aboutsummaryrefslogtreecommitdiffstats
path: root/src/firemon/procevent.c
diff options
context:
space:
mode:
authorLibravatar netblue30 <netblue30@yahoo.com>2016-02-29 12:21:12 -0500
committerLibravatar netblue30 <netblue30@yahoo.com>2016-02-29 12:21:12 -0500
commitd72a43af068437740cae6b8e0cee774df6d9ef69 (patch)
tree92fa3bd8bf2dbcb60ca0cf66ceceac5cb1919023 /src/firemon/procevent.c
parent0.9.40-rc1 testing (diff)
downloadfirejail-d72a43af068437740cae6b8e0cee774df6d9ef69.tar.gz
firejail-d72a43af068437740cae6b8e0cee774df6d9ef69.tar.zst
firejail-d72a43af068437740cae6b8e0cee774df6d9ef69.zip
firemon fixes
Diffstat (limited to 'src/firemon/procevent.c')
-rw-r--r--src/firemon/procevent.c38
1 files changed, 38 insertions, 0 deletions
diff --git a/src/firemon/procevent.c b/src/firemon/procevent.c
index 71550454a..02425a7ee 100644
--- a/src/firemon/procevent.c
+++ b/src/firemon/procevent.c
@@ -31,7 +31,12 @@
31#define PIDS_BUFLEN 4096 31#define PIDS_BUFLEN 4096
32#define SERVER_PORT 889 // 889-899 is left unassigned by IANA 32#define SERVER_PORT 889 // 889-899 is left unassigned by IANA
33 33
34//#define DEBUG_PRCTL
35
34static int pid_is_firejail(pid_t pid) { 36static int pid_is_firejail(pid_t pid) {
37#ifdef DEBUG_PRCTL
38 printf("%s: %d, pid %d\n", __FUNCTION__, __LINE__, pid);
39#endif
35 uid_t rv = 0; 40 uid_t rv = 0;
36 41
37 // open /proc/self/comm 42 // open /proc/self/comm
@@ -54,6 +59,9 @@ static int pid_is_firejail(pid_t pid) {
54 rv = 1; 59 rv = 1;
55 } 60 }
56 61
62#ifdef DEBUG_PRCTL
63 printf("%s: %d, comm %s, rv %d\n", __FUNCTION__, __LINE__, buf, rv);
64#endif
57 if (rv) { 65 if (rv) {
58 // open /proc/pid/cmdline file 66 // open /proc/pid/cmdline file
59 char *fname; 67 char *fname;
@@ -108,6 +116,9 @@ static int pid_is_firejail(pid_t pid) {
108doexit: 116doexit:
109 fclose(fp); 117 fclose(fp);
110 free(file); 118 free(file);
119#ifdef DEBUG_PRCTL
120 printf("%s: %d: return %d\n", __FUNCTION__, __LINE__, rv);
121#endif
111 return rv; 122 return rv;
112} 123}
113 124
@@ -240,10 +251,16 @@ static int procevent_monitor(const int sock, pid_t mypid) {
240 int remove_pid = 0; 251 int remove_pid = 0;
241 switch (proc_ev->what) { 252 switch (proc_ev->what) {
242 case PROC_EVENT_FORK: 253 case PROC_EVENT_FORK:
254#ifdef DEBUG_PRCTL
255 printf("%s: %d, event fork\n", __FUNCTION__, __LINE__);
256#endif
243 if (proc_ev->event_data.fork.child_pid != 257 if (proc_ev->event_data.fork.child_pid !=
244 proc_ev->event_data.fork.child_tgid) 258 proc_ev->event_data.fork.child_tgid)
245 continue; // this is a thread, not a process 259 continue; // this is a thread, not a process
246 pid = proc_ev->event_data.fork.parent_tgid; 260 pid = proc_ev->event_data.fork.parent_tgid;
261#ifdef DEBUG_PRCTL
262 printf("%s: %d, event fork, pid %d\n", __FUNCTION__, __LINE__, pid);
263#endif
247 if (pids[pid].level > 0) { 264 if (pids[pid].level > 0) {
248 child = proc_ev->event_data.fork.child_tgid; 265 child = proc_ev->event_data.fork.child_tgid;
249 child %= max_pids; 266 child %= max_pids;
@@ -254,6 +271,12 @@ static int procevent_monitor(const int sock, pid_t mypid) {
254 break; 271 break;
255 case PROC_EVENT_EXEC: 272 case PROC_EVENT_EXEC:
256 pid = proc_ev->event_data.exec.process_tgid; 273 pid = proc_ev->event_data.exec.process_tgid;
274#ifdef DEBUG_PRCTL
275 printf("%s: %d, event exec, pid %d\n", __FUNCTION__, __LINE__, pid);
276#endif
277 if (pids[pid].level == -1) {
278 pids[pid].level = 0; // start tracking
279 }
257 sprintf(lineptr, " exec"); 280 sprintf(lineptr, " exec");
258 break; 281 break;
259 282
@@ -263,26 +286,41 @@ static int procevent_monitor(const int sock, pid_t mypid) {
263 continue; // this is a thread, not a process 286 continue; // this is a thread, not a process
264 287
265 pid = proc_ev->event_data.exit.process_tgid; 288 pid = proc_ev->event_data.exit.process_tgid;
289#ifdef DEBUG_PRCTL
290 printf("%s: %d, event exit, pid %d\n", __FUNCTION__, __LINE__, pid);
291#endif
266 remove_pid = 1; 292 remove_pid = 1;
267 sprintf(lineptr, " exit"); 293 sprintf(lineptr, " exit");
268 break; 294 break;
269 295
270 case PROC_EVENT_UID: 296 case PROC_EVENT_UID:
271 pid = proc_ev->event_data.id.process_tgid; 297 pid = proc_ev->event_data.id.process_tgid;
298#ifdef DEBUG_PRCTL
299 printf("%s: %d, event uid, pid %d\n", __FUNCTION__, __LINE__, pid);
300#endif
272 sprintf(lineptr, " uid "); 301 sprintf(lineptr, " uid ");
273 break; 302 break;
274 303
275 case PROC_EVENT_GID: 304 case PROC_EVENT_GID:
276 pid = proc_ev->event_data.id.process_tgid; 305 pid = proc_ev->event_data.id.process_tgid;
306#ifdef DEBUG_PRCTL
307 printf("%s: %d, event gid, pid %d\n", __FUNCTION__, __LINE__, pid);
308#endif
277 sprintf(lineptr, " gid "); 309 sprintf(lineptr, " gid ");
278 break; 310 break;
279 311
280 case PROC_EVENT_SID: 312 case PROC_EVENT_SID:
281 pid = proc_ev->event_data.sid.process_tgid; 313 pid = proc_ev->event_data.sid.process_tgid;
314#ifdef DEBUG_PRCTL
315 printf("%s: %d, event sid, pid %d\n", __FUNCTION__, __LINE__, pid);
316#endif
282 sprintf(lineptr, " sid "); 317 sprintf(lineptr, " sid ");
283 break; 318 break;
284 319
285 default: 320 default:
321#ifdef DEBUG_PRCTL
322 printf("%s: %d, event unknown\n", __FUNCTION__, __LINE__);
323#endif
286 sprintf(lineptr, "\n"); 324 sprintf(lineptr, "\n");
287 continue; 325 continue;
288 } 326 }
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-01 10:59:12 +0000