diff options
-rw-r--r-- | src/firejail/join.c | 1 | ||||
-rw-r--r-- | src/firejail/main.c | 1 | ||||
-rw-r--r-- | src/firejail/util.c | 9 | ||||
-rw-r--r-- | src/firemon/firemon.c | 6 |
4 files changed, 12 insertions, 5 deletions
diff --git a/src/firejail/join.c b/src/firejail/join.c index f202d1a9c..14eea4612 100644 --- a/src/firejail/join.c +++ b/src/firejail/join.c | |||
@@ -398,6 +398,7 @@ pid_t switch_to_child(pid_t pid) { | |||
398 | exit(1); | 398 | exit(1); |
399 | } | 399 | } |
400 | EUID_USER(); | 400 | EUID_USER(); |
401 | |||
401 | if (strcmp(comm, "firejail") == 0) { | 402 | if (strcmp(comm, "firejail") == 0) { |
402 | if (find_child(pid, &rv) == 1) { | 403 | if (find_child(pid, &rv) == 1) { |
403 | fprintf(stderr, "Error: no valid sandbox\n"); | 404 | fprintf(stderr, "Error: no valid sandbox\n"); |
diff --git a/src/firejail/main.c b/src/firejail/main.c index 96ba83cef..df890ecea 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -523,7 +523,6 @@ static void run_cmd_and_exit(int i, int argc, char **argv) { | |||
523 | if (checkcfg(CFG_SECCOMP)) { | 523 | if (checkcfg(CFG_SECCOMP)) { |
524 | // print seccomp filter for a sandbox specified by pid or by name | 524 | // print seccomp filter for a sandbox specified by pid or by name |
525 | pid_t pid = require_pid(argv[i] + 17); | 525 | pid_t pid = require_pid(argv[i] + 17); |
526 | printf("pid %d\n", pid); | ||
527 | protocol_print_filter(pid); | 526 | protocol_print_filter(pid); |
528 | } | 527 | } |
529 | else | 528 | else |
diff --git a/src/firejail/util.c b/src/firejail/util.c index d65ac0071..9f878611a 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
@@ -647,8 +647,13 @@ int find_child(pid_t parent, pid_t *child) { | |||
647 | fprintf(stderr, "Error: cannot read /proc file\n"); | 647 | fprintf(stderr, "Error: cannot read /proc file\n"); |
648 | exit(1); | 648 | exit(1); |
649 | } | 649 | } |
650 | if (parent == atoi(ptr)) | 650 | if (parent == atoi(ptr)) { |
651 | *child = pid; | 651 | // we don't want /usr/bin/xdg-dbus-proxy! |
652 | char *cmdline = pid_proc_cmdline(pid); | ||
653 | if (strncmp(cmdline, XDG_DBUS_PROXY_PATH, strlen(XDG_DBUS_PROXY_PATH)) != 0) | ||
654 | *child = pid; | ||
655 | free(cmdline); | ||
656 | } | ||
652 | break; // stop reading the file | 657 | break; // stop reading the file |
653 | } | 658 | } |
654 | } | 659 | } |
diff --git a/src/firemon/firemon.c b/src/firemon/firemon.c index 952659e39..7468e3240 100644 --- a/src/firemon/firemon.c +++ b/src/firemon/firemon.c | |||
@@ -72,9 +72,11 @@ int find_child(int id) { | |||
72 | if (pids[i].level == 2 && pids[i].parent == id) { | 72 | if (pids[i].level == 2 && pids[i].parent == id) { |
73 | // skip /usr/bin/xdg-dbus-proxy (started by firejail for dbus filtering) | 73 | // skip /usr/bin/xdg-dbus-proxy (started by firejail for dbus filtering) |
74 | char *cmdline = pid_proc_cmdline(i); | 74 | char *cmdline = pid_proc_cmdline(i); |
75 | if (strncmp(cmdline, XDG_DBUS_PROXY_PATH, strlen(XDG_DBUS_PROXY_PATH)) == 0) | 75 | if (strncmp(cmdline, XDG_DBUS_PROXY_PATH, strlen(XDG_DBUS_PROXY_PATH)) == 0) { |
76 | free(cmdline); | ||
76 | continue; | 77 | continue; |
77 | 78 | } | |
79 | free(cmdline); | ||
78 | first_child = i; | 80 | first_child = i; |
79 | break; | 81 | break; |
80 | } | 82 | } |