diff options
| author |  netblue30 <netblue30@yahoo.com> | 2016-11-12 07:36:41 -0500 |
|---|---|---|
| committer | netblue30 <netblue30@yahoo.com> | 2016-11-12 07:36:41 -0500 |
| commit | ca79ff961cc303670f1ccb8841495ddd7f17a76b (patch) | |
| tree | 51de876c47e405afec28eed5562337782265eebe /src/firemon | |
| parent | testing (diff) | |
| download | firejail-ca79ff961cc303670f1ccb8841495ddd7f17a76b.tar.gz firejail-ca79ff961cc303670f1ccb8841495ddd7f17a76b.tar.zst firejail-ca79ff961cc303670f1ccb8841495ddd7f17a76b.zip | |
testing
Diffstat (limited to 'src/firemon')
| -rw-r--r-- | src/firemon/arp.c | 7 | ||||
| -rw-r--r-- | src/firemon/caps.c | 5 | ||||
| -rw-r--r-- | src/firemon/cgroup.c | 6 | ||||
| -rw-r--r-- | src/firemon/cpu.c | 6 | ||||
| -rw-r--r-- | src/firemon/firemon.c | 71 | ||||
| -rw-r--r-- | src/firemon/firemon.h | 18 | ||||
| -rw-r--r-- | src/firemon/interface.c | 12 | ||||
| -rw-r--r-- | src/firemon/route.c | 7 | ||||
| -rw-r--r-- | src/firemon/seccomp.c | 5 | ||||
| -rw-r--r-- | src/firemon/tree.c | 4 | ||||
| -rw-r--r-- | src/firemon/x11.c | 8 |
11 files changed, 89 insertions, 60 deletions
diff --git a/src/firemon/arp.c b/src/firemon/arp.c index d204a0c3a..014f6a904 100644 --- a/src/firemon/arp.c +++ b/src/firemon/arp.c | |||
| @@ -72,14 +72,15 @@ static void print_arp(const char *fname) { | |||
| 72 | 72 | ||
| 73 | } | 73 | } |
| 74 | 74 | ||
| 75 | void arp(pid_t pid) { | 75 | void arp(pid_t pid, int print_procs) { |
| 76 | pid_read(pid); | 76 | pid_read(pid); |
| 77 | 77 | ||
| 78 | // print processes | 78 | // print processes |
| 79 | int i; | 79 | int i; |
| 80 | for (i = 0; i < max_pids; i++) { | 80 | for (i = 0; i < max_pids; i++) { |
| 81 | if (pids[i].level == 1) { | 81 | if (pids[i].level == 1) { |
| 82 | pid_print_list(i, 0); | 82 | if (print_procs || pid == 0) |
| 83 | pid_print_list(i, 0); | ||
| 83 | int child = find_child(i); | 84 | int child = find_child(i); |
| 84 | if (child != -1) { | 85 | if (child != -1) { |
| 85 | char *fname; | 86 | char *fname; |
| @@ -87,10 +88,10 @@ void arp(pid_t pid) { | |||
| 87 | errExit("asprintf"); | 88 | errExit("asprintf"); |
| 88 | print_arp(fname); | 89 | print_arp(fname); |
| 89 | free(fname); | 90 | free(fname); |
| 90 | printf("\n"); | ||
| 91 | } | 91 | } |
| 92 | } | 92 | } |
| 93 | } | 93 | } |
| 94 | printf("\n"); | ||
| 94 | } | 95 | } |
| 95 | 96 | ||
| 96 | 97 | ||
diff --git a/src/firemon/caps.c b/src/firemon/caps.c index 49c7b204b..81877ab87 100644 --- a/src/firemon/caps.c +++ b/src/firemon/caps.c | |||
| @@ -48,14 +48,15 @@ static void print_caps(int pid) { | |||
| 48 | free(file); | 48 | free(file); |
| 49 | } | 49 | } |
| 50 | 50 | ||
| 51 | void caps(pid_t pid) { | 51 | void caps(pid_t pid, int print_procs) { |
| 52 | pid_read(pid); // include all processes | 52 | pid_read(pid); // include all processes |
| 53 | 53 | ||
| 54 | // print processes | 54 | // print processes |
| 55 | int i; | 55 | int i; |
| 56 | for (i = 0; i < max_pids; i++) { | 56 | for (i = 0; i < max_pids; i++) { |
| 57 | if (pids[i].level == 1) { | 57 | if (pids[i].level == 1) { |
| 58 | pid_print_list(i, 0); | 58 | if (print_procs || pid == 0) |
| 59 | pid_print_list(i, 0); | ||
| 59 | int child = find_child(i); | 60 | int child = find_child(i); |
| 60 | if (child != -1) | 61 | if (child != -1) |
| 61 | print_caps(child); | 62 | print_caps(child); |
diff --git a/src/firemon/cgroup.c b/src/firemon/cgroup.c index ec2d350af..e20e1d449 100644 --- a/src/firemon/cgroup.c +++ b/src/firemon/cgroup.c | |||
| @@ -44,18 +44,20 @@ static void print_cgroup(int pid) { | |||
| 44 | free(file); | 44 | free(file); |
| 45 | } | 45 | } |
| 46 | 46 | ||
| 47 | void cgroup(pid_t pid) { | 47 | void cgroup(pid_t pid, int print_procs) { |
| 48 | pid_read(pid); | 48 | pid_read(pid); |
| 49 | 49 | ||
| 50 | // print processes | 50 | // print processes |
| 51 | int i; | 51 | int i; |
| 52 | for (i = 0; i < max_pids; i++) { | 52 | for (i = 0; i < max_pids; i++) { |
| 53 | if (pids[i].level == 1) { | 53 | if (pids[i].level == 1) { |
| 54 | pid_print_list(i, 0); | 54 | if (print_procs || pid == 0) |
| 55 | pid_print_list(i, 0); | ||
| 55 | int child = find_child(i); | 56 | int child = find_child(i); |
| 56 | if (child != -1) | 57 | if (child != -1) |
| 57 | print_cgroup(child); | 58 | print_cgroup(child); |
| 58 | } | 59 | } |
| 59 | } | 60 | } |
| 61 | printf("\n"); | ||
| 60 | } | 62 | } |
| 61 | 63 | ||
diff --git a/src/firemon/cpu.c b/src/firemon/cpu.c index 20fba33d6..47c935686 100644 --- a/src/firemon/cpu.c +++ b/src/firemon/cpu.c | |||
| @@ -48,18 +48,20 @@ static void print_cpu(int pid) { | |||
| 48 | free(file); | 48 | free(file); |
| 49 | } | 49 | } |
| 50 | 50 | ||
| 51 | void cpu(pid_t pid) { | 51 | void cpu(pid_t pid, int print_procs) { |
| 52 | pid_read(pid); | 52 | pid_read(pid); |
| 53 | 53 | ||
| 54 | // print processes | 54 | // print processes |
| 55 | int i; | 55 | int i; |
| 56 | for (i = 0; i < max_pids; i++) { | 56 | for (i = 0; i < max_pids; i++) { |
| 57 | if (pids[i].level == 1) { | 57 | if (pids[i].level == 1) { |
| 58 | pid_print_list(i, 0); | 58 | if (print_procs || pid == 0) |
| 59 | pid_print_list(i, 0); | ||
| 59 | int child = find_child(i); | 60 | int child = find_child(i); |
| 60 | if (child != -1) | 61 | if (child != -1) |
| 61 | print_cpu(child); | 62 | print_cpu(child); |
| 62 | } | 63 | } |
| 63 | } | 64 | } |
| 65 | printf("\n"); | ||
| 64 | } | 66 | } |
| 65 | 67 | ||
diff --git a/src/firemon/firemon.c b/src/firemon/firemon.c index 1ec64bea8..b63e37444 100644 --- a/src/firemon/firemon.c +++ b/src/firemon/firemon.c | |||
| @@ -25,7 +25,6 @@ | |||
| 25 | #include <grp.h> | 25 | #include <grp.h> |
| 26 | #include <sys/stat.h> | 26 | #include <sys/stat.h> |
| 27 | 27 | ||
| 28 | |||
| 29 | static int arg_route = 0; | 28 | static int arg_route = 0; |
| 30 | static int arg_arp = 0; | 29 | static int arg_arp = 0; |
| 31 | static int arg_tree = 0; | 30 | static int arg_tree = 0; |
| @@ -148,8 +147,13 @@ int main(int argc, char **argv) { | |||
| 148 | arg_seccomp = 1; | 147 | arg_seccomp = 1; |
| 149 | else if (strcmp(argv[i], "--caps") == 0) | 148 | else if (strcmp(argv[i], "--caps") == 0) |
| 150 | arg_caps = 1; | 149 | arg_caps = 1; |
| 151 | else if (strcmp(argv[i], "--interface") == 0) | 150 | else if (strcmp(argv[i], "--interface") == 0) { |
| 151 | if (getuid() != 0) { | ||
| 152 | fprintf(stderr, "Error: you need to be root to run this command\n"); | ||
| 153 | exit(1); | ||
| 154 | } | ||
| 152 | arg_interface = 1; | 155 | arg_interface = 1; |
| 156 | } | ||
| 153 | else if (strcmp(argv[i], "--route") == 0) | 157 | else if (strcmp(argv[i], "--route") == 0) |
| 154 | arg_route = 1; | 158 | arg_route = 1; |
| 155 | else if (strcmp(argv[i], "--arp") == 0) | 159 | else if (strcmp(argv[i], "--arp") == 0) |
| @@ -196,10 +200,8 @@ int main(int argc, char **argv) { | |||
| 196 | exit(1); | 200 | exit(1); |
| 197 | } | 201 | } |
| 198 | 202 | ||
| 199 | if (arg_top) | 203 | if (arg_top) { |
| 200 | top(); // never to return | 204 | top(); |
| 201 | if (arg_tree) { | ||
| 202 | tree(); | ||
| 203 | return 0; | 205 | return 0; |
| 204 | } | 206 | } |
| 205 | if (arg_list) { | 207 | if (arg_list) { |
| @@ -212,25 +214,46 @@ int main(int argc, char **argv) { | |||
| 212 | } | 214 | } |
| 213 | 215 | ||
| 214 | // cumulative options | 216 | // cumulative options |
| 215 | if (arg_interface) | 217 | int print_procs = 1; |
| 216 | interface((pid_t) pid); | 218 | if (arg_tree) { |
| 217 | if (arg_route) | 219 | tree((pid_t) pid); |
| 218 | route((pid_t) pid); | 220 | print_procs = 0; |
| 219 | if (arg_arp) | 221 | } |
| 220 | arp((pid_t) pid); | 222 | if (arg_cpu) { |
| 221 | if (arg_seccomp) | 223 | cpu((pid_t) pid, print_procs); |
| 222 | seccomp((pid_t) pid); | 224 | print_procs = 0; |
| 223 | if (arg_caps) | 225 | } |
| 224 | caps((pid_t) pid); | 226 | if (arg_seccomp) { |
| 225 | if (arg_cpu) | 227 | seccomp((pid_t) pid, print_procs); |
| 226 | cpu((pid_t) pid); | 228 | print_procs = 0; |
| 227 | if (arg_cgroup) | 229 | } |
| 228 | cgroup((pid_t) pid); | 230 | if (arg_caps) { |
| 229 | if (arg_x11) | 231 | caps((pid_t) pid, print_procs); |
| 230 | x11((pid_t) pid); | 232 | print_procs = 0; |
| 233 | } | ||
| 234 | if (arg_cgroup) { | ||
| 235 | cgroup((pid_t) pid, print_procs); | ||
| 236 | print_procs = 0; | ||
| 237 | } | ||
| 238 | if (arg_x11) { | ||
| 239 | x11((pid_t) pid, print_procs); | ||
| 240 | print_procs = 0; | ||
| 241 | } | ||
| 242 | if (arg_interface) { | ||
| 243 | interface((pid_t) pid, print_procs); | ||
| 244 | print_procs = 0; | ||
| 245 | } | ||
| 246 | if (arg_route) { | ||
| 247 | route((pid_t) pid, print_procs); | ||
| 248 | print_procs = 0; | ||
| 249 | } | ||
| 250 | if (arg_arp) { | ||
| 251 | arp((pid_t) pid, print_procs); | ||
| 252 | print_procs = 0; | ||
| 253 | } | ||
| 231 | 254 | ||
| 232 | if (!arg_interface && !arg_route && !arg_arp && !arg_seccomp && !arg_caps && !arg_cgroup && !arg_x11) | 255 | if (print_procs) |
| 233 | procevent((pid_t) pid); // never to return | 256 | procevent((pid_t) pid); |
| 234 | 257 | ||
| 235 | return 0; | 258 | return 0; |
| 236 | } | 259 | } |
diff --git a/src/firemon/firemon.h b/src/firemon/firemon.h index c5607a792..c78023888 100644 --- a/src/firemon/firemon.h +++ b/src/firemon/firemon.h | |||
| @@ -54,33 +54,33 @@ void top(void); | |||
| 54 | void list(void); | 54 | void list(void); |
| 55 | 55 | ||
| 56 | // interface.c | 56 | // interface.c |
| 57 | void interface(pid_t pid); | 57 | void interface(pid_t pid, int print_procs); |
| 58 | 58 | ||
| 59 | // arp.c | 59 | // arp.c |
| 60 | void arp(pid_t pid); | 60 | void arp(pid_t pid, int print_procs); |
| 61 | 61 | ||
| 62 | // route.c | 62 | // route.c |
| 63 | void route(pid_t pid); | 63 | void route(pid_t pid, int print_procs); |
| 64 | 64 | ||
| 65 | // caps.c | 65 | // caps.c |
| 66 | void caps(pid_t pid); | 66 | void caps(pid_t pid, int print_procs); |
| 67 | 67 | ||
| 68 | // seccomp.c | 68 | // seccomp.c |
| 69 | void seccomp(pid_t pid); | 69 | void seccomp(pid_t pid, int print_procs); |
| 70 | 70 | ||
| 71 | // cpu.c | 71 | // cpu.c |
| 72 | void cpu(pid_t pid); | 72 | void cpu(pid_t pid, int print_procs); |
| 73 | 73 | ||
| 74 | // cgroup.c | 74 | // cgroup.c |
| 75 | void cgroup(pid_t pid); | 75 | void cgroup(pid_t pid, int print_procs); |
| 76 | 76 | ||
| 77 | // tree.c | 77 | // tree.c |
| 78 | void tree(void); | 78 | void tree(pid_t pid); |
| 79 | 79 | ||
| 80 | // netstats.c | 80 | // netstats.c |
| 81 | void netstats(void); | 81 | void netstats(void); |
| 82 | 82 | ||
| 83 | // x11.c | 83 | // x11.c |
| 84 | void x11(pid_t pid); | 84 | void x11(pid_t pid, int print_procs); |
| 85 | 85 | ||
| 86 | #endif | 86 | #endif |
diff --git a/src/firemon/interface.c b/src/firemon/interface.c index 58990e6e5..def9cd5ac 100644 --- a/src/firemon/interface.c +++ b/src/firemon/interface.c | |||
| @@ -145,7 +145,6 @@ static void print_sandbox(pid_t pid) { | |||
| 145 | if (rv) | 145 | if (rv) |
| 146 | return; | 146 | return; |
| 147 | net_ifprint(); | 147 | net_ifprint(); |
| 148 | printf("\n"); | ||
| 149 | #ifdef HAVE_GCOV | 148 | #ifdef HAVE_GCOV |
| 150 | __gcov_flush(); | 149 | __gcov_flush(); |
| 151 | #endif | 150 | #endif |
| @@ -156,24 +155,21 @@ static void print_sandbox(pid_t pid) { | |||
| 156 | waitpid(child, NULL, 0); | 155 | waitpid(child, NULL, 0); |
| 157 | } | 156 | } |
| 158 | 157 | ||
| 159 | void interface(pid_t pid) { | 158 | void interface(pid_t pid, int print_procs) { |
| 160 | if (getuid() != 0) { | ||
| 161 | fprintf(stderr, "Error: you need to be root to run this command\n"); | ||
| 162 | exit(1); | ||
| 163 | } | ||
| 164 | |||
| 165 | pid_read(pid); // a pid of 0 will include all processes | 159 | pid_read(pid); // a pid of 0 will include all processes |
| 166 | 160 | ||
| 167 | // print processes | 161 | // print processes |
| 168 | int i; | 162 | int i; |
| 169 | for (i = 0; i < max_pids; i++) { | 163 | for (i = 0; i < max_pids; i++) { |
| 170 | if (pids[i].level == 1) { | 164 | if (pids[i].level == 1) { |
| 171 | pid_print_list(i, 0); | 165 | if (print_procs || pid == 0) |
| 166 | pid_print_list(i, 0); | ||
| 172 | int child = find_child(i); | 167 | int child = find_child(i); |
| 173 | if (child != -1) { | 168 | if (child != -1) { |
| 174 | print_sandbox(child); | 169 | print_sandbox(child); |
| 175 | } | 170 | } |
| 176 | } | 171 | } |
| 177 | } | 172 | } |
| 173 | printf("\n"); | ||
| 178 | } | 174 | } |
| 179 | 175 | ||
diff --git a/src/firemon/route.c b/src/firemon/route.c index ac8000b6a..fb58b169d 100644 --- a/src/firemon/route.c +++ b/src/firemon/route.c | |||
| @@ -181,14 +181,15 @@ static void print_route(const char *fname) { | |||
| 181 | 181 | ||
| 182 | } | 182 | } |
| 183 | 183 | ||
| 184 | void route(pid_t pid) { | 184 | void route(pid_t pid, int print_procs) { |
| 185 | pid_read(pid); | 185 | pid_read(pid); |
| 186 | 186 | ||
| 187 | // print processes | 187 | // print processes |
| 188 | int i; | 188 | int i; |
| 189 | for (i = 0; i < max_pids; i++) { | 189 | for (i = 0; i < max_pids; i++) { |
| 190 | if (pids[i].level == 1) { | 190 | if (pids[i].level == 1) { |
| 191 | pid_print_list(i, 0); | 191 | if (print_procs || pid == 0) |
| 192 | pid_print_list(i, 0); | ||
| 192 | int child = find_child(i); | 193 | int child = find_child(i); |
| 193 | if (child != -1) { | 194 | if (child != -1) { |
| 194 | char *fname; | 195 | char *fname; |
| @@ -201,10 +202,10 @@ void route(pid_t pid) { | |||
| 201 | errExit("asprintf"); | 202 | errExit("asprintf"); |
| 202 | print_route(fname); | 203 | print_route(fname); |
| 203 | free(fname); | 204 | free(fname); |
| 204 | printf("\n"); | ||
| 205 | } | 205 | } |
| 206 | } | 206 | } |
| 207 | } | 207 | } |
| 208 | printf("\n"); | ||
| 208 | } | 209 | } |
| 209 | 210 | ||
| 210 | 211 | ||
diff --git a/src/firemon/seccomp.c b/src/firemon/seccomp.c index d4c248f8b..abc698bb8 100644 --- a/src/firemon/seccomp.c +++ b/src/firemon/seccomp.c | |||
| @@ -48,14 +48,15 @@ static void print_seccomp(int pid) { | |||
| 48 | free(file); | 48 | free(file); |
| 49 | } | 49 | } |
| 50 | 50 | ||
| 51 | void seccomp(pid_t pid) { | 51 | void seccomp(pid_t pid, int print_procs) { |
| 52 | pid_read(pid); // include all processes | 52 | pid_read(pid); // include all processes |
| 53 | 53 | ||
| 54 | // print processes | 54 | // print processes |
| 55 | int i; | 55 | int i; |
| 56 | for (i = 0; i < max_pids; i++) { | 56 | for (i = 0; i < max_pids; i++) { |
| 57 | if (pids[i].level == 1) { | 57 | if (pids[i].level == 1) { |
| 58 | pid_print_list(i, 0); | 58 | if (print_procs || pid == 0) |
| 59 | pid_print_list(i, 0); | ||
| 59 | int child = find_child(i); | 60 | int child = find_child(i); |
| 60 | if (child != -1) | 61 | if (child != -1) |
| 61 | print_seccomp(child); | 62 | print_seccomp(child); |
diff --git a/src/firemon/tree.c b/src/firemon/tree.c index f6d22b517..6d8b37ecb 100644 --- a/src/firemon/tree.c +++ b/src/firemon/tree.c | |||
| @@ -19,8 +19,8 @@ | |||
| 19 | */ | 19 | */ |
| 20 | #include "firemon.h" | 20 | #include "firemon.h" |
| 21 | 21 | ||
| 22 | void tree(void) { | 22 | void tree(pid_t pid) { |
| 23 | pid_read(0); // include all processes | 23 | pid_read(pid); |
| 24 | 24 | ||
| 25 | // print processes | 25 | // print processes |
| 26 | int i; | 26 | int i; |
diff --git a/src/firemon/x11.c b/src/firemon/x11.c index c7fe4c616..b0efb090a 100644 --- a/src/firemon/x11.c +++ b/src/firemon/x11.c | |||
| @@ -22,14 +22,15 @@ | |||
| 22 | #include <sys/stat.h> | 22 | #include <sys/stat.h> |
| 23 | #include <unistd.h> | 23 | #include <unistd.h> |
| 24 | 24 | ||
| 25 | void x11(pid_t pid) { | 25 | void x11(pid_t pid, int print_procs) { |
| 26 | pid_read(pid); | 26 | pid_read(pid); |
| 27 | 27 | ||
| 28 | // print processes | 28 | // print processes |
| 29 | int i; | 29 | int i; |
| 30 | for (i = 0; i < max_pids; i++) { | 30 | for (i = 0; i < max_pids; i++) { |
| 31 | if (pids[i].level == 1) { | 31 | if (pids[i].level == 1) { |
| 32 | pid_print_list(i, 0); | 32 | if (print_procs || pid == 0) |
| 33 | pid_print_list(i, 0); | ||
| 33 | 34 | ||
| 34 | char *x11file; | 35 | char *x11file; |
| 35 | // todo: use macro from src/firejail/firejail.h for /run/firejail/x11 directory | 36 | // todo: use macro from src/firejail/firejail.h for /run/firejail/x11 directory |
| @@ -46,12 +47,13 @@ void x11(pid_t pid) { | |||
| 46 | int display; | 47 | int display; |
| 47 | int rv = fscanf(fp, "%d", &display); | 48 | int rv = fscanf(fp, "%d", &display); |
| 48 | if (rv == 1) | 49 | if (rv == 1) |
| 49 | printf(" DISPLAY :%d\n", display); | 50 | printf(" DISPLAY :%d\n", display); |
| 50 | fclose(fp); | 51 | fclose(fp); |
| 51 | } | 52 | } |
| 52 | 53 | ||
| 53 | free(x11file); | 54 | free(x11file); |
| 54 | } | 55 | } |
| 55 | } | 56 | } |
| 57 | printf("\n"); | ||
| 56 | } | 58 | } |
| 57 | 59 | ||