diff options
author | netblue30 <netblue30@yahoo.com> | 2016-06-28 07:58:20 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-06-28 07:58:20 -0400 |
commit | 4ece607b8f833cf0974bcf2a5e41f0504cbbff59 (patch) | |
tree | 430665bb64c6e2b893e17ceec2580c98df069534 /src | |
parent | cpio, gzip, strings, xzdec (diff) | |
download | firejail-4ece607b8f833cf0974bcf2a5e41f0504cbbff59.tar.gz firejail-4ece607b8f833cf0974bcf2a5e41f0504cbbff59.tar.zst firejail-4ece607b8f833cf0974bcf2a5e41f0504cbbff59.zip |
sysutils
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/main.c | 61 |
1 files changed, 48 insertions, 13 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index c6fbd584e..f149dd376 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -693,6 +693,52 @@ static void delete_x11_file(pid_t pid) { | |||
693 | free(fname); | 693 | free(fname); |
694 | } | 694 | } |
695 | 695 | ||
696 | static void detect_quiet(int argc, char **argv) { | ||
697 | int i; | ||
698 | char *progs[] = { | ||
699 | "cpio", | ||
700 | "strings", | ||
701 | "gzip", | ||
702 | "xz", | ||
703 | "xzdec", | ||
704 | NULL | ||
705 | }; | ||
706 | |||
707 | // detect --quiet | ||
708 | for (i = 1; i < argc; i++) { | ||
709 | if (strcmp(argv[i], "--quiet") == 0) { | ||
710 | arg_quiet = 1; | ||
711 | break; | ||
712 | } | ||
713 | |||
714 | // detect end of firejail params | ||
715 | if (strcmp(argv[i], "--") == 0) | ||
716 | break; | ||
717 | if (strncmp(argv[i], "--", 2) != 0) | ||
718 | break; | ||
719 | } | ||
720 | |||
721 | // argv[i] is the program name if --quiet was not already detected | ||
722 | if (arg_quiet || i == argc) | ||
723 | return; | ||
724 | |||
725 | // extract the name of the program without the leading path | ||
726 | char *ptr = strrchr(argv[i], '/'); | ||
727 | char *name = (ptr)? (ptr + 1): argv[i]; | ||
728 | if (*name == '\0') | ||
729 | return; | ||
730 | |||
731 | // look for the program in the list | ||
732 | int j = 0; | ||
733 | while (progs[j] != NULL) { | ||
734 | if (strcmp(name, progs[j]) == 0) { | ||
735 | arg_quiet = 1; | ||
736 | return; | ||
737 | } | ||
738 | j++; | ||
739 | } | ||
740 | } | ||
741 | |||
696 | //******************************************* | 742 | //******************************************* |
697 | // Main program | 743 | // Main program |
698 | //******************************************* | 744 | //******************************************* |
@@ -709,6 +755,8 @@ int main(int argc, char **argv) { | |||
709 | int highest_errno = errno_highest_nr(); | 755 | int highest_errno = errno_highest_nr(); |
710 | #endif | 756 | #endif |
711 | 757 | ||
758 | detect_quiet(argc, argv); | ||
759 | |||
712 | // drop permissions by default and rise them when required | 760 | // drop permissions by default and rise them when required |
713 | EUID_INIT(); | 761 | EUID_INIT(); |
714 | EUID_USER(); | 762 | EUID_USER(); |
@@ -717,19 +765,6 @@ int main(int argc, char **argv) { | |||
717 | if (*argv[0] != '-') | 765 | if (*argv[0] != '-') |
718 | run_symlink(argc, argv); | 766 | run_symlink(argc, argv); |
719 | 767 | ||
720 | // detect --quiet | ||
721 | for (i = 1; i < argc; i++) { | ||
722 | if (strcmp(argv[i], "--quiet") == 0) { | ||
723 | arg_quiet = 1; | ||
724 | break; | ||
725 | } | ||
726 | |||
727 | // detect end of firejail params | ||
728 | if (strcmp(argv[i], "--") == 0) | ||
729 | break; | ||
730 | if (strncmp(argv[i], "--", 2) != 0) | ||
731 | break; | ||
732 | } | ||
733 | 768 | ||
734 | // check if we already have a sandbox running | 769 | // check if we already have a sandbox running |
735 | // If LXC is detected, start firejail sandbox | 770 | // If LXC is detected, start firejail sandbox |