diff options
author | startx2017 <vradu.startx@yandex.com> | 2019-05-29 10:03:51 -0400 |
---|---|---|
committer | startx2017 <vradu.startx@yandex.com> | 2019-05-29 10:03:51 -0400 |
commit | d2faddf343a02a8b822a5f14c52ca0a6fb6053c5 (patch) | |
tree | 4a11039a145634008669598bdddfefd832f8ae15 /src | |
parent | merge: Fix incorrect parsing of --keep-var-tmp command (diff) | |
download | firejail-d2faddf343a02a8b822a5f14c52ca0a6fb6053c5.tar.gz firejail-d2faddf343a02a8b822a5f14c52ca0a6fb6053c5.tar.zst firejail-d2faddf343a02a8b822a5f14c52ca0a6fb6053c5.zip |
merge: fix parent death signal
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/join.c | 3 | ||||
-rw-r--r-- | src/firejail/sandbox.c | 8 |
2 files changed, 4 insertions, 7 deletions
diff --git a/src/firejail/join.c b/src/firejail/join.c index 28fd1b290..89eddd8f1 100644 --- a/src/firejail/join.c +++ b/src/firejail/join.c | |||
@@ -295,8 +295,6 @@ void join(pid_t pid, int argc, char **argv, int index) { | |||
295 | printf("changing root to %s\n", rootdir); | 295 | printf("changing root to %s\n", rootdir); |
296 | } | 296 | } |
297 | 297 | ||
298 | prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); // kill the child in case the parent died | ||
299 | |||
300 | EUID_USER(); | 298 | EUID_USER(); |
301 | if (chdir("/") < 0) | 299 | if (chdir("/") < 0) |
302 | errExit("chdir"); | 300 | errExit("chdir"); |
@@ -390,6 +388,7 @@ void join(pid_t pid, int argc, char **argv, int index) { | |||
390 | } | 388 | } |
391 | 389 | ||
392 | drop_privs(arg_nogroups); | 390 | drop_privs(arg_nogroups); |
391 | prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); // kill the child in case the parent died | ||
393 | start_application(0, NULL); | 392 | start_application(0, NULL); |
394 | 393 | ||
395 | // it will never get here!!! | 394 | // it will never get here!!! |
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index 240358923..2ac4952b7 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
@@ -856,8 +856,6 @@ int sandbox(void* sandbox_arg) { | |||
856 | //**************************** | 856 | //**************************** |
857 | // set application environment | 857 | // set application environment |
858 | //**************************** | 858 | //**************************** |
859 | prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); // kill the child in case the parent died | ||
860 | |||
861 | EUID_USER(); | 859 | EUID_USER(); |
862 | int cwd = 0; | 860 | int cwd = 0; |
863 | if (cfg.cwd) { | 861 | if (cfg.cwd) { |
@@ -1004,6 +1002,7 @@ int sandbox(void* sandbox_arg) { | |||
1004 | // drop privileges, fork the application and monitor it | 1002 | // drop privileges, fork the application and monitor it |
1005 | //**************************************** | 1003 | //**************************************** |
1006 | drop_privs(arg_nogroups); | 1004 | drop_privs(arg_nogroups); |
1005 | prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); // kill the child in case the parent died | ||
1007 | pid_t app_pid = fork(); | 1006 | pid_t app_pid = fork(); |
1008 | if (app_pid == -1) | 1007 | if (app_pid == -1) |
1009 | errExit("fork"); | 1008 | errExit("fork"); |
@@ -1021,9 +1020,8 @@ int sandbox(void* sandbox_arg) { | |||
1021 | printf("AppArmor enabled\n"); | 1020 | printf("AppArmor enabled\n"); |
1022 | } | 1021 | } |
1023 | #endif | 1022 | #endif |
1024 | 1023 | // start app | |
1025 | prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); // kill the child in case the parent died | 1024 | start_application(0, fp); |
1026 | start_application(0, fp); // start app | ||
1027 | } | 1025 | } |
1028 | 1026 | ||
1029 | fclose(fp); | 1027 | fclose(fp); |