diff options
| author |  netblue30 <netblue30@yahoo.com> | 2017-03-24 07:55:44 -0400 |
|---|---|---|
| committer | netblue30 <netblue30@yahoo.com> | 2017-03-24 07:55:44 -0400 |
| commit | 5ff53a2ca729ad687a323f782594420065148588 (patch) | |
| tree | ba8241b684fc70cef6ef8b30ad50b25feabaf505 /src | |
| parent | merge #1100 from zackw: xvfb support in /etc/firejail/firejail.config (diff) | |
| download | firejail-5ff53a2ca729ad687a323f782594420065148588.tar.gz firejail-5ff53a2ca729ad687a323f782594420065148588.tar.zst firejail-5ff53a2ca729ad687a323f782594420065148588.zip | |
testing
Diffstat (limited to 'src')
| -rw-r--r-- | src/firejail/appimage.c | 31 | ||||
| -rw-r--r-- | src/firejail/firejail.h | 2 | ||||
| -rw-r--r-- | src/firejail/fs_etc.c | 4 | ||||
| -rw-r--r-- | src/firejail/fs_hostname.c | 5 | ||||
| -rw-r--r-- | src/firejail/main.c | 2 | ||||
| -rw-r--r-- | src/firejail/profile.c | 2 |
6 files changed, 24 insertions, 22 deletions
diff --git a/src/firejail/appimage.c b/src/firejail/appimage.c index 4cc5cc180..2368d7992 100644 --- a/src/firejail/appimage.c +++ b/src/firejail/appimage.c | |||
| @@ -31,6 +31,11 @@ | |||
| 31 | static char *devloop = NULL; // device file | 31 | static char *devloop = NULL; // device file |
| 32 | static char *mntdir = NULL; // mount point in /tmp directory | 32 | static char *mntdir = NULL; // mount point in /tmp directory |
| 33 | 33 | ||
| 34 | static void err_loop(void) { | ||
| 35 | fprintf(stderr, "Error: cannot configure loopback device\n"); | ||
| 36 | exit(1); | ||
| 37 | } | ||
| 38 | |||
| 34 | void appimage_set(const char *appimage) { | 39 | void appimage_set(const char *appimage) { |
| 35 | assert(appimage); | 40 | assert(appimage); |
| 36 | assert(devloop == NULL); // don't call this twice! | 41 | assert(devloop == NULL); // don't call this twice! |
| @@ -61,35 +66,27 @@ void appimage_set(const char *appimage) { | |||
| 61 | // find or allocate a free loop device to use | 66 | // find or allocate a free loop device to use |
| 62 | EUID_ROOT(); | 67 | EUID_ROOT(); |
| 63 | int cfd = open("/dev/loop-control", O_RDWR); | 68 | int cfd = open("/dev/loop-control", O_RDWR); |
| 64 | if (cfd == -1) { | 69 | if (cfd == -1) |
| 65 | fprintf(stderr, "Error: /dev/loop-control interface is not supported by your kernel\n"); | 70 | err_loop(); |
| 66 | exit(1); | ||
| 67 | } | ||
| 68 | int devnr = ioctl(cfd, LOOP_CTL_GET_FREE); | 71 | int devnr = ioctl(cfd, LOOP_CTL_GET_FREE); |
| 69 | if (devnr == -1) { | 72 | if (devnr == -1) |
| 70 | fprintf(stderr, "Error: cannot allocate a new loopback device\n"); | 73 | err_loop(); |
| 71 | exit(1); | ||
| 72 | } | ||
| 73 | close(cfd); | 74 | close(cfd); |
| 74 | if (asprintf(&devloop, "/dev/loop%d", devnr) == -1) | 75 | if (asprintf(&devloop, "/dev/loop%d", devnr) == -1) |
| 75 | errExit("asprintf"); | 76 | errExit("asprintf"); |
| 76 | 77 | ||
| 77 | int lfd = open(devloop, O_RDONLY); | 78 | int lfd = open(devloop, O_RDONLY); |
| 78 | if (lfd == -1) { | 79 | if (lfd == -1) |
| 79 | fprintf(stderr, "Error: cannot open %s\n", devloop); | 80 | err_loop(); |
| 80 | exit(1); | 81 | if (ioctl(lfd, LOOP_SET_FD, ffd) == -1) |
| 81 | } | 82 | err_loop(); |
| 82 | if (ioctl(lfd, LOOP_SET_FD, ffd) == -1) { | ||
| 83 | fprintf(stderr, "Error: cannot configure the loopback device\n"); | ||
| 84 | exit(1); | ||
| 85 | } | ||
| 86 | 83 | ||
| 87 | if (size) { | 84 | if (size) { |
| 88 | struct loop_info64 info; | 85 | struct loop_info64 info; |
| 89 | memset(&info, 0, sizeof(struct loop_info64)); | 86 | memset(&info, 0, sizeof(struct loop_info64)); |
| 90 | info.lo_offset = size; | 87 | info.lo_offset = size; |
| 91 | if (ioctl(lfd, LOOP_SET_STATUS64, &info) == -1) | 88 | if (ioctl(lfd, LOOP_SET_STATUS64, &info) == -1) |
| 92 | errExit("configure appimage offset"); | 89 | err_loop(); |
| 93 | } | 90 | } |
| 94 | 91 | ||
| 95 | close(lfd); | 92 | close(lfd); |
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index dbb6c4d16..75e5feaff 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
| @@ -542,7 +542,7 @@ void fs_trace(void); | |||
| 542 | // fs_hostname.c | 542 | // fs_hostname.c |
| 543 | void fs_hostname(const char *hostname); | 543 | void fs_hostname(const char *hostname); |
| 544 | void fs_resolvconf(void); | 544 | void fs_resolvconf(void); |
| 545 | char *fs_check_hosts_fiile(const char *fname); | 545 | char *fs_check_hosts_file(const char *fname); |
| 546 | void fs_store_hosts_file(void); | 546 | void fs_store_hosts_file(void); |
| 547 | void fs_mount_hosts_file(void); | 547 | void fs_mount_hosts_file(void); |
| 548 | 548 | ||
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c index 19c2210b3..69c422f1d 100644 --- a/src/firejail/fs_etc.c +++ b/src/firejail/fs_etc.c | |||
| @@ -34,7 +34,9 @@ void fs_machineid(void) { | |||
| 34 | // if --machine-id flag is inactive, do nothing | 34 | // if --machine-id flag is inactive, do nothing |
| 35 | if (arg_machineid == 0) | 35 | if (arg_machineid == 0) |
| 36 | return; | 36 | return; |
| 37 | 37 | if (arg_debug) | |
| 38 | printf("Generating a new machine-id\n"); | ||
| 39 | |||
| 38 | // init random number generator | 40 | // init random number generator |
| 39 | srand(time(NULL)); | 41 | srand(time(NULL)); |
| 40 | 42 | ||
diff --git a/src/firejail/fs_hostname.c b/src/firejail/fs_hostname.c index 535526409..32243c700 100644 --- a/src/firejail/fs_hostname.c +++ b/src/firejail/fs_hostname.c | |||
| @@ -127,7 +127,7 @@ void fs_resolvconf(void) { | |||
| 127 | } | 127 | } |
| 128 | } | 128 | } |
| 129 | 129 | ||
| 130 | char *fs_check_hosts_fiile(const char *fname) { | 130 | char *fs_check_hosts_file(const char *fname) { |
| 131 | assert(fname); | 131 | assert(fname); |
| 132 | invalid_filename(fname); | 132 | invalid_filename(fname); |
| 133 | char *rv = expand_home(fname, cfg.homedir); | 133 | char *rv = expand_home(fname, cfg.homedir); |
| @@ -151,6 +151,9 @@ void fs_store_hosts_file(void) { | |||
| 151 | } | 151 | } |
| 152 | 152 | ||
| 153 | void fs_mount_hosts_file(void) { | 153 | void fs_mount_hosts_file(void) { |
| 154 | if (arg_debug) | ||
| 155 | printf("Loading user hosts file\n"); | ||
| 156 | |||
| 154 | // check /etc/hosts file | 157 | // check /etc/hosts file |
| 155 | struct stat s; | 158 | struct stat s; |
| 156 | if (stat("/etc/hosts", &s) == -1) | 159 | if (stat("/etc/hosts", &s) == -1) |
diff --git a/src/firejail/main.c b/src/firejail/main.c index 3dcc5c62d..843dc2f3a 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
| @@ -1969,7 +1969,7 @@ int main(int argc, char **argv) { | |||
| 1969 | } | 1969 | } |
| 1970 | 1970 | ||
| 1971 | else if (strncmp(argv[i], "--hosts-file=", 13) == 0) | 1971 | else if (strncmp(argv[i], "--hosts-file=", 13) == 0) |
| 1972 | cfg.hosts_file = fs_check_hosts_fiile(argv[i] + 13); | 1972 | cfg.hosts_file = fs_check_hosts_file(argv[i] + 13); |
| 1973 | 1973 | ||
| 1974 | #ifdef HAVE_NETWORK | 1974 | #ifdef HAVE_NETWORK |
| 1975 | else if (strcmp(argv[i], "--netfilter") == 0) { | 1975 | else if (strcmp(argv[i], "--netfilter") == 0) { |
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 00dd87dad..4b3cab041 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
| @@ -608,7 +608,7 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
| 608 | 608 | ||
| 609 | // hosts-file | 609 | // hosts-file |
| 610 | if (strncmp(ptr, "hosts-file ", 11) == 0) { | 610 | if (strncmp(ptr, "hosts-file ", 11) == 0) { |
| 611 | cfg.hosts_file = fs_check_hosts_fiile(ptr + 11); | 611 | cfg.hosts_file = fs_check_hosts_file(ptr + 11); |
| 612 | return 0; | 612 | return 0; |
| 613 | } | 613 | } |
| 614 | 614 | ||