the system DBus according to rule.\n" | ||
59 | " --dbus-system.call=rule - allow calls on the system DBus according to rule.\n" | ||
60 | " --dbus-system.log - turn on logging for the system DBus." | ||
57 | " --dbus-system.own=name - allow ownership of name on the system DBus.\n" | 61 | " --dbus-system.own=name - allow ownership of name on the system DBus.\n" |
62 | " --dbus-system.see=name - allow seeing name on the system DBus.\n" | ||
58 | " --dbus-system.talk=name - allow talking to name on the system DBus.\n" | 63 | " --dbus-system.talk=name - allow talking to name on the system DBus.\n" |
59 | " --dbus-user=filter|none - set session DBus access policy.\n" | 64 | " --dbus-user=filter|none - set session DBus access policy.\n" |
65 | " --dbus-user.broadcast=rule - allow signals on the session DBus according to rule.\n" | ||
66 | " --dbus-user.call=rule - allow calls on the session DBus according to rule.\n" | ||
67 | " --dbus-user.log - turn on logging for the user DBus." | ||
60 | " --dbus-user.own=name - allow ownership of name on the session DBus.\n" | 68 | " --dbus-user.own=name - allow ownership of name on the session DBus.\n" |
69 | " --dbus-user.see=name - allow seeing name on the session DBus.\n" | ||
61 | " --dbus-user.talk=name - allow talking to name on the session DBus.\n" | 70 | " --dbus-user.talk=name - allow talking to name on the session DBus.\n" |
62 | " --debug - print sandbox debug messages.\n" | 71 | " --debug - print sandbox debug messages.\n" |
63 | " --debug-blacklists - debug blacklisting.\n" | 72 | " --debug-blacklists - debug blacklisting.\n" |