diff options
| author |  netblue30 <netblue30@yahoo.com> | 2017-03-04 13:49:31 -0500 |
|---|---|---|
| committer | netblue30 <netblue30@yahoo.com> | 2017-03-04 13:49:31 -0500 |
| commit | d9c217d42bf4ce9242807e892ddc33dcf752f947 (patch) | |
| tree | ce030e00be7a015c060c515ad6696ab6c91d5838 /src/firemon | |
| parent | --output enhancement (diff) | |
| download | firejail-d9c217d42bf4ce9242807e892ddc33dcf752f947.tar.gz firejail-d9c217d42bf4ce9242807e892ddc33dcf752f947.tar.zst firejail-d9c217d42bf4ce9242807e892ddc33dcf752f947.zip | |
fix and document firemon --nowrap
Diffstat (limited to 'src/firemon')
| -rw-r--r-- | src/firemon/arp.c | 2 | ||||
| -rw-r--r-- | src/firemon/caps.c | 6 | ||||
| -rw-r--r-- | src/firemon/cgroup.c | 2 | ||||
| -rw-r--r-- | src/firemon/cpu.c | 6 | ||||
| -rw-r--r-- | src/firemon/interface.c | 2 | ||||
| -rw-r--r-- | src/firemon/list.c | 2 | ||||
| -rw-r--r-- | src/firemon/procevent.c | 21 | ||||
| -rw-r--r-- | src/firemon/route.c | 2 | ||||
| -rw-r--r-- | src/firemon/seccomp.c | 6 | ||||
| -rw-r--r-- | src/firemon/usage.c | 1 | ||||
| -rw-r--r-- | src/firemon/x11.c | 2 |
11 files changed, 22 insertions, 30 deletions
diff --git a/src/firemon/arp.c b/src/firemon/arp.c index cef48fb0d..d30983e4a 100644 --- a/src/firemon/arp.c +++ b/src/firemon/arp.c | |||
| @@ -80,7 +80,7 @@ void arp(pid_t pid, int print_procs) { | |||
| 80 | for (i = 0; i < max_pids; i++) { | 80 | for (i = 0; i < max_pids; i++) { |
| 81 | if (pids[i].level == 1) { | 81 | if (pids[i].level == 1) { |
| 82 | if (print_procs || pid == 0) | 82 | if (print_procs || pid == 0) |
| 83 | pid_print_list(i, 0); | 83 | pid_print_list(i, arg_nowrap); |
| 84 | int child = find_child(i); | 84 | int child = find_child(i); |
| 85 | if (child != -1) { | 85 | if (child != -1) { |
| 86 | char *fname; | 86 | char *fname; |
diff --git a/src/firemon/caps.c b/src/firemon/caps.c index 8837c9ee7..a13b784a2 100644 --- a/src/firemon/caps.c +++ b/src/firemon/caps.c | |||
| @@ -38,9 +38,7 @@ static void print_caps(int pid) { | |||
| 38 | if (strncmp(buf, "CapBnd:", 7) == 0) { | 38 | if (strncmp(buf, "CapBnd:", 7) == 0) { |
| 39 | printf(" %s", buf); | 39 | printf(" %s", buf); |
| 40 | fflush(0); | 40 | fflush(0); |
| 41 | free(file); | 41 | break; |
| 42 | fclose(fp); | ||
| 43 | return; | ||
| 44 | } | 42 | } |
| 45 | } | 43 | } |
| 46 | fclose(fp); | 44 | fclose(fp); |
| @@ -55,7 +53,7 @@ void caps(pid_t pid, int print_procs) { | |||
| 55 | for (i = 0; i < max_pids; i++) { | 53 | for (i = 0; i < max_pids; i++) { |
| 56 | if (pids[i].level == 1) { | 54 | if (pids[i].level == 1) { |
| 57 | if (print_procs || pid == 0) | 55 | if (print_procs || pid == 0) |
| 58 | pid_print_list(i, 0); | 56 | pid_print_list(i, arg_nowrap); |
| 59 | int child = find_child(i); | 57 | int child = find_child(i); |
| 60 | if (child != -1) | 58 | if (child != -1) |
| 61 | print_caps(child); | 59 | print_caps(child); |
diff --git a/src/firemon/cgroup.c b/src/firemon/cgroup.c index bbb28f619..48427210b 100644 --- a/src/firemon/cgroup.c +++ b/src/firemon/cgroup.c | |||
| @@ -52,7 +52,7 @@ void cgroup(pid_t pid, int print_procs) { | |||
| 52 | for (i = 0; i < max_pids; i++) { | 52 | for (i = 0; i < max_pids; i++) { |
| 53 | if (pids[i].level == 1) { | 53 | if (pids[i].level == 1) { |
| 54 | if (print_procs || pid == 0) | 54 | if (print_procs || pid == 0) |
| 55 | pid_print_list(i, 0); | 55 | pid_print_list(i, arg_nowrap); |
| 56 | int child = find_child(i); | 56 | int child = find_child(i); |
| 57 | if (child != -1) | 57 | if (child != -1) |
| 58 | print_cgroup(child); | 58 | print_cgroup(child); |
diff --git a/src/firemon/cpu.c b/src/firemon/cpu.c index 47c935686..2a6979573 100644 --- a/src/firemon/cpu.c +++ b/src/firemon/cpu.c | |||
| @@ -39,9 +39,7 @@ static void print_cpu(int pid) { | |||
| 39 | if (strncmp(buf, "Cpus_allowed_list:", 18) == 0) { | 39 | if (strncmp(buf, "Cpus_allowed_list:", 18) == 0) { |
| 40 | printf(" %s", buf); | 40 | printf(" %s", buf); |
| 41 | fflush(0); | 41 | fflush(0); |
| 42 | free(file); | 42 | break; |
| 43 | fclose(fp); | ||
| 44 | return; | ||
| 45 | } | 43 | } |
| 46 | } | 44 | } |
| 47 | fclose(fp); | 45 | fclose(fp); |
| @@ -56,7 +54,7 @@ void cpu(pid_t pid, int print_procs) { | |||
| 56 | for (i = 0; i < max_pids; i++) { | 54 | for (i = 0; i < max_pids; i++) { |
| 57 | if (pids[i].level == 1) { | 55 | if (pids[i].level == 1) { |
| 58 | if (print_procs || pid == 0) | 56 | if (print_procs || pid == 0) |
| 59 | pid_print_list(i, 0); | 57 | pid_print_list(i, arg_nowrap); |
| 60 | int child = find_child(i); | 58 | int child = find_child(i); |
| 61 | if (child != -1) | 59 | if (child != -1) |
| 62 | print_cpu(child); | 60 | print_cpu(child); |
diff --git a/src/firemon/interface.c b/src/firemon/interface.c index ba3c9fceb..77dd1f277 100644 --- a/src/firemon/interface.c +++ b/src/firemon/interface.c | |||
| @@ -163,7 +163,7 @@ void interface(pid_t pid, int print_procs) { | |||
| 163 | for (i = 0; i < max_pids; i++) { | 163 | for (i = 0; i < max_pids; i++) { |
| 164 | if (pids[i].level == 1) { | 164 | if (pids[i].level == 1) { |
| 165 | if (print_procs || pid == 0) | 165 | if (print_procs || pid == 0) |
| 166 | pid_print_list(i, 0); | 166 | pid_print_list(i, arg_nowrap); |
| 167 | int child = find_child(i); | 167 | int child = find_child(i); |
| 168 | if (child != -1) { | 168 | if (child != -1) { |
| 169 | print_sandbox(child); | 169 | print_sandbox(child); |
diff --git a/src/firemon/list.c b/src/firemon/list.c index 1df737e8c..2152df31f 100644 --- a/src/firemon/list.c +++ b/src/firemon/list.c | |||
| @@ -26,7 +26,7 @@ void list(void) { | |||
| 26 | int i; | 26 | int i; |
| 27 | for (i = 0; i < max_pids; i++) { | 27 | for (i = 0; i < max_pids; i++) { |
| 28 | if (pids[i].level == 1) | 28 | if (pids[i].level == 1) |
| 29 | pid_print_list(i, 0); | 29 | pid_print_list(i, arg_nowrap); |
| 30 | } | 30 | } |
| 31 | } | 31 | } |
| 32 | 32 | ||
diff --git a/src/firemon/procevent.c b/src/firemon/procevent.c index ebcb7a72c..378bdefe9 100644 --- a/src/firemon/procevent.c +++ b/src/firemon/procevent.c | |||
| @@ -150,10 +150,8 @@ doexit: | |||
| 150 | static int procevent_netlink_setup(void) { | 150 | static int procevent_netlink_setup(void) { |
| 151 | // open socket for process event connector | 151 | // open socket for process event connector |
| 152 | int sock; | 152 | int sock; |
| 153 | if ((sock = socket(PF_NETLINK, SOCK_DGRAM, NETLINK_CONNECTOR)) < 0) { | 153 | if ((sock = socket(PF_NETLINK, SOCK_DGRAM, NETLINK_CONNECTOR)) < 0) |
| 154 | fprintf(stderr, "Error: cannot open netlink socket\n"); | 154 | goto errexit; |
| 155 | exit(1); | ||
| 156 | } | ||
| 157 | 155 | ||
| 158 | // bind socket | 156 | // bind socket |
| 159 | struct sockaddr_nl addr; | 157 | struct sockaddr_nl addr; |
| @@ -161,10 +159,8 @@ static int procevent_netlink_setup(void) { | |||
| 161 | addr.nl_pid = getpid(); | 159 | addr.nl_pid = getpid(); |
| 162 | addr.nl_family = AF_NETLINK; | 160 | addr.nl_family = AF_NETLINK; |
| 163 | addr.nl_groups = CN_IDX_PROC; | 161 | addr.nl_groups = CN_IDX_PROC; |
| 164 | if (bind(sock, (struct sockaddr *)&addr, sizeof(addr)) < 0) { | 162 | if (bind(sock, (struct sockaddr *)&addr, sizeof(addr)) < 0) |
| 165 | fprintf(stderr, "Error: cannot bind to netlink socket\n"); | 163 | goto errexit; |
| 166 | exit(1); | ||
| 167 | } | ||
| 168 | 164 | ||
| 169 | // send monitoring message | 165 | // send monitoring message |
| 170 | struct nlmsghdr nlmsghdr; | 166 | struct nlmsghdr nlmsghdr; |
| @@ -189,12 +185,13 @@ static int procevent_netlink_setup(void) { | |||
| 189 | iov[2].iov_base = &op; | 185 | iov[2].iov_base = &op; |
| 190 | iov[2].iov_len = sizeof(op); | 186 | iov[2].iov_len = sizeof(op); |
| 191 | 187 | ||
| 192 | if (writev(sock, iov, 3) == -1) { | 188 | if (writev(sock, iov, 3) == -1) |
| 193 | fprintf(stderr, "Error: cannot write to netlink socket\n"); | 189 | goto errexit; |
| 194 | exit(1); | ||
| 195 | } | ||
| 196 | 190 | ||
| 197 | return sock; | 191 | return sock; |
| 192 | errexit: | ||
| 193 | fprintf(stderr, "Error: netlink socket problem\n"); | ||
| 194 | exit(1); | ||
| 198 | } | 195 | } |
| 199 | 196 | ||
| 200 | 197 | ||
diff --git a/src/firemon/route.c b/src/firemon/route.c index dff594431..145daa152 100644 --- a/src/firemon/route.c +++ b/src/firemon/route.c | |||
| @@ -189,7 +189,7 @@ void route(pid_t pid, int print_procs) { | |||
| 189 | for (i = 0; i < max_pids; i++) { | 189 | for (i = 0; i < max_pids; i++) { |
| 190 | if (pids[i].level == 1) { | 190 | if (pids[i].level == 1) { |
| 191 | if (print_procs || pid == 0) | 191 | if (print_procs || pid == 0) |
| 192 | pid_print_list(i, 0); | 192 | pid_print_list(i, arg_nowrap); |
| 193 | int child = find_child(i); | 193 | int child = find_child(i); |
| 194 | if (child != -1) { | 194 | if (child != -1) { |
| 195 | char *fname; | 195 | char *fname; |
diff --git a/src/firemon/seccomp.c b/src/firemon/seccomp.c index d50692b37..e530fa1c3 100644 --- a/src/firemon/seccomp.c +++ b/src/firemon/seccomp.c | |||
| @@ -37,9 +37,7 @@ static void print_seccomp(int pid) { | |||
| 37 | if (strncmp(buf, "Seccomp:", 8) == 0) { | 37 | if (strncmp(buf, "Seccomp:", 8) == 0) { |
| 38 | printf(" %s", buf); | 38 | printf(" %s", buf); |
| 39 | fflush(0); | 39 | fflush(0); |
| 40 | fclose(fp); | 40 | break; |
| 41 | free(file); | ||
| 42 | return; | ||
| 43 | } | 41 | } |
| 44 | } | 42 | } |
| 45 | fclose(fp); | 43 | fclose(fp); |
| @@ -54,7 +52,7 @@ void seccomp(pid_t pid, int print_procs) { | |||
| 54 | for (i = 0; i < max_pids; i++) { | 52 | for (i = 0; i < max_pids; i++) { |
| 55 | if (pids[i].level == 1) { | 53 | if (pids[i].level == 1) { |
| 56 | if (print_procs || pid == 0) | 54 | if (print_procs || pid == 0) |
| 57 | pid_print_list(i, 0); | 55 | pid_print_list(i, arg_nowrap); |
| 58 | int child = find_child(i); | 56 | int child = find_child(i); |
| 59 | if (child != -1) | 57 | if (child != -1) |
| 60 | print_seccomp(child); | 58 | print_seccomp(child); |
diff --git a/src/firemon/usage.c b/src/firemon/usage.c index 1768237b3..20f2c071b 100644 --- a/src/firemon/usage.c +++ b/src/firemon/usage.c | |||
| @@ -37,6 +37,7 @@ void usage(void) { | |||
| 37 | printf("\t--name=name - print information only about named sandbox.\n\n"); | 37 | printf("\t--name=name - print information only about named sandbox.\n\n"); |
| 38 | printf("\t--netstats - monitor network statistics for sandboxes creating a new\n"); | 38 | printf("\t--netstats - monitor network statistics for sandboxes creating a new\n"); |
| 39 | printf("\t\tnetwork namespace.\n\n"); | 39 | printf("\t\tnetwork namespace.\n\n"); |
| 40 | printf("\t--nowrap - enable line wrapping in terminals.\n\n"); | ||
| 40 | printf("\t--route - print route table for each sandbox.\n\n"); | 41 | printf("\t--route - print route table for each sandbox.\n\n"); |
| 41 | printf("\t--seccomp - print seccomp configuration for each sandbox.\n\n"); | 42 | printf("\t--seccomp - print seccomp configuration for each sandbox.\n\n"); |
| 42 | printf("\t--tree - print a tree of all sandboxed processes.\n\n"); | 43 | printf("\t--tree - print a tree of all sandboxed processes.\n\n"); |
diff --git a/src/firemon/x11.c b/src/firemon/x11.c index 97cfffe64..c923c8ef8 100644 --- a/src/firemon/x11.c +++ b/src/firemon/x11.c | |||
| @@ -30,7 +30,7 @@ void x11(pid_t pid, int print_procs) { | |||
| 30 | for (i = 0; i < max_pids; i++) { | 30 | for (i = 0; i < max_pids; i++) { |
| 31 | if (pids[i].level == 1) { | 31 | if (pids[i].level == 1) { |
| 32 | if (print_procs || pid == 0) | 32 | if (print_procs || pid == 0) |
| 33 | pid_print_list(i, 0); | 33 | pid_print_list(i, arg_nowrap); |
| 34 | 34 | ||
| 35 | char *x11file; | 35 | char *x11file; |
| 36 | // todo: use macro from src/firejail/firejail.h for /run/firejail/x11 directory | 36 | // todo: use macro from src/firejail/firejail.h for /run/firejail/x11 directory |