aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorLibravatar netblue30 <netblue30@yahoo.com>2015-10-15 08:18:58 -0400
committerLibravatar netblue30 <netblue30@yahoo.com>2015-10-15 08:18:58 -0400
commit8884df7f98e872d995c2d2bc76d4ffc3430e3629 (patch)
tree3da51a7bead754cea51502b4ca2c1db8675ac905 /src
parentrelease 0.9.32-rc1 (diff)
downloadfirejail-8884df7f98e872d995c2d2bc76d4ffc3430e3629.tar.gz
firejail-8884df7f98e872d995c2d2bc76d4ffc3430e3629.tar.zst
firejail-8884df7f98e872d995c2d2bc76d4ffc3430e3629.zip
--quiet
Diffstat (limited to 'src')
-rw-r--r--src/firejail/firejail.h1
-rw-r--r--src/firejail/main.c12
-rw-r--r--src/firejail/profile.c3
-rw-r--r--src/firejail/sandbox.c37
-rw-r--r--src/firejail/usage.c1
-rw-r--r--src/man/firejail.txt3
6 files changed, 34 insertions, 23 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index 4b2ecf0d9..8260886a4 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -176,6 +176,7 @@ extern int arg_private_bin; // private bin directory
176extern int arg_scan; // arp-scan all interfaces 176extern int arg_scan; // arp-scan all interfaces
177extern int arg_whitelist; // whitelist commad 177extern int arg_whitelist; // whitelist commad
178extern int arg_nosound; // disable sound 178extern int arg_nosound; // disable sound
179extern int arg_quiet; // no output for scripting
179 180
180extern int parent_to_child_fds[2]; 181extern int parent_to_child_fds[2];
181extern int child_to_parent_fds[2]; 182extern int child_to_parent_fds[2];
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 14ba21db5..3d3d43878 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -86,6 +86,7 @@ int arg_private_bin = 0; // private bin directory
86int arg_scan = 0; // arp-scan all interfaces 86int arg_scan = 0; // arp-scan all interfaces
87int arg_whitelist = 0; // whitelist commad 87int arg_whitelist = 0; // whitelist commad
88int arg_nosound = 0; // disable sound 88int arg_nosound = 0; // disable sound
89int arg_quiet = 0; // no output for scripting
89 90
90int parent_to_child_fds[2]; 91int parent_to_child_fds[2];
91int child_to_parent_fds[2]; 92int child_to_parent_fds[2];
@@ -97,7 +98,7 @@ pid_t sandbox_pid;
97 98
98static void myexit(int rv) { 99static void myexit(int rv) {
99 logmsg("exiting..."); 100 logmsg("exiting...");
100 if (!arg_command) 101 if (!arg_command && !arg_quiet)
101 printf("\nparent is shutting down, bye...\n"); 102 printf("\nparent is shutting down, bye...\n");
102 103
103 // delete sandbox files in shared memory 104 // delete sandbox files in shared memory
@@ -108,7 +109,8 @@ static void myexit(int rv) {
108} 109}
109 110
110static void my_handler(int s){ 111static void my_handler(int s){
111 printf("\nSignal %d caught, shutting down the child process\n", s); 112 if (!arg_quiet)
113 printf("\nSignal %d caught, shutting down the child process\n", s);
112 logsignal(s); 114 logsignal(s);
113 kill(child, SIGKILL); 115 kill(child, SIGKILL);
114 myexit(1); 116 myexit(1);
@@ -444,6 +446,8 @@ int main(int argc, char **argv) {
444 446
445 if (strcmp(argv[i], "--debug") == 0) 447 if (strcmp(argv[i], "--debug") == 0)
446 arg_debug = 1; 448 arg_debug = 1;
449 else if (strcmp(argv[i], "--quiet") == 0)
450 arg_quiet = 1;
447 451
448 //************************************* 452 //*************************************
449 // filtering 453 // filtering
@@ -1198,7 +1202,7 @@ int main(int argc, char **argv) {
1198 custom_profile = profile_find(profile_name, "/etc/firejail"); 1202 custom_profile = profile_find(profile_name, "/etc/firejail");
1199 } 1203 }
1200 1204
1201 if (custom_profile) 1205 if (custom_profile && !arg_quiet)
1202 printf("\n** Note: you can use --noprofile to disable %s.profile **\n\n", profile_name); 1206 printf("\n** Note: you can use --noprofile to disable %s.profile **\n\n", profile_name);
1203 } 1207 }
1204 } 1208 }
@@ -1248,7 +1252,7 @@ int main(int argc, char **argv) {
1248 if (child == -1) 1252 if (child == -1)
1249 errExit("clone"); 1253 errExit("clone");
1250 1254
1251 if (!arg_command) { 1255 if (!arg_command && !arg_quiet) {
1252 printf("Parent pid %u, child pid %u\n", sandbox_pid, child); 1256 printf("Parent pid %u, child pid %u\n", sandbox_pid, child);
1253 // print the path of the new log directory 1257 // print the path of the new log directory
1254 if (getuid() == 0) // only for root 1258 if (getuid() == 0) // only for root
diff --git a/src/firejail/profile.c b/src/firejail/profile.c
index 5b18cc179..2e3790b3c 100644
--- a/src/firejail/profile.c
+++ b/src/firejail/profile.c
@@ -413,7 +413,8 @@ void profile_read(const char *fname, const char *skip1, const char *skip2) {
413 exit(1); 413 exit(1);
414 } 414 }
415 415
416 fprintf(stderr, "Reading profile %s\n", fname); 416 if (!arg_quiet)
417 fprintf(stderr, "Reading profile %s\n", fname);
417 418
418 // read the file line by line 419 // read the file line by line
419 char buf[MAX_READ + 1]; 420 char buf[MAX_READ + 1];
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c
index 50fe50380..6eab5fc4e 100644
--- a/src/firejail/sandbox.c
+++ b/src/firejail/sandbox.c
@@ -205,7 +205,8 @@ int sandbox(void* sandbox_arg) {
205 // drop all supplementary groups; /etc/group file inside chroot 205 // drop all supplementary groups; /etc/group file inside chroot
206 // is controlled by a regular usr 206 // is controlled by a regular usr
207 arg_nogroups = 1; 207 arg_nogroups = 1;
208 printf("Dropping all Linux capabilities and enforcing default seccomp filter\n"); 208 if (!arg_quiet)
209 printf("Dropping all Linux capabilities and enforcing default seccomp filter\n");
209 } 210 }
210 211
211 //**************************** 212 //****************************
@@ -348,22 +349,22 @@ int sandbox(void* sandbox_arg) {
348 fs_resolvconf(); 349 fs_resolvconf();
349 350
350 // print network configuration 351 // print network configuration
351 if (any_bridge_configured() || any_interface_configured() || cfg.defaultgw || cfg.dns1) { 352 if (!arg_quiet) {
352 printf("\n"); 353 if (any_bridge_configured() || any_interface_configured() || cfg.defaultgw || cfg.dns1) {
353 if (any_bridge_configured() || any_interface_configured()) 354 printf("\n");
354 net_ifprint(); 355 if (any_bridge_configured() || any_interface_configured())
355 if (cfg.defaultgw != 0) 356 net_ifprint();
356 printf("Default gateway %d.%d.%d.%d\n", PRINT_IP(cfg.defaultgw)); 357 if (cfg.defaultgw != 0)
357 if (cfg.dns1 != 0) 358 printf("Default gateway %d.%d.%d.%d\n", PRINT_IP(cfg.defaultgw));
358 printf("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns1)); 359 if (cfg.dns1 != 0)
359 if (cfg.dns2 != 0) 360 printf("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns1));
360 printf("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns2)); 361 if (cfg.dns2 != 0)
361 if (cfg.dns3 != 0) 362 printf("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns2));
362 printf("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns3)); 363 if (cfg.dns3 != 0)
363 printf("\n"); 364 printf("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns3));
365 printf("\n");
366 }
364 } 367 }
365
366
367 368
368 //**************************** 369 //****************************
369 // start executable 370 // start executable
@@ -483,7 +484,7 @@ int sandbox(void* sandbox_arg) {
483 } 484 }
484 } 485 }
485 486
486 if (!arg_command) 487 if (!arg_command && !arg_quiet)
487 printf("Child process initialized\n"); 488 printf("Child process initialized\n");
488 execvp(cfg.original_argv[cfg.original_program_index], &cfg.original_argv[cfg.original_program_index]); 489 execvp(cfg.original_argv[cfg.original_program_index], &cfg.original_argv[cfg.original_program_index]);
489 } 490 }
@@ -532,7 +533,7 @@ int sandbox(void* sandbox_arg) {
532 } 533 }
533 } 534 }
534 535
535 if (!arg_command) 536 if (!arg_command && !arg_quiet)
536 printf("Child process initialized\n"); 537 printf("Child process initialized\n");
537 execvp(sh, arg); 538 execvp(sh, arg);
538 } 539 }
diff --git a/src/firejail/usage.c b/src/firejail/usage.c
index 24969823f..096d44765 100644
--- a/src/firejail/usage.c
+++ b/src/firejail/usage.c
@@ -191,6 +191,7 @@ void usage(void) {
191 printf("\t\tAll modifications are discarded when the sandbox is closed.\n\n"); 191 printf("\t\tAll modifications are discarded when the sandbox is closed.\n\n");
192 192
193 printf("\t--profile=filename - use a custom profile.\n\n"); 193 printf("\t--profile=filename - use a custom profile.\n\n");
194 printf("\t--quiet - turn off Firejail's output.\n\n");
194 printf("\t--read-only=dirname_or_filename - set directory or file read-only.\n\n"); 195 printf("\t--read-only=dirname_or_filename - set directory or file read-only.\n\n");
195 printf("\t--rlimit-fsize=number - set the maximum file size that can be created\n"); 196 printf("\t--rlimit-fsize=number - set the maximum file size that can be created\n");
196 printf("\t\tby a process.\n\n"); 197 printf("\t\tby a process.\n\n");
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index cacd6abca..9d3595d16 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -823,6 +823,9 @@ Example:
823.br 823.br
824$ firejail \-\-profile=myprofile 824$ firejail \-\-profile=myprofile
825.TP 825.TP
826\fB\-\-quiet
827Turn off Firejail's output.
828.TP
826\fB\-\-read-only=dirname_or_filename 829\fB\-\-read-only=dirname_or_filename
827Set directory or file read-only. 830Set directory or file read-only.
828.br 831.br
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-10 13:19:17 +0000