diff options
author | Karl-Johan Karlsson <creideiki@ferretporn.se> | 2016-01-23 22:09:46 +0100 |
---|---|---|
committer | Karl-Johan Karlsson <creideiki@ferretporn.se> | 2016-01-23 22:09:46 +0100 |
commit | 64ef8f7b652870624a219a026bb29c7b78d93c9e (patch) | |
tree | ad6aba7956dfd8d7dd8d74a6bc6a79a55bee78ed /src | |
parent | set terminal window title (diff) | |
download | firejail-64ef8f7b652870624a219a026bb29c7b78d93c9e.tar.gz firejail-64ef8f7b652870624a219a026bb29c7b78d93c9e.tar.zst firejail-64ef8f7b652870624a219a026bb29c7b78d93c9e.zip |
Make the sandbox process reap all children.
The sandbox process is PID 1 in the sandbox, which means it needs to reap
orphans within the jail by running waitpid(-1).
Solves netblue30/firejail#256
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/sandbox.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index b49172f1f..441269277 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
@@ -134,7 +134,11 @@ static void monitor_application(pid_t app_pid) { | |||
134 | usleep(20000); | 134 | usleep(20000); |
135 | 135 | ||
136 | int status; | 136 | int status; |
137 | unsigned rv = waitpid(app_pid, &status, 0); | 137 | unsigned rv; |
138 | do { | ||
139 | rv = waitpid(-1, &status, 0); | ||
140 | } | ||
141 | while(rv != app_pid); | ||
138 | if (arg_debug) | 142 | if (arg_debug) |
139 | printf("Sandbox monitor: waitpid %u retval %d status %d\n", app_pid, rv, status); | 143 | printf("Sandbox monitor: waitpid %u retval %d status %d\n", app_pid, rv, status); |
140 | 144 | ||