diff options
author | netblue30 <netblue30@yahoo.com> | 2015-12-17 10:31:39 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2015-12-17 10:31:39 -0500 |
commit | 24d38a4a23dc0beb66fe03dd042aefae47b03d50 (patch) | |
tree | df42fee1cdb91d70da9b2905898664a5de35cf9f /src | |
parent | better error reporting for profile files (diff) | |
download | firejail-24d38a4a23dc0beb66fe03dd042aefae47b03d50.tar.gz firejail-24d38a4a23dc0beb66fe03dd042aefae47b03d50.tar.zst firejail-24d38a4a23dc0beb66fe03dd042aefae47b03d50.zip |
add support for sandbox name in profile files
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/sandbox.c | 2 | ||||
-rw-r--r-- | src/lib/common.c | 28 | ||||
-rw-r--r-- | src/man/firejail-profile.txt | 7 |
3 files changed, 35 insertions, 2 deletions
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index 4a1990382..356807acf 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
@@ -276,9 +276,9 @@ int sandbox(void* sandbox_arg) { | |||
276 | //**************************** | 276 | //**************************** |
277 | // log sandbox data | 277 | // log sandbox data |
278 | //**************************** | 278 | //**************************** |
279 | fs_logger2int("sandbox pid:", (int) sandbox_pid); | ||
280 | if (cfg.name) | 279 | if (cfg.name) |
281 | fs_logger2("sandbox name:", cfg.name); | 280 | fs_logger2("sandbox name:", cfg.name); |
281 | fs_logger2int("sandbox pid:", (int) sandbox_pid); | ||
282 | if (cfg.chrootdir) | 282 | if (cfg.chrootdir) |
283 | fs_logger("sandbox filesystem: chroot"); | 283 | fs_logger("sandbox filesystem: chroot"); |
284 | else if (arg_overlay) | 284 | else if (arg_overlay) |
diff --git a/src/lib/common.c b/src/lib/common.c index 7d2ee5362..90cee3e10 100644 --- a/src/lib/common.c +++ b/src/lib/common.c | |||
@@ -31,6 +31,7 @@ | |||
31 | #include <dirent.h> | 31 | #include <dirent.h> |
32 | #include <string.h> | 32 | #include <string.h> |
33 | #include "../include/common.h" | 33 | #include "../include/common.h" |
34 | #define BUFLEN 4096 | ||
34 | 35 | ||
35 | int join_namespace(pid_t pid, char *type) { | 36 | int join_namespace(pid_t pid, char *type) { |
36 | char *path; | 37 | char *path; |
@@ -100,6 +101,32 @@ int name2pid(const char *name, pid_t *pid) { | |||
100 | char *start = ptr; | 101 | char *start = ptr; |
101 | if (!ptr) { | 102 | if (!ptr) { |
102 | free(cmd); | 103 | free(cmd); |
104 | |||
105 | // extract name for /run/mnt/firejail/fslogger file | ||
106 | char *fname; | ||
107 | if (asprintf(&fname, "/proc/%d/root/run/firejail/mnt/fslogger", newpid) == -1) | ||
108 | errExit("asprintf"); | ||
109 | |||
110 | struct stat s; | ||
111 | if (stat(fname, &s) == 0) { | ||
112 | FILE *fp = fopen(fname, "r"); | ||
113 | if (fp) { | ||
114 | char buf[BUFLEN]; | ||
115 | if (fgets(buf, BUFLEN, fp)) { | ||
116 | if (strncmp(buf, "sandbox name: ", 14) == 0) { | ||
117 | char *ptr2 = buf + 14; | ||
118 | if (strncmp(name, ptr2, strlen(name)) == 0) { | ||
119 | fclose(fp); | ||
120 | *pid = newpid; | ||
121 | closedir(dir); | ||
122 | return 0; | ||
123 | } | ||
124 | } | ||
125 | } | ||
126 | fclose(fp); | ||
127 | } | ||
128 | } | ||
129 | |||
103 | continue; | 130 | continue; |
104 | } | 131 | } |
105 | while (*ptr != ' ' && *ptr != '\t' && *ptr != '\0') | 132 | while (*ptr != ' ' && *ptr != '\t' && *ptr != '\0') |
@@ -119,7 +146,6 @@ int name2pid(const char *name, pid_t *pid) { | |||
119 | return 1; | 146 | return 1; |
120 | } | 147 | } |
121 | 148 | ||
122 | #define BUFLEN 4096 | ||
123 | char *pid_proc_comm(const pid_t pid) { | 149 | char *pid_proc_comm(const pid_t pid) { |
124 | // open /proc/pid/cmdline file | 150 | // open /proc/pid/cmdline file |
125 | char *fname; | 151 | char *fname; |
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index e9cb1aa49..59d4a81ae 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
@@ -233,6 +233,13 @@ cgroup /sys/fs/cgroup/g1/tasks | |||
233 | The sandbox is placed in g1 control group. | 233 | The sandbox is placed in g1 control group. |
234 | 234 | ||
235 | .SH User Environment | 235 | .SH User Environment |
236 | .TP | ||
237 | \fBname sandboxname | ||
238 | Set sandbox name. Example: | ||
239 | .br | ||
240 | |||
241 | .br | ||
242 | name browser | ||
236 | 243 | ||
237 | .TP | 244 | .TP |
238 | \fBenv name=value | 245 | \fBenv name=value |