added sandbox name support in firemon

author: netblue30 <netblue30@yahoo.com> 2018-03-21 08:56:54 -0400
committer: netblue30 <netblue30@yahoo.com> 2018-03-21 08:56:54 -0400
commit: 57ffc35a8e0264507118b9839a499375f416260c (patch)
tree: 7f406d1be0674ee964c300910f10480c68191708 /src/lib
parent: Merge pull request #1820 from g3ngr33n/master (diff)
download: firejail-57ffc35a8e0264507118b9839a499375f416260c.tar.gz
firejail-57ffc35a8e0264507118b9839a499375f416260c.tar.zst
firejail-57ffc35a8e0264507118b9839a499375f416260c.zip
1 files changed, 33 insertions, 2 deletions
diff --git a/src/lib/pid.c b/src/lib/pid.c
index 0b2f402d1..f138efc8c 100644
--- a/src/lib/pid.c
+++ b/src/lib/pid.c
@@ -21,6 +21,7 @@
 #include "../include/pid.h"
 #include <string.h>
 #include <sys/types.h>
+#include <sys/stat.h>
 #include <pwd.h>
 #include <sys/ioctl.h>
 #include <dirent.h>
@@ -165,6 +166,10 @@ doexit:
        return rv;
 }
+// todo: RUN_FIREJAIL_NAME_DIR is borrowed from src/firejail/firejail.h
+// move it in a common place
+#define RUN_FIREJAIL_NAME_DIR   "/run/firejail/name"
 static void print_elem(unsigned index, int nowrap) {
        // get terminal size
        struct winsize sz;
@@ -184,14 +189,40 @@ static void print_elem(unsigned index, int nowrap) {
        char *cmd = pid_proc_cmdline(index);
        char *user = pid_get_user_name(uid);
        char *allocated = user;
+        // extract sandbox name - pid == index
+        char *sandbox_name = "";
+        char *fname;
+        if (asprintf(&fname, "%s/%d", RUN_FIREJAIL_NAME_DIR, index) == -1)
+                errExit("asprintf");
+        struct stat s;
+        if (stat(fname, &s) == 0) {
+                FILE *fp = fopen(fname, "r");
+                if (fp) {
+                        sandbox_name = malloc(s.st_size + 1);
+                        if (!sandbox_name)
+                                errExit("malloc");
+                        char *rv = fgets(sandbox_name, s.st_size + 1, fp);
+                        if (!rv)
+                                *sandbox_name = '\0';
+                        else {
+                                char *ptr = strchr(sandbox_name, '\n');
+                                if (ptr)
+                                        *ptr = '\0';
+                        }
+                        fclose(fp);
+                }
+        }
+        free(fname);
        if (user ==NULL)
                user = "";
        if (cmd) {
                if (col < 4 || nowrap)
-                        printf("%s%u:%s:%s\n", indent, index, user, cmd);
+                        printf("%s%u:%s:%s:%s\n", indent, index, user, sandbox_name, cmd);
                else {
                        char *out;
-                        if (asprintf(&out, "%s%u:%s:%s\n", indent, index, user, cmd) == -1)
+                        if (asprintf(&out, "%s%u:%s:%s:%s\n", indent, index, user, sandbox_name, cmd) == -1)
                                errExit("asprintf");
                        int len = strlen(out);
                        if (len > col) {
author	netblue30 <netblue30@yahoo.com>	2018-03-21 08:56:54 -0400
committer	netblue30 <netblue30@yahoo.com>	2018-03-21 08:56:54 -0400
commit	57ffc35a8e0264507118b9839a499375f416260c (patch)
tree	7f406d1be0674ee964c300910f10480c68191708 /src/lib
parent	Merge pull request #1820 from g3ngr33n/master (diff)
download	firejail-57ffc35a8e0264507118b9839a499375f416260c.tar.gz firejail-57ffc35a8e0264507118b9839a499375f416260c.tar.zst firejail-57ffc35a8e0264507118b9839a499375f416260c.zip

diff --git a/src/lib/pid.c b/src/lib/pid.c index 0b2f402d1..f138efc8c 100644 --- a/src/lib/pid.c +++ b/src/lib/pid.c
@@ -21,6 +21,7 @@
21	#include "../include/pid.h"	21	#include "../include/pid.h"
22	#include <string.h>	22	#include <string.h>
23	#include <sys/types.h>	23	#include <sys/types.h>
		24	#include <sys/stat.h>
24	#include <pwd.h>	25	#include <pwd.h>
25	#include <sys/ioctl.h>	26	#include <sys/ioctl.h>
26	#include <dirent.h>	27	#include <dirent.h>
@@ -165,6 +166,10 @@ doexit:
165	return rv;	166	return rv;
166	}	167	}
167		168
		169	// todo: RUN_FIREJAIL_NAME_DIR is borrowed from src/firejail/firejail.h
		170	// move it in a common place
		171	#define RUN_FIREJAIL_NAME_DIR "/run/firejail/name"
		172
168	static void print_elem(unsigned index, int nowrap) {	173	static void print_elem(unsigned index, int nowrap) {
169	// get terminal size	174	// get terminal size
170	struct winsize sz;	175	struct winsize sz;
@@ -184,14 +189,40 @@ static void print_elem(unsigned index, int nowrap) {
184	char *cmd = pid_proc_cmdline(index);	189	char *cmd = pid_proc_cmdline(index);
185	char *user = pid_get_user_name(uid);	190	char *user = pid_get_user_name(uid);
186	char *allocated = user;	191	char *allocated = user;
		192
		193	// extract sandbox name - pid == index
		194	char *sandbox_name = "";
		195	char *fname;
		196	if (asprintf(&fname, "%s/%d", RUN_FIREJAIL_NAME_DIR, index) == -1)
		197	errExit("asprintf");
		198	struct stat s;
		199	if (stat(fname, &s) == 0) {
		200	FILE *fp = fopen(fname, "r");
		201	if (fp) {
		202	sandbox_name = malloc(s.st_size + 1);
		203	if (!sandbox_name)
		204	errExit("malloc");
		205	char *rv = fgets(sandbox_name, s.st_size + 1, fp);
		206	if (!rv)
		207	*sandbox_name = '\0';
		208	else {
		209	char *ptr = strchr(sandbox_name, '\n');
		210	if (ptr)
		211	*ptr = '\0';
		212	}
		213	fclose(fp);
		214	}
		215	}
		216	free(fname);
		217
187	if (user ==NULL)	218	if (user ==NULL)
188	user = "";	219	user = "";
189	if (cmd) {	220	if (cmd) {
190	if (col < 4 \|\| nowrap)	221	if (col < 4 \|\| nowrap)
191	printf("%s%u:%s:%s\n", indent, index, user, cmd);	222	printf("%s%u:%s:%s:%s\n", indent, index, user, sandbox_name, cmd);
192	else {	223	else {
193	char *out;	224	char *out;
194	if (asprintf(&out, "%s%u:%s:%s\n", indent, index, user, cmd) == -1)	225	if (asprintf(&out, "%s%u:%s:%s:%s\n", indent, index, user, sandbox_name, cmd) == -1)
195	errExit("asprintf");	226	errExit("asprintf");
196	int len = strlen(out);	227	int len = strlen(out);
197	if (len > col) {	228	if (len > col) {