diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2021-10-16 02:16:45 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2021-10-22 15:02:18 -0300 |
commit | cc0a113e982d2db70f42c15629d52c0149737d13 (patch) | |
tree | 1b500163b10969de150a37c39acc2641f9268f97 /src | |
parent | README update (diff) | |
download | firejail-cc0a113e982d2db70f42c15629d52c0149737d13.tar.gz firejail-cc0a113e982d2db70f42c15629d52c0149737d13.tar.zst firejail-cc0a113e982d2db70f42c15629d52c0149737d13.zip |
main.c: [ref] fix indentation and whitespace around group handling
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/main.c | 156 |
1 files changed, 78 insertions, 78 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index 1ba70b0bd..eca2846e2 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -3088,94 +3088,94 @@ int main(int argc, char **argv, char **envp) { | |||
3088 | } | 3088 | } |
3089 | EUID_ASSERT(); | 3089 | EUID_ASSERT(); |
3090 | 3090 | ||
3091 | // close each end of the unused pipes | 3091 | // close each end of the unused pipes |
3092 | close(parent_to_child_fds[0]); | 3092 | close(parent_to_child_fds[0]); |
3093 | close(child_to_parent_fds[1]); | 3093 | close(child_to_parent_fds[1]); |
3094 | 3094 | ||
3095 | // notify child that base setup is complete | 3095 | // notify child that base setup is complete |
3096 | notify_other(parent_to_child_fds[1]); | 3096 | notify_other(parent_to_child_fds[1]); |
3097 | 3097 | ||
3098 | // wait for child to create new user namespace with CLONE_NEWUSER | 3098 | // wait for child to create new user namespace with CLONE_NEWUSER |
3099 | wait_for_other(child_to_parent_fds[0]); | 3099 | wait_for_other(child_to_parent_fds[0]); |
3100 | close(child_to_parent_fds[0]); | 3100 | close(child_to_parent_fds[0]); |
3101 | 3101 | ||
3102 | if (arg_noroot) { | 3102 | if (arg_noroot) { |
3103 | // update the UID and GID maps in the new child user namespace | 3103 | // update the UID and GID maps in the new child user namespace |
3104 | // uid | 3104 | // uid |
3105 | char *map_path; | 3105 | char *map_path; |
3106 | if (asprintf(&map_path, "/proc/%d/uid_map", child) == -1) | 3106 | if (asprintf(&map_path, "/proc/%d/uid_map", child) == -1) |
3107 | errExit("asprintf"); | 3107 | errExit("asprintf"); |
3108 | 3108 | ||
3109 | char *map; | 3109 | char *map; |
3110 | uid_t uid = getuid(); | 3110 | uid_t uid = getuid(); |
3111 | if (asprintf(&map, "%d %d 1", uid, uid) == -1) | 3111 | if (asprintf(&map, "%d %d 1", uid, uid) == -1) |
3112 | errExit("asprintf"); | 3112 | errExit("asprintf"); |
3113 | EUID_ROOT(); | 3113 | EUID_ROOT(); |
3114 | update_map(map, map_path); | 3114 | update_map(map, map_path); |
3115 | EUID_USER(); | 3115 | EUID_USER(); |
3116 | free(map); | 3116 | free(map); |
3117 | free(map_path); | 3117 | free(map_path); |
3118 | 3118 | ||
3119 | // gid file | 3119 | // gid file |
3120 | if (asprintf(&map_path, "/proc/%d/gid_map", child) == -1) | 3120 | if (asprintf(&map_path, "/proc/%d/gid_map", child) == -1) |
3121 | errExit("asprintf"); | 3121 | errExit("asprintf"); |
3122 | char gidmap[1024]; | 3122 | char gidmap[1024]; |
3123 | char *ptr = gidmap; | 3123 | char *ptr = gidmap; |
3124 | *ptr = '\0'; | 3124 | *ptr = '\0'; |
3125 | 3125 | ||
3126 | // add user group | 3126 | // add user group |
3127 | gid_t gid = getgid(); | 3127 | gid_t gid = getgid(); |
3128 | sprintf(ptr, "%d %d 1\n", gid, gid); | 3128 | sprintf(ptr, "%d %d 1\n", gid, gid); |
3129 | ptr += strlen(ptr); | 3129 | ptr += strlen(ptr); |
3130 | 3130 | ||
3131 | if (!arg_nogroups) { | 3131 | if (!arg_nogroups) { |
3132 | // add firejail group | 3132 | // add firejail group |
3133 | gid_t g = get_group_id("firejail"); | 3133 | gid_t g = get_group_id("firejail"); |
3134 | if (g) { | 3134 | if (g) { |
3135 | sprintf(ptr, "%d %d 1\n", g, g); | 3135 | sprintf(ptr, "%d %d 1\n", g, g); |
3136 | ptr += strlen(ptr); | 3136 | ptr += strlen(ptr); |
3137 | } | 3137 | } |
3138 | 3138 | ||
3139 | // add tty group | 3139 | // add tty group |
3140 | g = get_group_id("tty"); | 3140 | g = get_group_id("tty"); |
3141 | if (g) { | 3141 | if (g) { |
3142 | sprintf(ptr, "%d %d 1\n", g, g); | 3142 | sprintf(ptr, "%d %d 1\n", g, g); |
3143 | ptr += strlen(ptr); | 3143 | ptr += strlen(ptr); |
3144 | } | 3144 | } |
3145 | 3145 | ||
3146 | // add audio group | 3146 | // add audio group |
3147 | g = get_group_id("audio"); | 3147 | g = get_group_id("audio"); |
3148 | if (g) { | 3148 | if (g) { |
3149 | sprintf(ptr, "%d %d 1\n", g, g); | 3149 | sprintf(ptr, "%d %d 1\n", g, g); |
3150 | ptr += strlen(ptr); | 3150 | ptr += strlen(ptr); |
3151 | } | 3151 | } |
3152 | 3152 | ||
3153 | // add video group | 3153 | // add video group |
3154 | g = get_group_id("video"); | 3154 | g = get_group_id("video"); |
3155 | if (g) { | 3155 | if (g) { |
3156 | sprintf(ptr, "%d %d 1\n", g, g); | 3156 | sprintf(ptr, "%d %d 1\n", g, g); |
3157 | ptr += strlen(ptr); | 3157 | ptr += strlen(ptr); |
3158 | } | 3158 | } |
3159 | 3159 | ||
3160 | // add games group | 3160 | // add games group |
3161 | g = get_group_id("games"); | 3161 | g = get_group_id("games"); |
3162 | if (g) { | 3162 | if (g) { |
3163 | sprintf(ptr, "%d %d 1\n", g, g); | 3163 | sprintf(ptr, "%d %d 1\n", g, g); |
3164 | } | 3164 | } |
3165 | } | 3165 | } |
3166 | 3166 | ||
3167 | EUID_ROOT(); | 3167 | EUID_ROOT(); |
3168 | update_map(gidmap, map_path); | 3168 | update_map(gidmap, map_path); |
3169 | EUID_USER(); | 3169 | EUID_USER(); |
3170 | free(map_path); | 3170 | free(map_path); |
3171 | } | 3171 | } |
3172 | EUID_ASSERT(); | 3172 | EUID_ASSERT(); |
3173 | 3173 | ||
3174 | // notify child that UID/GID mapping is complete | 3174 | // notify child that UID/GID mapping is complete |
3175 | notify_other(parent_to_child_fds[1]); | 3175 | notify_other(parent_to_child_fds[1]); |
3176 | close(parent_to_child_fds[1]); | 3176 | close(parent_to_child_fds[1]); |
3177 | 3177 | ||
3178 | EUID_ROOT(); | 3178 | EUID_ROOT(); |
3179 | if (lockfd_network != -1) { | 3179 | if (lockfd_network != -1) { |
3180 | flock(lockfd_network, LOCK_UN); | 3180 | flock(lockfd_network, LOCK_UN); |
3181 | close(lockfd_network); | 3181 | close(lockfd_network); |