diff options
author | netblue30 <netblue30@yahoo.com> | 2015-12-06 13:11:00 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2015-12-06 13:11:00 -0500 |
commit | 873b9d161f4d87a87af78d5074016a5749588513 (patch) | |
tree | a7c4d7f8d68fa7175facc2b64975ddbd9ae305e5 /src | |
parent | Merge pull request #186 from avoidr/parole.profile (diff) | |
download | firejail-873b9d161f4d87a87af78d5074016a5749588513.tar.gz firejail-873b9d161f4d87a87af78d5074016a5749588513.tar.zst firejail-873b9d161f4d87a87af78d5074016a5749588513.zip |
traclog added to various profiles
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/fs_trace.c | 5 | ||||
-rw-r--r-- | src/firejail/profile.c | 4 | ||||
-rw-r--r-- | src/man/firejail-profile.txt | 4 |
3 files changed, 11 insertions, 2 deletions
diff --git a/src/firejail/fs_trace.c b/src/firejail/fs_trace.c index f555a6693..55a1b9c7a 100644 --- a/src/firejail/fs_trace.c +++ b/src/firejail/fs_trace.c | |||
@@ -59,8 +59,11 @@ void fs_trace(void) { | |||
59 | errExit("fopen"); | 59 | errExit("fopen"); |
60 | if (arg_trace) | 60 | if (arg_trace) |
61 | fprintf(fp, "%s/firejail/libtrace.so\n", LIBDIR); | 61 | fprintf(fp, "%s/firejail/libtrace.so\n", LIBDIR); |
62 | else if (arg_tracelog) | 62 | else if (arg_tracelog) { |
63 | fprintf(fp, "%s/firejail/libtracelog.so\n", LIBDIR); | 63 | fprintf(fp, "%s/firejail/libtracelog.so\n", LIBDIR); |
64 | if (!arg_quiet) | ||
65 | printf("Blacklist violations are logged to syslog\n"); | ||
66 | } | ||
64 | else | 67 | else |
65 | assert(0); | 68 | assert(0); |
66 | 69 | ||
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 50fdeda7e..366a56e13 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
@@ -120,6 +120,10 @@ int profile_check_line(char *ptr, int lineno) { | |||
120 | arg_shell_none = 1; | 120 | arg_shell_none = 1; |
121 | return 0; | 121 | return 0; |
122 | } | 122 | } |
123 | else if (strcmp(ptr, "tracelog") == 0) { | ||
124 | arg_tracelog = 1; | ||
125 | return 0; | ||
126 | } | ||
123 | else if (strcmp(ptr, "private") == 0) { | 127 | else if (strcmp(ptr, "private") == 0) { |
124 | arg_private = 1; | 128 | arg_private = 1; |
125 | return 0; | 129 | return 0; |
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt index 90aca5130..600b82d3d 100644 --- a/src/man/firejail-profile.txt +++ b/src/man/firejail-profile.txt | |||
@@ -158,7 +158,9 @@ All modifications are discarded when the sandbox is closed. | |||
158 | Build a new user home in a temporary filesystem, and mount-bind file_or_directory. | 158 | Build a new user home in a temporary filesystem, and mount-bind file_or_directory. |
159 | The modifications to file_or_directory are persistent, everything else is discarded | 159 | The modifications to file_or_directory are persistent, everything else is discarded |
160 | when the sandbox is closed. | 160 | when the sandbox is closed. |
161 | 161 | .TP | |
162 | \f\ tracelog | ||
163 | Blacklist violations logged to syslog. | ||
162 | .SH Filters | 164 | .SH Filters |
163 | \fBcaps\fR and \fBseccomp\fR enable Linux capabilities and seccomp filters. Examples: | 165 | \fBcaps\fR and \fBseccomp\fR enable Linux capabilities and seccomp filters. Examples: |
164 | 166 | ||