diff options
| author |  smitsohu <smitsohu@gmail.com> | 2021-01-06 13:14:22 +0100 |
|---|---|---|
| committer | smitsohu <smitsohu@gmail.com> | 2021-01-06 19:50:48 +0100 |
| commit | 1e3891ed00c99a913f98fc1f42805fafe38f7ff5 (patch) | |
| tree | 78adb56ff3a988e3ecfdbfca53549d65d3e7ef18 /src | |
| parent | non-dumpable plugins (diff) | |
| download | firejail-1e3891ed00c99a913f98fc1f42805fafe38f7ff5.tar.gz firejail-1e3891ed00c99a913f98fc1f42805fafe38f7ff5.tar.zst firejail-1e3891ed00c99a913f98fc1f42805fafe38f7ff5.zip | |
fix broken tests and regression on 45304621a6c600d8e30e98bfbef05149caaf56c5
Diffstat (limited to 'src')
| -rw-r--r-- | src/firejail/fs_lib.c | 13 | ||||
| -rw-r--r-- | src/firejail/fs_lib2.c | 7 |
2 files changed, 12 insertions, 8 deletions
diff --git a/src/firejail/fs_lib.c b/src/firejail/fs_lib.c index 5cfd33b42..941d6ad82 100644 --- a/src/firejail/fs_lib.c +++ b/src/firejail/fs_lib.c | |||
| @@ -336,6 +336,12 @@ void fs_private_lib(void) { | |||
| 336 | // start timetrace | 336 | // start timetrace |
| 337 | timetrace_start(); | 337 | timetrace_start(); |
| 338 | 338 | ||
| 339 | // bring in firejail executable libraries in case we are redirected here by a firejail symlink from /usr/local/bin/firejail | ||
| 340 | fslib_install_list(PATH_FIREJAIL); | ||
| 341 | |||
| 342 | // bring in firejail directory | ||
| 343 | fslib_install_list("firejail"); | ||
| 344 | |||
| 339 | // copy the libs in the new lib directory for the main exe | 345 | // copy the libs in the new lib directory for the main exe |
| 340 | if (cfg.original_program_index > 0) { | 346 | if (cfg.original_program_index > 0) { |
| 341 | if (arg_debug || arg_debug_private_lib) | 347 | if (arg_debug || arg_debug_private_lib) |
| @@ -374,13 +380,6 @@ void fs_private_lib(void) { | |||
| 374 | printf("Installing system libraries\n"); | 380 | printf("Installing system libraries\n"); |
| 375 | fslib_install_system(); | 381 | fslib_install_system(); |
| 376 | 382 | ||
| 377 | // bring in firejail directory for --trace and seccomp post exec | ||
| 378 | // bring in firejail executable libraries in case we are redirected here by a firejail symlink from /usr/local/bin/firejail | ||
| 379 | fslib_install_list("/usr/bin/firejail,firejail"); // todo: use the installed path for the executable | ||
| 380 | |||
| 381 | // install libraries needed by fcopy | ||
| 382 | fslib_install_list(PATH_FCOPY); | ||
| 383 | |||
| 384 | fmessage("Installed %d %s and %d %s\n", lib_cnt, (lib_cnt == 1)? "library": "libraries", | 383 | fmessage("Installed %d %s and %d %s\n", lib_cnt, (lib_cnt == 1)? "library": "libraries", |
| 385 | dir_cnt, (dir_cnt == 1)? "directory": "directories"); | 384 | dir_cnt, (dir_cnt == 1)? "directory": "directories"); |
| 386 | 385 | ||
diff --git a/src/firejail/fs_lib2.c b/src/firejail/fs_lib2.c index b2ae07f3e..758e079a4 100644 --- a/src/firejail/fs_lib2.c +++ b/src/firejail/fs_lib2.c | |||
| @@ -30,6 +30,7 @@ extern void fslib_copy_dir(const char *full_path); | |||
| 30 | //*************************************************************** | 30 | //*************************************************************** |
| 31 | // standard libc libraries based on Debian's libc6 package | 31 | // standard libc libraries based on Debian's libc6 package |
| 32 | // selinux seems to be linked in most command line utilities | 32 | // selinux seems to be linked in most command line utilities |
| 33 | // libpcre2 is a dependency of selinux | ||
| 33 | // locale (/usr/lib/locale) - without it, the program will default to "C" locale | 34 | // locale (/usr/lib/locale) - without it, the program will default to "C" locale |
| 34 | typedef struct liblist_t { | 35 | typedef struct liblist_t { |
| 35 | const char *name; | 36 | const char *name; |
| @@ -38,6 +39,7 @@ typedef struct liblist_t { | |||
| 38 | 39 | ||
| 39 | static LibList libc_list[] = { | 40 | static LibList libc_list[] = { |
| 40 | { "libselinux.so.", 0 }, | 41 | { "libselinux.so.", 0 }, |
| 42 | { "libpcre2-8.so.", 0 }, | ||
| 41 | { "libapparmor.so.", 0}, | 43 | { "libapparmor.so.", 0}, |
| 42 | { "ld-linux-x86-64.so.", 0 }, | 44 | { "ld-linux-x86-64.so.", 0 }, |
| 43 | { "libanl.so.", 0 }, | 45 | { "libanl.so.", 0 }, |
| @@ -104,16 +106,19 @@ static void stdc(const char *dirname) { | |||
| 104 | 106 | ||
| 105 | void fslib_install_stdc(void) { | 107 | void fslib_install_stdc(void) { |
| 106 | // install standard C libraries | 108 | // install standard C libraries |
| 109 | timetrace_start(); | ||
| 107 | struct stat s; | 110 | struct stat s; |
| 108 | char *stdclib = "/lib64"; // CentOS, Fedora, Arch | 111 | char *stdclib = "/lib64"; // CentOS, Fedora, Arch |
| 109 | 112 | ||
| 110 | if (stat("/lib/x86_64-linux-gnu", &s) == 0) { // Debian & friends | 113 | if (stat("/lib/x86_64-linux-gnu", &s) == 0) { // Debian & friends |
| 114 | // PT_INTERP | ||
| 115 | fslib_duplicate("/lib64/ld-linux-x86-64.so.2"); | ||
| 116 | |||
| 111 | mkdir_attr(RUN_LIB_DIR "/x86_64-linux-gnu", 0755, 0, 0); | 117 | mkdir_attr(RUN_LIB_DIR "/x86_64-linux-gnu", 0755, 0, 0); |
| 112 | selinux_relabel_path(RUN_LIB_DIR "/x86_64-linux-gnu", "/lib/x86_64-linux-gnu"); | 118 | selinux_relabel_path(RUN_LIB_DIR "/x86_64-linux-gnu", "/lib/x86_64-linux-gnu"); |
| 113 | stdclib = "/lib/x86_64-linux-gnu"; | 119 | stdclib = "/lib/x86_64-linux-gnu"; |
| 114 | } | 120 | } |
| 115 | 121 | ||
| 116 | timetrace_start(); | ||
| 117 | stdc(stdclib); | 122 | stdc(stdclib); |
| 118 | 123 | ||
| 119 | // install locale | 124 | // install locale |