main.c: [ref] fix indentation and whitespace around group handling

author: Kelvin M. Klann <kmk3.code@protonmail.com> 2021-10-16 02:16:45 -0300
committer: Kelvin M. Klann <kmk3.code@protonmail.com> 2021-10-22 15:02:18 -0300
commit: cc0a113e982d2db70f42c15629d52c0149737d13 (patch)
tree: 1b500163b10969de150a37c39acc2641f9268f97 /src
parent: README update (diff)
download: firejail-cc0a113e982d2db70f42c15629d52c0149737d13.tar.gz
firejail-cc0a113e982d2db70f42c15629d52c0149737d13.tar.zst
firejail-cc0a113e982d2db70f42c15629d52c0149737d13.zip
1 files changed, 78 insertions, 78 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 1ba70b0bd..eca2846e2 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -3088,94 +3088,94 @@ int main(int argc, char **argv, char **envp) {
        }
        EUID_ASSERT();
-        // close each end of the unused pipes
+        // close each end of the unused pipes
-        close(parent_to_child_fds[0]);
+        close(parent_to_child_fds[0]);
-        close(child_to_parent_fds[1]);
+        close(child_to_parent_fds[1]);
        // notify child that base setup is complete
-        notify_other(parent_to_child_fds[1]);
+        notify_other(parent_to_child_fds[1]);
-        // wait for child to create new user namespace with CLONE_NEWUSER
+        // wait for child to create new user namespace with CLONE_NEWUSER
-        wait_for_other(child_to_parent_fds[0]);
+        wait_for_other(child_to_parent_fds[0]);
-        close(child_to_parent_fds[0]);
+        close(child_to_parent_fds[0]);
-        if (arg_noroot) {
+        if (arg_noroot) {
-                // update the UID and GID maps in the new child user namespace
+                // update the UID and GID maps in the new child user namespace
                // uid
-                char *map_path;
+                char *map_path;
-                if (asprintf(&map_path, "/proc/%d/uid_map", child) == -1)
+                if (asprintf(&map_path, "/proc/%d/uid_map", child) == -1)
-                        errExit("asprintf");
+                        errExit("asprintf");
-                char *map;
+                char *map;
-                uid_t uid = getuid();
+                uid_t uid = getuid();
-                if (asprintf(&map, "%d %d 1", uid, uid) == -1)
+                if (asprintf(&map, "%d %d 1", uid, uid) == -1)
-                        errExit("asprintf");
+                        errExit("asprintf");
-                EUID_ROOT();
+                EUID_ROOT();
-                update_map(map, map_path);
+                update_map(map, map_path);
-                EUID_USER();
+                EUID_USER();
-                free(map);
+                free(map);
-                free(map_path);
+                free(map_path);
-                // gid file
+                // gid file
                if (asprintf(&map_path, "/proc/%d/gid_map", child) == -1)
                        errExit("asprintf");
-                char gidmap[1024];
+                char gidmap[1024];
-                char *ptr = gidmap;
+                char *ptr = gidmap;
-                *ptr = '\0';
+                *ptr = '\0';
-                // add user group
+                // add user group
-                gid_t gid = getgid();
+                gid_t gid = getgid();
-                sprintf(ptr, "%d %d 1\n", gid, gid);
+                sprintf(ptr, "%d %d 1\n", gid, gid);
-                ptr += strlen(ptr);
+                ptr += strlen(ptr);
-                if (!arg_nogroups) {
+                if (!arg_nogroups) {
-                        //  add firejail group
+                        // add firejail group
-                        gid_t g = get_group_id("firejail");
+                        gid_t g = get_group_id("firejail");
-                        if (g) {
+                        if (g) {
-                                sprintf(ptr, "%d %d 1\n", g, g);
+                                sprintf(ptr, "%d %d 1\n", g, g);
-                                ptr += strlen(ptr);
+                                ptr += strlen(ptr);
-                        }
+                        }
-                        //  add tty group
+                        // add tty group
-                        g = get_group_id("tty");
+                        g = get_group_id("tty");
-                        if (g) {
+                        if (g) {
-                                sprintf(ptr, "%d %d 1\n", g, g);
+                                sprintf(ptr, "%d %d 1\n", g, g);
-                                ptr += strlen(ptr);
+                                ptr += strlen(ptr);
-                        }
+                        }
-                        //  add audio group
+                        // add audio group
-                        g = get_group_id("audio");
+                        g = get_group_id("audio");
-                        if (g) {
+                        if (g) {
-                                sprintf(ptr, "%d %d 1\n", g, g);
+                                sprintf(ptr, "%d %d 1\n", g, g);
-                                ptr += strlen(ptr);
+                                ptr += strlen(ptr);
-                        }
+                        }
-                        //  add video group
+                        // add video group
-                        g = get_group_id("video");
+                        g = get_group_id("video");
-                        if (g) {
+                        if (g) {
-                                sprintf(ptr, "%d %d 1\n", g, g);
+                                sprintf(ptr, "%d %d 1\n", g, g);
-                                ptr += strlen(ptr);
+                                ptr += strlen(ptr);
-                        }
+                        }
-                        //  add games group
+                        // add games group
-                        g = get_group_id("games");
+                        g = get_group_id("games");
-                        if (g) {
+                        if (g) {
-                                sprintf(ptr, "%d %d 1\n", g, g);
+                                sprintf(ptr, "%d %d 1\n", g, g);
-                        }
+                        }
-                 }
+                }
-                EUID_ROOT();
+                EUID_ROOT();
-                update_map(gidmap, map_path);
+                update_map(gidmap, map_path);
-                EUID_USER();
+                EUID_USER();
-                free(map_path);
+                free(map_path);
-        }
+        }
        EUID_ASSERT();
-        // notify child that UID/GID mapping is complete
+        // notify child that UID/GID mapping is complete
-        notify_other(parent_to_child_fds[1]);
+        notify_other(parent_to_child_fds[1]);
-        close(parent_to_child_fds[1]);
+        close(parent_to_child_fds[1]);
-        EUID_ROOT();
+        EUID_ROOT();
        if (lockfd_network != -1) {
                flock(lockfd_network, LOCK_UN);
                close(lockfd_network);
author	Kelvin M. Klann <kmk3.code@protonmail.com>	2021-10-16 02:16:45 -0300
committer	Kelvin M. Klann <kmk3.code@protonmail.com>	2021-10-22 15:02:18 -0300
commit	cc0a113e982d2db70f42c15629d52c0149737d13 (patch)
tree	1b500163b10969de150a37c39acc2641f9268f97 /src
parent	README update (diff)
download	firejail-cc0a113e982d2db70f42c15629d52c0149737d13.tar.gz firejail-cc0a113e982d2db70f42c15629d52c0149737d13.tar.zst firejail-cc0a113e982d2db70f42c15629d52c0149737d13.zip

diff --git a/src/firejail/main.c b/src/firejail/main.c index 1ba70b0bd..eca2846e2 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c
@@ -3088,94 +3088,94 @@ int main(int argc, char argv, char envp) {
3088	}	3088	}
3089	EUID_ASSERT();	3089	EUID_ASSERT();
3090		3090
3091	// close each end of the unused pipes	3091	// close each end of the unused pipes
3092	close(parent_to_child_fds[0]);	3092	close(parent_to_child_fds[0]);
3093	close(child_to_parent_fds[1]);	3093	close(child_to_parent_fds[1]);
3094		3094
3095	// notify child that base setup is complete	3095	// notify child that base setup is complete
3096	notify_other(parent_to_child_fds[1]);	3096	notify_other(parent_to_child_fds[1]);
3097		3097
3098	// wait for child to create new user namespace with CLONE_NEWUSER	3098	// wait for child to create new user namespace with CLONE_NEWUSER
3099	wait_for_other(child_to_parent_fds[0]);	3099	wait_for_other(child_to_parent_fds[0]);
3100	close(child_to_parent_fds[0]);	3100	close(child_to_parent_fds[0]);
3101		3101
3102	if (arg_noroot) {	3102	if (arg_noroot) {
3103	// update the UID and GID maps in the new child user namespace	3103	// update the UID and GID maps in the new child user namespace
3104	// uid	3104	// uid
3105	char *map_path;	3105	char *map_path;
3106	if (asprintf(&map_path, "/proc/%d/uid_map", child) == -1)	3106	if (asprintf(&map_path, "/proc/%d/uid_map", child) == -1)
3107	errExit("asprintf");	3107	errExit("asprintf");
3108		3108
3109	char *map;	3109	char *map;
3110	uid_t uid = getuid();	3110	uid_t uid = getuid();
3111	if (asprintf(&map, "%d %d 1", uid, uid) == -1)	3111	if (asprintf(&map, "%d %d 1", uid, uid) == -1)
3112	errExit("asprintf");	3112	errExit("asprintf");
3113	EUID_ROOT();	3113	EUID_ROOT();
3114	update_map(map, map_path);	3114	update_map(map, map_path);
3115	EUID_USER();	3115	EUID_USER();
3116	free(map);	3116	free(map);
3117	free(map_path);	3117	free(map_path);
3118		3118
3119	// gid file	3119	// gid file
3120	if (asprintf(&map_path, "/proc/%d/gid_map", child) == -1)	3120	if (asprintf(&map_path, "/proc/%d/gid_map", child) == -1)
3121	errExit("asprintf");	3121	errExit("asprintf");
3122	char gidmap[1024];	3122	char gidmap[1024];
3123	char *ptr = gidmap;	3123	char *ptr = gidmap;
3124	*ptr = '\0';	3124	*ptr = '\0';
3125		3125
3126	// add user group	3126	// add user group
3127	gid_t gid = getgid();	3127	gid_t gid = getgid();
3128	sprintf(ptr, "%d %d 1\n", gid, gid);	3128	sprintf(ptr, "%d %d 1\n", gid, gid);
3129	ptr += strlen(ptr);	3129	ptr += strlen(ptr);
3130		3130
3131	if (!arg_nogroups) {	3131	if (!arg_nogroups) {
3132	// add firejail group	3132	// add firejail group
3133	gid_t g = get_group_id("firejail");	3133	gid_t g = get_group_id("firejail");
3134	if (g) {	3134	if (g) {
3135	sprintf(ptr, "%d %d 1\n", g, g);	3135	sprintf(ptr, "%d %d 1\n", g, g);
3136	ptr += strlen(ptr);	3136	ptr += strlen(ptr);
3137	}	3137	}
3138		3138
3139	// add tty group	3139	// add tty group
3140	g = get_group_id("tty");	3140	g = get_group_id("tty");
3141	if (g) {	3141	if (g) {
3142	sprintf(ptr, "%d %d 1\n", g, g);	3142	sprintf(ptr, "%d %d 1\n", g, g);
3143	ptr += strlen(ptr);	3143	ptr += strlen(ptr);
3144	}	3144	}
3145		3145
3146	// add audio group	3146	// add audio group
3147	g = get_group_id("audio");	3147	g = get_group_id("audio");
3148	if (g) {	3148	if (g) {
3149	sprintf(ptr, "%d %d 1\n", g, g);	3149	sprintf(ptr, "%d %d 1\n", g, g);
3150	ptr += strlen(ptr);	3150	ptr += strlen(ptr);
3151	}	3151	}
3152		3152
3153	// add video group	3153	// add video group
3154	g = get_group_id("video");	3154	g = get_group_id("video");
3155	if (g) {	3155	if (g) {
3156	sprintf(ptr, "%d %d 1\n", g, g);	3156	sprintf(ptr, "%d %d 1\n", g, g);
3157	ptr += strlen(ptr);	3157	ptr += strlen(ptr);
3158	}	3158	}
3159		3159
3160	// add games group	3160	// add games group
3161	g = get_group_id("games");	3161	g = get_group_id("games");
3162	if (g) {	3162	if (g) {
3163	sprintf(ptr, "%d %d 1\n", g, g);	3163	sprintf(ptr, "%d %d 1\n", g, g);
3164	}	3164	}
3165	}	3165	}
3166		3166
3167	EUID_ROOT();	3167	EUID_ROOT();
3168	update_map(gidmap, map_path);	3168	update_map(gidmap, map_path);
3169	EUID_USER();	3169	EUID_USER();
3170	free(map_path);	3170	free(map_path);
3171	}	3171	}
3172	EUID_ASSERT();	3172	EUID_ASSERT();
3173		3173
3174	// notify child that UID/GID mapping is complete	3174	// notify child that UID/GID mapping is complete
3175	notify_other(parent_to_child_fds[1]);	3175	notify_other(parent_to_child_fds[1]);
3176	close(parent_to_child_fds[1]);	3176	close(parent_to_child_fds[1]);
3177		3177
3178	EUID_ROOT();	3178	EUID_ROOT();
3179	if (lockfd_network != -1) {	3179	if (lockfd_network != -1) {
3180	flock(lockfd_network, LOCK_UN);	3180	flock(lockfd_network, LOCK_UN);
3181	close(lockfd_network);	3181	close(lockfd_network);