more on disable cgroups

author: netblue30 <netblue30@protonmail.com> 2022-06-13 09:26:37 -0400
committer: netblue30 <netblue30@protonmail.com> 2022-06-13 09:26:37 -0400
commit: 95544a17fac7e5fb2b0eabe3d96305813fc96a1b (patch)
tree: ca0259eb8523de487c297f2a14e23f87d512b17d /src/firemon
parent: disable cgroup code (diff)
download: firejail-95544a17fac7e5fb2b0eabe3d96305813fc96a1b.tar.gz
firejail-95544a17fac7e5fb2b0eabe3d96305813fc96a1b.tar.zst
firejail-95544a17fac7e5fb2b0eabe3d96305813fc96a1b.zip
4 files changed, 1 insertions, 76 deletions
diff --git a/src/firemon/cgroup.c b/src/firemon/cgroup.c
deleted file mode 100644
index 7ef76fa46..000000000
--- a/src/firemon/cgroup.c
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * Copyright (C) 2014-2022 Firejail Authors
- *
- * This file is part of firejail project
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License along
- * with this program; if not, write to the Free Software Foundation, Inc.,
- * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-*/
-#include "firemon.h"
-#define MAXBUF 4098
-static void print_cgroup(int pid) {
-        char *file;
-        if (asprintf(&file, "/proc/%d/cgroup", pid) == -1) {
-                errExit("asprintf");
-                exit(1);
-        }
-        FILE *fp = fopen(file, "r");
-        if (!fp) {
-                printf("  Error: cannot open %s\n", file);
-                free(file);
-                return;
-        }
-        char buf[MAXBUF];
-        if (fgets(buf, MAXBUF, fp)) {
-                printf("  %s", buf);
-                fflush(0);
-        }
-        fclose(fp);
-        free(file);
-}
-void cgroup(pid_t pid, int print_procs) {
-        pid_read(pid);
-        // print processes
-        printf("  cgroup: ");
-        int i;
-        for (i = 0; i < max_pids; i++) {
-                if (pids[i].level == 1) {
-                        if (print_procs || pid == 0)
-                                pid_print_list(i, arg_wrap);
-                        int child = find_child(i);
-                        if (child != -1)
-                                print_cgroup(child);
-                }
-        }
-        printf("\n");
-}
diff --git a/src/firemon/firemon.c b/src/firemon/firemon.c
index 91406d6a7..4ee319a7e 100644
--- a/src/firemon/firemon.c
+++ b/src/firemon/firemon.c
@@ -34,7 +34,6 @@ static int arg_interface = 0;
 static int arg_seccomp = 0;
 static int arg_caps = 0;
 static int arg_cpu = 0;
-static int arg_cgroup = 0;
 static int arg_x11 = 0;
 static int arg_top = 0;
 static int arg_list = 0;
@@ -173,8 +172,6 @@ int main(int argc, char **argv) {
                // cumulative options with or without a pid argument
                else if (strcmp(argv[i], "--x11") == 0)
                        arg_x11 = 1;
-                else if (strcmp(argv[i], "--cgroup") == 0)
-                        arg_cgroup = 1;
                else if (strcmp(argv[i], "--cpu") == 0)
                        arg_cpu = 1;
                else if (strcmp(argv[i], "--seccomp") == 0)
@@ -264,12 +261,11 @@ int main(int argc, char **argv) {
        // if --name requested without other options, print all data
        if (pid && !arg_cpu && !arg_seccomp && !arg_caps && !arg_apparmor &&
-            !arg_cgroup && !arg_x11 && !arg_interface && !arg_route && !arg_arp) {
+            !arg_x11 && !arg_interface && !arg_route && !arg_arp) {
                arg_tree = 1;
                arg_cpu = 1;
                arg_seccomp = 1;
                arg_caps = 1;
-                arg_cgroup = 1;
                arg_x11 = 1;
                arg_interface = 1;
                arg_route = 1;
@@ -295,10 +291,6 @@ int main(int argc, char **argv) {
                apparmor((pid_t) pid, print_procs);
                print_procs = 0;
        }
-        if (arg_cgroup) {
-                cgroup((pid_t) pid, print_procs);
-                print_procs = 0;
-        }
        if (arg_x11) {
                x11((pid_t) pid, print_procs);
                print_procs = 0;
diff --git a/src/firemon/firemon.h b/src/firemon/firemon.h
index 2fa294e8d..d12091217 100644
--- a/src/firemon/firemon.h
+++ b/src/firemon/firemon.h
@@ -75,9 +75,6 @@ void seccomp(pid_t pid, int print_procs);
 // cpu.c
 void cpu(pid_t pid, int print_procs);
-// cgroup.c
-void cgroup(pid_t pid, int print_procs);
 // tree.c
 void tree(pid_t pid);
diff --git a/src/firemon/usage.c b/src/firemon/usage.c
index c6a664790..a1b6098ef 100644
--- a/src/firemon/usage.c
+++ b/src/firemon/usage.c
@@ -29,7 +29,6 @@ static char *help_str =
        "\t--apparmor - print AppArmor confinement status for each sandbox.\n\n"
        "\t--arp - print ARP table for each sandbox.\n\n"
        "\t--caps - print capabilities configuration for each sandbox.\n\n"
-        "\t--cgroup - print control group information for each sandbox.\n\n"
        "\t--cpu - print CPU affinity for each sandbox.\n\n"
        "\t--debug - print debug messages.\n\n"
        "\t--help, -? - this help screen.\n\n"
author	netblue30 <netblue30@protonmail.com>	2022-06-13 09:26:37 -0400
committer	netblue30 <netblue30@protonmail.com>	2022-06-13 09:26:37 -0400
commit	95544a17fac7e5fb2b0eabe3d96305813fc96a1b (patch)
tree	ca0259eb8523de487c297f2a14e23f87d512b17d /src/firemon
parent	disable cgroup code (diff)
download	firejail-95544a17fac7e5fb2b0eabe3d96305813fc96a1b.tar.gz firejail-95544a17fac7e5fb2b0eabe3d96305813fc96a1b.tar.zst firejail-95544a17fac7e5fb2b0eabe3d96305813fc96a1b.zip

diff --git a/src/firemon/cgroup.c b/src/firemon/cgroup.c deleted file mode 100644 index 7ef76fa46..000000000 --- a/src/firemon/cgroup.c +++ /dev/null
@@ -1,63 +0,0 @@
1	/*
2	* Copyright (C) 2014-2022 Firejail Authors
3	*
4	* This file is part of firejail project
5	*
6	* This program is free software; you can redistribute it and/or modify
7	* it under the terms of the GNU General Public License as published by
8	* the Free Software Foundation; either version 2 of the License, or
9	* (at your option) any later version.
10	*
11	* This program is distributed in the hope that it will be useful,
12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14	* GNU General Public License for more details.
15	*
16	* You should have received a copy of the GNU General Public License along
17	* with this program; if not, write to the Free Software Foundation, Inc.,
18	* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
19	*/
20	#include "firemon.h"
21	#define MAXBUF 4098
22
23	static void print_cgroup(int pid) {
24	char *file;
25	if (asprintf(&file, "/proc/%d/cgroup", pid) == -1) {
26	errExit("asprintf");
27	exit(1);
28	}
29
30	FILE *fp = fopen(file, "r");
31	if (!fp) {
32	printf(" Error: cannot open %s\n", file);
33	free(file);
34	return;
35	}
36
37	char buf[MAXBUF];
38	if (fgets(buf, MAXBUF, fp)) {
39	printf(" %s", buf);
40	fflush(0);
41	}
42
43	fclose(fp);
44	free(file);
45	}
46
47	void cgroup(pid_t pid, int print_procs) {
48	pid_read(pid);
49
50	// print processes
51	printf(" cgroup: ");
52	int i;
53	for (i = 0; i < max_pids; i++) {
54	if (pids[i].level == 1) {
55	if (print_procs \|\| pid == 0)
56	pid_print_list(i, arg_wrap);
57	int child = find_child(i);
58	if (child != -1)
59	print_cgroup(child);
60	}
61	}
62	printf("\n");
63	}


diff --git a/src/firemon/firemon.c b/src/firemon/firemon.c index 91406d6a7..4ee319a7e 100644 --- a/src/firemon/firemon.c +++ b/src/firemon/firemon.c
@@ -34,7 +34,6 @@ static int arg_interface = 0;
34	static int arg_seccomp = 0;	34	static int arg_seccomp = 0;
35	static int arg_caps = 0;	35	static int arg_caps = 0;
36	static int arg_cpu = 0;	36	static int arg_cpu = 0;
37	static int arg_cgroup = 0;
38	static int arg_x11 = 0;	37	static int arg_x11 = 0;
39	static int arg_top = 0;	38	static int arg_top = 0;
40	static int arg_list = 0;	39	static int arg_list = 0;
@@ -173,8 +172,6 @@ int main(int argc, char **argv) {
173	// cumulative options with or without a pid argument	172	// cumulative options with or without a pid argument
174	else if (strcmp(argv[i], "--x11") == 0)	173	else if (strcmp(argv[i], "--x11") == 0)
175	arg_x11 = 1;	174	arg_x11 = 1;
176	else if (strcmp(argv[i], "--cgroup") == 0)
177	arg_cgroup = 1;
178	else if (strcmp(argv[i], "--cpu") == 0)	175	else if (strcmp(argv[i], "--cpu") == 0)
179	arg_cpu = 1;	176	arg_cpu = 1;
180	else if (strcmp(argv[i], "--seccomp") == 0)	177	else if (strcmp(argv[i], "--seccomp") == 0)
@@ -264,12 +261,11 @@ int main(int argc, char **argv) {
264		261
265	// if --name requested without other options, print all data	262	// if --name requested without other options, print all data
266	if (pid && !arg_cpu && !arg_seccomp && !arg_caps && !arg_apparmor &&	263	if (pid && !arg_cpu && !arg_seccomp && !arg_caps && !arg_apparmor &&
267	!arg_cgroup && !arg_x11 && !arg_interface && !arg_route && !arg_arp) {	264	!arg_x11 && !arg_interface && !arg_route && !arg_arp) {
268	arg_tree = 1;	265	arg_tree = 1;
269	arg_cpu = 1;	266	arg_cpu = 1;
270	arg_seccomp = 1;	267	arg_seccomp = 1;
271	arg_caps = 1;	268	arg_caps = 1;
272	arg_cgroup = 1;
273	arg_x11 = 1;	269	arg_x11 = 1;
274	arg_interface = 1;	270	arg_interface = 1;
275	arg_route = 1;	271	arg_route = 1;
@@ -295,10 +291,6 @@ int main(int argc, char **argv) {
295	apparmor((pid_t) pid, print_procs);	291	apparmor((pid_t) pid, print_procs);
296	print_procs = 0;	292	print_procs = 0;
297	}	293	}
298	if (arg_cgroup) {
299	cgroup((pid_t) pid, print_procs);
300	print_procs = 0;
301	}
302	if (arg_x11) {	294	if (arg_x11) {
303	x11((pid_t) pid, print_procs);	295	x11((pid_t) pid, print_procs);
304	print_procs = 0;	296	print_procs = 0;


diff --git a/src/firemon/firemon.h b/src/firemon/firemon.h index 2fa294e8d..d12091217 100644 --- a/src/firemon/firemon.h +++ b/src/firemon/firemon.h
@@ -75,9 +75,6 @@ void seccomp(pid_t pid, int print_procs);
75	// cpu.c	75	// cpu.c
76	void cpu(pid_t pid, int print_procs);	76	void cpu(pid_t pid, int print_procs);
77		77
78	// cgroup.c
79	void cgroup(pid_t pid, int print_procs);
80
81	// tree.c	78	// tree.c
82	void tree(pid_t pid);	79	void tree(pid_t pid);
83		80


diff --git a/src/firemon/usage.c b/src/firemon/usage.c index c6a664790..a1b6098ef 100644 --- a/src/firemon/usage.c +++ b/src/firemon/usage.c
@@ -29,7 +29,6 @@ static char *help_str =
29	"\t--apparmor - print AppArmor confinement status for each sandbox.\n\n"	29	"\t--apparmor - print AppArmor confinement status for each sandbox.\n\n"
30	"\t--arp - print ARP table for each sandbox.\n\n"	30	"\t--arp - print ARP table for each sandbox.\n\n"
31	"\t--caps - print capabilities configuration for each sandbox.\n\n"	31	"\t--caps - print capabilities configuration for each sandbox.\n\n"
32	"\t--cgroup - print control group information for each sandbox.\n\n"
33	"\t--cpu - print CPU affinity for each sandbox.\n\n"	32	"\t--cpu - print CPU affinity for each sandbox.\n\n"
34	"\t--debug - print debug messages.\n\n"	33	"\t--debug - print debug messages.\n\n"
35	"\t--help, -? - this help screen.\n\n"	34	"\t--help, -? - this help screen.\n\n"