diff options
| author |  netblue30 <netblue30@yahoo.com> | 2016-02-24 22:37:20 -0500 |
|---|---|---|
| committer | netblue30 <netblue30@yahoo.com> | 2016-02-24 22:37:20 -0500 |
| commit | 11e5b2ce21d6efa1ed0fea4db18e410427436162 (patch) | |
| tree | f36791949f69817d9f47aec8dfd16d50f889ced7 /src | |
| parent | x11 work (diff) | |
| download | firejail-11e5b2ce21d6efa1ed0fea4db18e410427436162.tar.gz firejail-11e5b2ce21d6efa1ed0fea4db18e410427436162.tar.zst firejail-11e5b2ce21d6efa1ed0fea4db18e410427436162.zip | |
x11 work
Diffstat (limited to 'src')
| -rw-r--r-- | src/firejail/firejail.h | 2 | ||||
| -rw-r--r-- | src/firejail/profile.c | 4 | ||||
| -rw-r--r-- | src/firejail/x11.c | 15 | ||||
| -rw-r--r-- | src/firemon/firemon.c | 2 |
4 files changed, 19 insertions, 4 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index b37c3aba8..1fcb92fea 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
| @@ -526,6 +526,8 @@ void fs_mkdir(const char *name); | |||
| 526 | void fs_x11(void); | 526 | void fs_x11(void); |
| 527 | void x11_start(int argc, char **argv); | 527 | void x11_start(int argc, char **argv); |
| 528 | int x11_display(void); | 528 | int x11_display(void); |
| 529 | // return 1 if xpra is installed on the system | ||
| 530 | int x11_check_xpra(void); | ||
| 529 | 531 | ||
| 530 | #endif | 532 | #endif |
| 531 | 533 | ||
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index ba287027c..8771a7fa8 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
| @@ -102,13 +102,13 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
| 102 | return 0; | 102 | return 0; |
| 103 | } | 103 | } |
| 104 | 104 | ||
| 105 | // mkdir | ||
| 105 | if (strncmp(ptr, "mkdir ", 6) == 0) { | 106 | if (strncmp(ptr, "mkdir ", 6) == 0) { |
| 106 | fs_mkdir(ptr + 6); | 107 | fs_mkdir(ptr + 6); |
| 107 | return 0; | 108 | return 0; |
| 108 | } | 109 | } |
| 109 | |||
| 110 | // sandbox name | 110 | // sandbox name |
| 111 | if (strncmp(ptr, "name ", 5) == 0) { | 111 | else if (strncmp(ptr, "name ", 5) == 0) { |
| 112 | cfg.name = ptr + 5; | 112 | cfg.name = ptr + 5; |
| 113 | if (strlen(cfg.name) == 0) { | 113 | if (strlen(cfg.name) == 0) { |
| 114 | fprintf(stderr, "Error: invalid sandbox name\n"); | 114 | fprintf(stderr, "Error: invalid sandbox name\n"); |
diff --git a/src/firejail/x11.c b/src/firejail/x11.c index 980a4dbca..8f9a4c11f 100644 --- a/src/firejail/x11.c +++ b/src/firejail/x11.c | |||
| @@ -26,6 +26,17 @@ | |||
| 26 | #include <dirent.h> | 26 | #include <dirent.h> |
| 27 | #include <sys/mount.h> | 27 | #include <sys/mount.h> |
| 28 | 28 | ||
| 29 | // return 1 if xpra is installed on the system | ||
| 30 | int x11_check_xpra(void) { | ||
| 31 | struct stat s; | ||
| 32 | |||
| 33 | // check xpra | ||
| 34 | if (stat("/usr/bin/xpra", &s) == -1) | ||
| 35 | return 0; | ||
| 36 | |||
| 37 | return 1; | ||
| 38 | } | ||
| 39 | |||
| 29 | // return display number, -1 if not configured | 40 | // return display number, -1 if not configured |
| 30 | int x11_display(void) { | 41 | int x11_display(void) { |
| 31 | // extract display | 42 | // extract display |
| @@ -117,7 +128,7 @@ void x11_start(int argc, char **argv) { | |||
| 117 | pid_t server = 0; | 128 | pid_t server = 0; |
| 118 | 129 | ||
| 119 | // check xpra | 130 | // check xpra |
| 120 | if (stat("/usr/bin/xpra", &s) == -1) { | 131 | if (x11_check_xpra() == 0) { |
| 121 | fprintf(stderr, "\nError: Xpra program was not found in /usr/bin directory, please install it:\n"); | 132 | fprintf(stderr, "\nError: Xpra program was not found in /usr/bin directory, please install it:\n"); |
| 122 | fprintf(stderr, " Debian/Ubuntu/Mint: sudo apt-get install xpra\n"); | 133 | fprintf(stderr, " Debian/Ubuntu/Mint: sudo apt-get install xpra\n"); |
| 123 | exit(0); | 134 | exit(0); |
| @@ -127,6 +138,8 @@ void x11_start(int argc, char **argv) { | |||
| 127 | int found = 1; | 138 | int found = 1; |
| 128 | for (i = 0; i < 100; i++) { | 139 | for (i = 0; i < 100; i++) { |
| 129 | display = rand() % 1024; | 140 | display = rand() % 1024; |
| 141 | if (display < 10) | ||
| 142 | continue; | ||
| 130 | char *fname; | 143 | char *fname; |
| 131 | if (asprintf(&fname, "/tmp/.X11-unix/X%d", display) == -1) | 144 | if (asprintf(&fname, "/tmp/.X11-unix/X%d", display) == -1) |
| 132 | errExit("asprintf"); | 145 | errExit("asprintf"); |
diff --git a/src/firemon/firemon.c b/src/firemon/firemon.c index c19c344b0..0e38696ac 100644 --- a/src/firemon/firemon.c +++ b/src/firemon/firemon.c | |||
| @@ -224,7 +224,7 @@ int main(int argc, char **argv) { | |||
| 224 | if (arg_x11) | 224 | if (arg_x11) |
| 225 | x11((pid_t) pid); | 225 | x11((pid_t) pid); |
| 226 | 226 | ||
| 227 | if (!arg_route && !arg_arp && !arg_interface && !arg_tree && !arg_caps && !arg_seccomp) | 227 | if (!arg_route && !arg_arp && !arg_interface && !arg_tree && !arg_caps && !arg_seccomp && !arg_x11) |
| 228 | procevent((pid_t) pid); // never to return | 228 | procevent((pid_t) pid); // never to return |
| 229 | 229 | ||
| 230 | return 0; | 230 | return 0; |