diff options
author | netblue30 <netblue30@yahoo.com> | 2016-02-24 12:55:06 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-02-24 12:55:06 -0500 |
commit | 89535f782c19fd8396fd013d4b38d746f3faed95 (patch) | |
tree | 255335eea7b669906fe2989a880b0f2ac595999b /src/firemon | |
parent | allow --interface only to root user for --enable-network=restricted (diff) | |
download | firejail-89535f782c19fd8396fd013d4b38d746f3faed95.tar.gz firejail-89535f782c19fd8396fd013d4b38d746f3faed95.tar.zst firejail-89535f782c19fd8396fd013d4b38d746f3faed95.zip |
x11 work
Diffstat (limited to 'src/firemon')
-rw-r--r-- | src/firemon/firemon.c | 6 | ||||
-rw-r--r-- | src/firemon/x11.c | 60 |
2 files changed, 66 insertions, 0 deletions
diff --git a/src/firemon/firemon.c b/src/firemon/firemon.c index 679c5a3e9..c19c344b0 100644 --- a/src/firemon/firemon.c +++ b/src/firemon/firemon.c | |||
@@ -33,6 +33,7 @@ static int arg_seccomp = 0; | |||
33 | static int arg_caps = 0; | 33 | static int arg_caps = 0; |
34 | static int arg_cpu = 0; | 34 | static int arg_cpu = 0; |
35 | static int arg_cgroup = 0; | 35 | static int arg_cgroup = 0; |
36 | static int arg_x11 = 0; | ||
36 | int arg_nowrap = 0; | 37 | int arg_nowrap = 0; |
37 | 38 | ||
38 | static struct termios tlocal; // startup terminal setting | 39 | static struct termios tlocal; // startup terminal setting |
@@ -141,6 +142,9 @@ int main(int argc, char **argv) { | |||
141 | 142 | ||
142 | 143 | ||
143 | // cumulative options with or without a pid argument | 144 | // cumulative options with or without a pid argument |
145 | else if (strcmp(argv[i], "--x11") == 0) { | ||
146 | arg_x11 = 1; | ||
147 | } | ||
144 | else if (strcmp(argv[i], "--cgroup") == 0) { | 148 | else if (strcmp(argv[i], "--cgroup") == 0) { |
145 | arg_cgroup = 1; | 149 | arg_cgroup = 1; |
146 | } | 150 | } |
@@ -217,6 +221,8 @@ int main(int argc, char **argv) { | |||
217 | cpu((pid_t) pid); | 221 | cpu((pid_t) pid); |
218 | if (arg_cgroup) | 222 | if (arg_cgroup) |
219 | cgroup((pid_t) pid); | 223 | cgroup((pid_t) pid); |
224 | if (arg_x11) | ||
225 | x11((pid_t) pid); | ||
220 | 226 | ||
221 | if (!arg_route && !arg_arp && !arg_interface && !arg_tree && !arg_caps && !arg_seccomp) | 227 | if (!arg_route && !arg_arp && !arg_interface && !arg_tree && !arg_caps && !arg_seccomp) |
222 | procevent((pid_t) pid); // never to return | 228 | procevent((pid_t) pid); // never to return |
diff --git a/src/firemon/x11.c b/src/firemon/x11.c new file mode 100644 index 000000000..e30c2d78b --- /dev/null +++ b/src/firemon/x11.c | |||
@@ -0,0 +1,60 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2014-2016 netblue30 (netblue30@yahoo.com) | ||
3 | * | ||
4 | * This file is part of firejail project | ||
5 | * | ||
6 | * This program is free software; you can redistribute it and/or modify | ||
7 | * it under the terms of the GNU General Public License as published by | ||
8 | * the Free Software Foundation; either version 2 of the License, or | ||
9 | * (at your option) any later version. | ||
10 | * | ||
11 | * This program is distributed in the hope that it will be useful, | ||
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
14 | * GNU General Public License for more details. | ||
15 | * | ||
16 | * You should have received a copy of the GNU General Public License along | ||
17 | * with this program; if not, write to the Free Software Foundation, Inc., | ||
18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | ||
19 | */ | ||
20 | #include "firemon.h" | ||
21 | #include <sys/types.h> | ||
22 | #include <sys/stat.h> | ||
23 | #include <unistd.h> | ||
24 | |||
25 | void x11(pid_t pid) { | ||
26 | if (getuid() == 0) | ||
27 | firemon_drop_privs(); | ||
28 | |||
29 | pid_read(pid); | ||
30 | |||
31 | // print processes | ||
32 | int i; | ||
33 | for (i = 0; i < max_pids; i++) { | ||
34 | if (pids[i].level == 1) { | ||
35 | pid_print_list(i, 0); | ||
36 | |||
37 | char *x11file; | ||
38 | // todo: use macro from src/firejail/firejail.h for /run/firejail/x11 directory | ||
39 | if (asprintf(&x11file, "/run/firejail/x11/%d", i) == -1) | ||
40 | errExit("asprintf"); | ||
41 | |||
42 | struct stat s; | ||
43 | if (stat(x11file, &s) == 0) { | ||
44 | FILE *fp = fopen(x11file, "r"); | ||
45 | if (!fp) { | ||
46 | free(x11file); | ||
47 | continue; | ||
48 | } | ||
49 | int display; | ||
50 | int rv = fscanf(fp, "%d", &display); | ||
51 | if (rv == 1) | ||
52 | printf(" DISPLAY :%d\n", display); | ||
53 | fclose(fp); | ||
54 | } | ||
55 | |||
56 | free(x11file); | ||
57 | } | ||
58 | } | ||
59 | } | ||
60 | |||