diff options
| author |  smitsohu <smitsohu@gmail.com> | 2019-12-23 13:37:05 +0100 |
|---|---|---|
| committer | smitsohu <smitsohu@gmail.com> | 2019-12-23 13:37:05 +0100 |
| commit | 0bfd11891300cb59bd9b995b956f5a57c8a3458c (patch) | |
| tree | ca6308d85317ee33f9f3b2aef64a9646bfeea4de /src | |
| parent | let join wait if target sandbox is not ready yet (diff) | |
| download | firejail-0bfd11891300cb59bd9b995b956f5a57c8a3458c.tar.gz firejail-0bfd11891300cb59bd9b995b956f5a57c8a3458c.tar.zst firejail-0bfd11891300cb59bd9b995b956f5a57c8a3458c.zip | |
make join timeout configurable in firejail.config
Diffstat (limited to 'src')
| -rw-r--r-- | src/firejail/checkcfg.c | 6 | ||||
| -rw-r--r-- | src/firejail/firejail.h | 1 | ||||
| -rw-r--r-- | src/firejail/join.c | 2 |
3 files changed, 8 insertions, 1 deletions
diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c index f94b95d60..6ea92cd9d 100644 --- a/src/firejail/checkcfg.c +++ b/src/firejail/checkcfg.c | |||
| @@ -31,6 +31,7 @@ char *xpra_extra_params = ""; | |||
| 31 | char *xvfb_screen = "800x600x24"; | 31 | char *xvfb_screen = "800x600x24"; |
| 32 | char *xvfb_extra_params = ""; | 32 | char *xvfb_extra_params = ""; |
| 33 | char *netfilter_default = NULL; | 33 | char *netfilter_default = NULL; |
| 34 | unsigned join_timeout = 50; // 5 sec (unit is 0.1 sec) | ||
| 34 | 35 | ||
| 35 | int checkcfg(int val) { | 36 | int checkcfg(int val) { |
| 36 | assert(val < CFG_MAX); | 37 | assert(val < CFG_MAX); |
| @@ -213,6 +214,11 @@ int checkcfg(int val) { | |||
| 213 | if (setenv("FIREJAIL_FILE_COPY_LIMIT", ptr + 16, 1) == -1) | 214 | if (setenv("FIREJAIL_FILE_COPY_LIMIT", ptr + 16, 1) == -1) |
| 214 | errExit("setenv"); | 215 | errExit("setenv"); |
| 215 | } | 216 | } |
| 217 | |||
| 218 | // timeout for join option | ||
| 219 | else if (strncmp(ptr, "join-timeout ", 13) == 0) | ||
| 220 | join_timeout = strtoul(ptr + 13, NULL, 10) * 10; | ||
| 221 | |||
| 216 | else | 222 | else |
| 217 | goto errout; | 223 | goto errout; |
| 218 | 224 | ||
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index a8c580aa1..37d8c6883 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
| @@ -738,6 +738,7 @@ extern char *xpra_extra_params; | |||
| 738 | extern char *xvfb_screen; | 738 | extern char *xvfb_screen; |
| 739 | extern char *xvfb_extra_params; | 739 | extern char *xvfb_extra_params; |
| 740 | extern char *netfilter_default; | 740 | extern char *netfilter_default; |
| 741 | extern unsigned join_timeout; | ||
| 741 | int checkcfg(int val); | 742 | int checkcfg(int val); |
| 742 | void print_compiletime_support(void); | 743 | void print_compiletime_support(void); |
| 743 | 744 | ||
diff --git a/src/firejail/join.c b/src/firejail/join.c index 864d4069d..08120cffe 100644 --- a/src/firejail/join.c +++ b/src/firejail/join.c | |||
| @@ -322,7 +322,7 @@ void check_join_permission(pid_t pid) { | |||
| 322 | // check if pid belongs to a fully set up firejail sandbox | 322 | // check if pid belongs to a fully set up firejail sandbox |
| 323 | unsigned i; | 323 | unsigned i; |
| 324 | for (i = 0; is_ready_for_join(pid) == 0; i++) { // give sandbox some time to start up | 324 | for (i = 0; is_ready_for_join(pid) == 0; i++) { // give sandbox some time to start up |
| 325 | if (i >= 50) { | 325 | if (i >= join_timeout) { |
| 326 | fprintf(stderr, "Error: no valid sandbox\n"); | 326 | fprintf(stderr, "Error: no valid sandbox\n"); |
| 327 | exit(1); | 327 | exit(1); |
| 328 | } | 328 | } |