diff options
author | netblue30 <netblue30@yahoo.com> | 2016-02-19 09:30:46 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-02-19 09:30:46 -0500 |
commit | 07c05e8a54307118982fdb725664c9fcaef65f38 (patch) | |
tree | 90508984ef60851f95f4a8f64c00c88c73314bbc /src/lib | |
parent | euid switching (diff) | |
download | firejail-07c05e8a54307118982fdb725664c9fcaef65f38.tar.gz firejail-07c05e8a54307118982fdb725664c9fcaef65f38.tar.zst firejail-07c05e8a54307118982fdb725664c9fcaef65f38.zip |
moved sandbox name to /run/firejail/name/<PID>
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/common.c | 67 |
1 files changed, 24 insertions, 43 deletions
diff --git a/src/lib/common.c b/src/lib/common.c index 099bb54d3..f321c5a47 100644 --- a/src/lib/common.c +++ b/src/lib/common.c | |||
@@ -95,53 +95,34 @@ int name2pid(const char *name, pid_t *pid) { | |||
95 | free(comm); | 95 | free(comm); |
96 | } | 96 | } |
97 | 97 | ||
98 | char *cmd = pid_proc_cmdline(newpid); | 98 | // look for the sandbox name in /run/firejail/name/<PID> |
99 | if (cmd) { | 99 | // todo: use RUN_FIREJAIL_NAME_DIR define from src/firejail/firejail.h |
100 | // mark the end of the name | 100 | char *fname; |
101 | char *ptr = strstr(cmd, "--name="); | 101 | if (asprintf(&fname, "/run/firejail/name/%d", newpid) == -1) |
102 | char *start = ptr; | 102 | errExit("asprintf"); |
103 | if (!ptr) { | 103 | FILE *fp = fopen(fname, "r"); |
104 | free(cmd); | 104 | if (fp) { |
105 | 105 | char buf[BUFLEN]; | |
106 | // extract name for /run/mnt/firejail/fslogger file | 106 | if (fgets(buf, BUFLEN, fp)) { |
107 | char *fname; | 107 | // remove \n |
108 | if (asprintf(&fname, "/proc/%d/root/run/firejail/mnt/fslogger", newpid) == -1) | 108 | char *ptr = strchr(buf, '\n'); |
109 | errExit("asprintf"); | 109 | if (ptr) { |
110 | 110 | *ptr = '\0'; | |
111 | struct stat s; | 111 | if (strcmp(buf, name) == 0) { |
112 | if (stat(fname, &s) == 0) { | 112 | // we found it! |
113 | FILE *fp = fopen(fname, "r"); | ||
114 | if (fp) { | ||
115 | char buf[BUFLEN]; | ||
116 | if (fgets(buf, BUFLEN, fp)) { | ||
117 | if (strncmp(buf, "sandbox name: ", 14) == 0) { | ||
118 | char *ptr2 = buf + 14; | ||
119 | if (strncmp(name, ptr2, strlen(name)) == 0) { | ||
120 | fclose(fp); | ||
121 | *pid = newpid; | ||
122 | closedir(dir); | ||
123 | return 0; | ||
124 | } | ||
125 | } | ||
126 | } | ||
127 | fclose(fp); | 113 | fclose(fp); |
114 | free(fname); | ||
115 | *pid = newpid; | ||
116 | closedir(dir); | ||
117 | return 0; | ||
128 | } | 118 | } |
129 | } | 119 | } |
130 | 120 | else | |
131 | continue; | 121 | fprintf(stderr, "Error: invalid %s\n", fname); |
132 | } | 122 | } |
133 | while (*ptr != ' ' && *ptr != '\t' && *ptr != '\0') | 123 | fclose(fp); |
134 | ptr++; | ||
135 | *ptr = '\0'; | ||
136 | int rv = strcmp(start + 7, name); | ||
137 | if (rv == 0) { | ||
138 | free(cmd); | ||
139 | *pid = newpid; | ||
140 | closedir(dir); | ||
141 | return 0; | ||
142 | } | ||
143 | free(cmd); | ||
144 | } | 124 | } |
125 | free(fname); | ||
145 | } | 126 | } |
146 | closedir(dir); | 127 | closedir(dir); |
147 | return 1; | 128 | return 1; |