diff options
author | netblue30 <netblue30@protonmail.com> | 2022-06-02 17:03:36 -0400 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2022-06-02 17:03:36 -0400 |
commit | 741aaa4f59f3604f6c139fedcf06c0a2f910a60c (patch) | |
tree | a899d718e3ef65b7553eadc858eeb5b1a482fe97 /src/firemon/procevent.c | |
parent | speed up firemon (diff) | |
download | firejail-741aaa4f59f3604f6c139fedcf06c0a2f910a60c.tar.gz firejail-741aaa4f59f3604f6c139fedcf06c0a2f910a60c.tar.zst firejail-741aaa4f59f3604f6c139fedcf06c0a2f910a60c.zip |
firemon rework
Diffstat (limited to 'src/firemon/procevent.c')
-rw-r--r-- | src/firemon/procevent.c | 31 |
1 files changed, 21 insertions, 10 deletions
diff --git a/src/firemon/procevent.c b/src/firemon/procevent.c index ccc1ba1c6..4edbaab07 100644 --- a/src/firemon/procevent.c +++ b/src/firemon/procevent.c | |||
@@ -417,18 +417,18 @@ static void __attribute__((noreturn)) procevent_monitor(const int sock, pid_t my | |||
417 | sprintf(lineptr, " %u", pid); | 417 | sprintf(lineptr, " %u", pid); |
418 | lineptr += strlen(lineptr); | 418 | lineptr += strlen(lineptr); |
419 | 419 | ||
420 | char *user = pids[pid].user; | 420 | char *user = pids[pid].option.event.user; |
421 | if (!user) | 421 | if (!user) |
422 | user = pid_get_user_name(pids[pid].uid); | 422 | user = pid_get_user_name(pids[pid].uid); |
423 | if (user) { | 423 | if (user) { |
424 | pids[pid].user = user; | 424 | pids[pid].option.event.user = user; |
425 | sprintf(lineptr, " (%s)", user); | 425 | sprintf(lineptr, " (%s)", user); |
426 | lineptr += strlen(lineptr); | 426 | lineptr += strlen(lineptr); |
427 | } | 427 | } |
428 | 428 | ||
429 | 429 | ||
430 | int sandbox_closed = 0; // exit sandbox flag | 430 | int sandbox_closed = 0; // exit sandbox flag |
431 | char *cmd = pids[pid].cmd; | 431 | char *cmd = pids[pid].option.event.cmd; |
432 | if (!cmd) { | 432 | if (!cmd) { |
433 | cmd = pid_proc_cmdline(pid); | 433 | cmd = pid_proc_cmdline(pid); |
434 | } | 434 | } |
@@ -465,10 +465,10 @@ static void __attribute__((noreturn)) procevent_monitor(const int sock, pid_t my | |||
465 | 465 | ||
466 | // unflag pid for exit events | 466 | // unflag pid for exit events |
467 | if (remove_pid) { | 467 | if (remove_pid) { |
468 | if (pids[pid].user) | 468 | if (pids[pid].option.event.user) |
469 | free(pids[pid].user); | 469 | free(pids[pid].option.event.user); |
470 | if (pids[pid].cmd) | 470 | if (pids[pid].option.event.cmd) |
471 | free(pids[pid].cmd); | 471 | free(pids[pid].option.event.cmd); |
472 | memset(&pids[pid], 0, sizeof(Process)); | 472 | memset(&pids[pid], 0, sizeof(Process)); |
473 | } | 473 | } |
474 | 474 | ||
@@ -485,9 +485,9 @@ static void __attribute__((noreturn)) procevent_monitor(const int sock, pid_t my | |||
485 | 485 | ||
486 | // on uid events the uid is changing | 486 | // on uid events the uid is changing |
487 | if (proc_ev->what == PROC_EVENT_UID) { | 487 | if (proc_ev->what == PROC_EVENT_UID) { |
488 | if (pids[pid].user) | 488 | if (pids[pid].option.event.user) |
489 | free(pids[pid].user); | 489 | free(pids[pid].option.event.user); |
490 | pids[pid].user = 0; | 490 | pids[pid].option.event.user = 0; |
491 | pids[pid].uid = pid_get_uid(pid); | 491 | pids[pid].uid = pid_get_uid(pid); |
492 | } | 492 | } |
493 | 493 | ||
@@ -505,6 +505,17 @@ void procevent(pid_t pid) { | |||
505 | exit(1); | 505 | exit(1); |
506 | } | 506 | } |
507 | 507 | ||
508 | // set max_pids to the max value allowed by the kernel | ||
509 | FILE *fp = fopen("/proc/sys/kernel/pid_max", "r"); | ||
510 | if (fp) { | ||
511 | int val; | ||
512 | if (fscanf(fp, "%d", &val) == 1) { | ||
513 | if (val >= max_pids) | ||
514 | max_pids = val + 1; | ||
515 | } | ||
516 | fclose(fp); | ||
517 | } | ||
518 | |||
508 | // monitor using netlink | 519 | // monitor using netlink |
509 | int sock = procevent_netlink_setup(); | 520 | int sock = procevent_netlink_setup(); |
510 | if (sock < 0) { | 521 | if (sock < 0) { |