split run files processing in a separate file - src/firejail/run_files.c

9 files changed, 154 insertions, 131 deletions

diff --git a/src/firejail/bandwidth.c b/src/firejail/bandwidth.c
index 542faa06e..0045b444f 100644
--- a/src/firejail/bandwidth.c
+++ b/src/firejail/bandwidth.c
@@ -141,22 +141,6 @@ static void bandwidth_create_run_file(pid_t pid) {
         free(fname);
 }
 
-// delete bandwidth file
-void bandwidth_del_run_file(pid_t pid) {
-        char *fname;
-        if (asprintf(&fname, "%s/%d-bandwidth", RUN_FIREJAIL_BANDWIDTH_DIR, (int) pid) == -1)
-                errExit("asprintf");
-        unlink(fname);
-        free(fname);
-}
-
-void network_del_run_file(pid_t pid) {
-        char *fname;
-        if (asprintf(&fname, "%s/%d-netmap", RUN_FIREJAIL_NETWORK_DIR, (int) pid) == -1)
-                errExit("asprintf");
-        unlink(fname);
-        free(fname);
-}
 
 void network_set_run_file(pid_t pid) {
         char *fname;
@@ -268,9 +252,8 @@ void bandwidth_remove(pid_t pid, const char *dev) {
         }
 
         // remove the file if there are no entries in the list
-        if (ifbw == NULL) {
-                 bandwidth_del_run_file(pid);
-        }
+        if (ifbw == NULL)
+                 delete_bandwidth_run_file(pid);
 }
 
 // add interface to run file
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index ca3b73ffc..27c3dd2ea 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -22,6 +22,7 @@
 #include "../include/common.h"
 #include "../include/euid_common.h"
 #include <stdarg.h>
+#include <sys/stat.h>
 
 // debug restricted shell
 //#define DEBUG_RESTRICTED_SHELL
@@ -303,7 +304,6 @@ static inline int any_interface_configured(void) {
         else
                 return 0;
 }
-void clear_run_files(pid_t pid);
 
 extern int arg_private;         // mount private /home
 extern int arg_private_template; // private /home template
@@ -393,7 +393,6 @@ extern char *fullargv[MAX_ARGS];
 extern int fullargc;
 
 // main.c
-void set_x11_file(pid_t pid, int display);
 void check_user_namespace(void);
 char *guess_shell(void);
 
@@ -617,9 +616,7 @@ void netns(const char *nsname);
 void netns_mounts(const char *nsname);
 
 // bandwidth.c
-void bandwidth_del_run_file(pid_t pid);
 void bandwidth_pid(pid_t pid, const char *command, const char *dev, int down, int up);
-void network_del_run_file(pid_t pid);
 void network_set_run_file(pid_t pid);
 
 // fs_etc.c
@@ -791,9 +788,15 @@ void build_appimage_cmdline(char **command_line, char **window_title, int argc,
 // run sbox
 int sbox_run(unsigned filter, int num, ...);
 
-
 // git.c
 void git_install();
 void git_uninstall();
 
+// run_files.c
+void delete_run_files(pid_t pid);
+void delete_bandwidth_run_file(pid_t pid);
+void set_name_run_file(pid_t pid);
+void set_x11_run_file(pid_t pid, int display);
+void set_profile_run_file(pid_t pid, const char *fname);
+
 #endif
diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c
index 947f12472..6eac78d96 100644
--- a/src/firejail/fs_dev.c
+++ b/src/firejail/fs_dev.c
@@ -146,7 +146,7 @@ static void create_link(const char *oldpath, const char *newpath) {
                 exit(1);
         }
 
-        if (chown(newpath, 0, 0) < 0);
+        if (chown(newpath, 0, 0) < 0) {;}
 
         fs_logger2("create", newpath);
         return;
diff --git a/src/firejail/join.c b/src/firejail/join.c
index a21293214..12ee4a9a0 100644
--- a/src/firejail/join.c
+++ b/src/firejail/join.c
@@ -64,7 +64,7 @@ static void extract_x11_display(pid_t pid) {
 
         // store the display number for join process in /run/firejail/x11
         EUID_ROOT();
-        set_x11_file(getpid(), display);
+        set_x11_run_file(getpid(), display);
         EUID_USER();
 }
 
diff --git a/src/firejail/main.c b/src/firejail/main.c
index e8556de2d..ec090cdc6 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -132,22 +132,9 @@ static pid_t child = 0;
 pid_t sandbox_pid;
 unsigned long long start_timestamp;
 
-static void set_name_file(pid_t pid);
-static void delete_name_file(pid_t pid);
-static void delete_profile_file(pid_t pid);
-static void delete_x11_file(pid_t pid);
-
-void clear_run_files(pid_t pid) {
-        bandwidth_del_run_file(pid);            // bandwidth file
-        network_del_run_file(pid);              // network map file
-        delete_name_file(pid);
-        delete_profile_file(pid);
-        delete_x11_file(pid);
-}
-
 static void clear_atexit(void) {
         EUID_ROOT();
-        clear_run_files(getpid());
+        delete_run_files(getpid());
 }
 
 static void myexit(int rv) {
@@ -158,7 +145,7 @@ static void myexit(int rv) {
 
         // delete sandbox files in shared memory
         EUID_ROOT();
-        clear_run_files(sandbox_pid);
+        delete_run_files(sandbox_pid);
         appimage_clear();
         flush_stdin();
         exit(rv);
@@ -755,68 +742,7 @@ static void run_cmd_and_exit(int i, int argc, char **argv) {
 
 }
 
-static void set_name_file(pid_t pid) {
-        char *fname;
-        if (asprintf(&fname, "%s/%d", RUN_FIREJAIL_NAME_DIR, pid) == -1)
-                errExit("asprintf");
-
-        // the file is deleted first
-        FILE *fp = fopen(fname, "w");
-        if (!fp) {
-                fprintf(stderr, "Error: cannot create %s\n", fname);
-                exit(1);
-        }
-        fprintf(fp, "%s\n", cfg.name);
-
-        // mode and ownership
-        SET_PERMS_STREAM(fp, 0, 0, 0644);
-        fclose(fp);
-}
-
-static void delete_name_file(pid_t pid) {
-        char *fname;
-        if (asprintf(&fname, "%s/%d", RUN_FIREJAIL_NAME_DIR, pid) == -1)
-                errExit("asprintf");
-        int rv = unlink(fname);
-        (void) rv;
-        free(fname);
-}
-
-static void delete_profile_file(pid_t pid) {
-        char *fname;
-        if (asprintf(&fname, "%s/%d", RUN_FIREJAIL_PROFILE_DIR, pid) == -1)
-                errExit("asprintf");
-        int rv = unlink(fname);
-        (void) rv;
-        free(fname);
-}
-
-void set_x11_file(pid_t pid, int display) {
-        char *fname;
-        if (asprintf(&fname, "%s/%d", RUN_FIREJAIL_X11_DIR, pid) == -1)
-                errExit("asprintf");
 
-        // the file is deleted first
-        FILE *fp = fopen(fname, "w");
-        if (!fp) {
-                fprintf(stderr, "Error: cannot create %s\n", fname);
-                exit(1);
-        }
-        fprintf(fp, "%d\n", display);
-
-        // mode and ownership
-        SET_PERMS_STREAM(fp, 0, 0, 0644);
-        fclose(fp);
-}
-
-static void delete_x11_file(pid_t pid) {
-        char *fname;
-        if (asprintf(&fname, "%s/%d", RUN_FIREJAIL_X11_DIR, pid) == -1)
-                errExit("asprintf");
-        int rv = unlink(fname);
-        (void) rv;
-        free(fname);
-}
 
 char *guess_shell(void) {
         char *shell = NULL;
@@ -1002,10 +928,7 @@ int main(int argc, char **argv) {
 
         // check firejail directories
         EUID_ROOT();
-        bandwidth_del_run_file(sandbox_pid);
-        network_del_run_file(sandbox_pid);
-        delete_name_file(sandbox_pid);
-        delete_x11_file(sandbox_pid);
+        delete_run_files(sandbox_pid);
 
         EUID_USER();
 
@@ -2506,10 +2429,10 @@ int main(int argc, char **argv) {
         // set name file
         EUID_ROOT();
         if (cfg.name)
-                set_name_file(sandbox_pid);
+                set_name_run_file(sandbox_pid);
         int display = x11_display();
         if (display > 0)
-                set_x11_file(sandbox_pid, display);
+                set_x11_run_file(sandbox_pid, display);
         EUID_USER();
 
         // clone environment
diff --git a/src/firejail/preproc.c b/src/firejail/preproc.c
index d13209873..1f4cf9e54 100644
--- a/src/firejail/preproc.c
+++ b/src/firejail/preproc.c
@@ -173,7 +173,7 @@ void preproc_clean_run(void) {
                 if (pid < start_pid)
                         continue;
                 if (pidarr[pid] == 0)
-                        clear_run_files(pid);
+                        delete_run_files(pid);
         }
         closedir(dir);
 
diff --git a/src/firejail/profile.c b/src/firejail/profile.c
index 77308b7ac..5566b9860 100644
--- a/src/firejail/profile.c
+++ b/src/firejail/profile.c
@@ -1241,27 +1241,8 @@ void profile_read(const char *fname) {
         }
 
         // save the name of the file for --profile.print option
-        if (include_level == 0) {
-                char *runfile;
-                if (asprintf(&runfile, "%s/%d", RUN_FIREJAIL_PROFILE_DIR, getpid()) == -1)
-                        errExit("asprintf");
-
-                EUID_ROOT();
-                // the file is deleted first
-                FILE *fp = fopen(runfile, "w");
-                if (!fp) {
-                        fprintf(stderr, "Error: cannot create %s\n", runfile);
-                        exit(1);
-                }
-                fprintf(fp, "%s\n", fname);
-
-                // mode and ownership
-                SET_PERMS_STREAM(fp, 0, 0, 0644);
-                fclose(fp);
-                EUID_USER();
-                free(runfile);
-        }
-
+        if (include_level == 0)
+                set_profile_run_file(getpid(), fname);
 
         int msg_printed = 0;
 
diff --git a/src/firejail/run_files.c b/src/firejail/run_files.c
new file mode 100644
index 000000000..42303c07b
--- /dev/null
+++ b/src/firejail/run_files.c
@@ -0,0 +1,133 @@
+/*
+ * Copyright (C) 2014-2018 Firejail Authors
+ *
+ * This file is part of firejail project
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ */
+
+#include "firejail.h"
+#include "../include/pid.h"
+
+static void delete_x11_run_file(pid_t pid) {
+        char *fname;
+        if (asprintf(&fname, "%s/%d", RUN_FIREJAIL_X11_DIR, pid) == -1)
+                errExit("asprintf");
+        int rv = unlink(fname);
+        (void) rv;
+        free(fname);
+}
+
+static void delete_profile_run_file(pid_t pid) {
+        char *fname;
+        if (asprintf(&fname, "%s/%d", RUN_FIREJAIL_PROFILE_DIR, pid) == -1)
+                errExit("asprintf");
+        int rv = unlink(fname);
+        (void) rv;
+        free(fname);
+}
+
+static void delete_name_run_file(pid_t pid) {
+        char *fname;
+        if (asprintf(&fname, "%s/%d", RUN_FIREJAIL_NAME_DIR, pid) == -1)
+                errExit("asprintf");
+        int rv = unlink(fname);
+        (void) rv;
+        free(fname);
+}
+
+void delete_bandwidth_run_file(pid_t pid) {
+        char *fname;
+        if (asprintf(&fname, "%s/%d-bandwidth", RUN_FIREJAIL_BANDWIDTH_DIR, (int) pid) == -1)
+                errExit("asprintf");
+        unlink(fname);
+        free(fname);
+}
+
+static void delete_network_run_file(pid_t pid) {
+        char *fname;
+        if (asprintf(&fname, "%s/%d-netmap", RUN_FIREJAIL_NETWORK_DIR, (int) pid) == -1)
+                errExit("asprintf");
+        unlink(fname);
+        free(fname);
+}
+
+
+
+void delete_run_files(pid_t pid) {
+        delete_bandwidth_run_file(pid);
+        delete_network_run_file(pid);
+        delete_name_run_file(pid);
+        delete_profile_run_file(pid);
+        delete_x11_run_file(pid);
+}
+
+void set_name_run_file(pid_t pid) {
+        char *fname;
+        if (asprintf(&fname, "%s/%d", RUN_FIREJAIL_NAME_DIR, pid) == -1)
+                errExit("asprintf");
+
+        // the file is deleted first
+        FILE *fp = fopen(fname, "w");
+        if (!fp) {
+                fprintf(stderr, "Error: cannot create %s\n", fname);
+                exit(1);
+        }
+        fprintf(fp, "%s\n", cfg.name);
+
+        // mode and ownership
+        SET_PERMS_STREAM(fp, 0, 0, 0644);
+        fclose(fp);
+}
+
+
+void set_x11_run_file(pid_t pid, int display) {
+        char *fname;
+        if (asprintf(&fname, "%s/%d", RUN_FIREJAIL_X11_DIR, pid) == -1)
+                errExit("asprintf");
+
+        // the file is deleted first
+        FILE *fp = fopen(fname, "w");
+        if (!fp) {
+                fprintf(stderr, "Error: cannot create %s\n", fname);
+                exit(1);
+        }
+        fprintf(fp, "%d\n", display);
+
+        // mode and ownership
+        SET_PERMS_STREAM(fp, 0, 0, 0644);
+        fclose(fp);
+}
+
+void set_profile_run_file(pid_t pid, const char *fname) {
+        char *runfile;
+        if (asprintf(&runfile, "%s/%d", RUN_FIREJAIL_PROFILE_DIR, pid) == -1)
+                errExit("asprintf");
+
+        EUID_ROOT();
+        // the file is deleted first
+        FILE *fp = fopen(runfile, "w");
+        if (!fp) {
+                fprintf(stderr, "Error: cannot create %s\n", runfile);
+                exit(1);
+        }
+        fprintf(fp, "%s\n", fname);
+
+        // mode and ownership
+        SET_PERMS_STREAM(fp, 0, 0, 0644);
+        fclose(fp);
+        EUID_USER();
+        free(runfile);
+}
diff --git a/src/firejail/shutdown.c b/src/firejail/shutdown.c
index 12dfdf450..be20cd353 100644
--- a/src/firejail/shutdown.c
+++ b/src/firejail/shutdown.c
@@ -103,5 +103,5 @@ void shut(pid_t pid) {
                 }
         }
 
-        clear_run_files(parent);
+        delete_run_files(parent);
 }