diff options
-rw-r--r-- | src/firejail/firejail.h | 3 | ||||
-rw-r--r-- | src/firejail/fs_dev.c | 2 | ||||
-rw-r--r-- | src/firejail/main.c | 27 | ||||
-rw-r--r-- | src/firejail/util.c | 21 |
4 files changed, 28 insertions, 25 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index f4d468394..c801ea262 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
@@ -457,8 +457,7 @@ char *expand_home(const char *path, const char* homedir); | |||
457 | const char *gnu_basename(const char *path); | 457 | const char *gnu_basename(const char *path); |
458 | uid_t pid_get_uid(pid_t pid); | 458 | uid_t pid_get_uid(pid_t pid); |
459 | void invalid_filename(const char *fname); | 459 | void invalid_filename(const char *fname); |
460 | uid_t get_tty_gid(void); | 460 | uid_t get_group_id(const char *group); |
461 | uid_t get_audio_gid(void); | ||
462 | int remove_directory(const char *path); | 461 | int remove_directory(const char *path); |
463 | void flush_stdin(void); | 462 | void flush_stdin(void); |
464 | 463 | ||
diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c index daf0afd9e..aa5f7c28b 100644 --- a/src/firejail/fs_dev.c +++ b/src/firejail/fs_dev.c | |||
@@ -225,7 +225,7 @@ void fs_private_dev(void){ | |||
225 | 225 | ||
226 | 226 | ||
227 | // mount /dev/pts | 227 | // mount /dev/pts |
228 | gid_t ttygid = get_tty_gid(); | 228 | gid_t ttygid = get_group_id("tty"); |
229 | char *data; | 229 | char *data; |
230 | if (asprintf(&data, "newinstance,gid=%d,mode=620,ptmxmode=0666", (int) ttygid) == -1) | 230 | if (asprintf(&data, "newinstance,gid=%d,mode=620,ptmxmode=0666", (int) ttygid) == -1) |
231 | errExit("asprintf"); | 231 | errExit("asprintf"); |
diff --git a/src/firejail/main.c b/src/firejail/main.c index 6d4eb21df..987a79d1c 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -2555,16 +2555,31 @@ int main(int argc, char **argv) { | |||
2555 | ptr += strlen(ptr); | 2555 | ptr += strlen(ptr); |
2556 | 2556 | ||
2557 | // add tty group | 2557 | // add tty group |
2558 | gid_t ttygid = get_tty_gid(); | 2558 | gid_t g = get_group_id("tty"); |
2559 | if (ttygid) { | 2559 | if (g) { |
2560 | sprintf(ptr, "%d %d 1\n", ttygid, ttygid); | 2560 | sprintf(ptr, "%d %d 1\n", g, g); |
2561 | ptr += strlen(ptr); | 2561 | ptr += strlen(ptr); |
2562 | } | 2562 | } |
2563 | 2563 | ||
2564 | // add audio group | 2564 | // add audio group |
2565 | gid_t audiogid = get_audio_gid(); | 2565 | g = get_group_id("audio"); |
2566 | if (ttygid) { | 2566 | if (g) { |
2567 | sprintf(ptr, "%d %d 1\n", audiogid, audiogid); | 2567 | sprintf(ptr, "%d %d 1\n", g, g); |
2568 | ptr += strlen(ptr); | ||
2569 | } | ||
2570 | |||
2571 | // add video group | ||
2572 | g = get_group_id("video"); | ||
2573 | if (g) { | ||
2574 | sprintf(ptr, "%d %d 1\n", g, g); | ||
2575 | ptr += strlen(ptr); | ||
2576 | } | ||
2577 | |||
2578 | // add games group | ||
2579 | g = get_group_id("games"); | ||
2580 | if (g) { | ||
2581 | sprintf(ptr, "%d %d 1\n", g, g); | ||
2582 | ptr += strlen(ptr); | ||
2568 | } | 2583 | } |
2569 | 2584 | ||
2570 | EUID_ROOT(); | 2585 | EUID_ROOT(); |
diff --git a/src/firejail/util.c b/src/firejail/util.c index 7aa0ae0e8..f38b02fd0 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
@@ -649,25 +649,14 @@ void invalid_filename(const char *fname) { | |||
649 | } | 649 | } |
650 | 650 | ||
651 | 651 | ||
652 | uid_t get_tty_gid(void) { | 652 | uid_t get_group_id(const char *group) { |
653 | // find tty group id | 653 | // find tty group id |
654 | gid_t ttygid = 0; | 654 | gid_t gid = 0; |
655 | struct group *g = getgrnam("tty"); | 655 | struct group *g = getgrnam(group); |
656 | if (g) | 656 | if (g) |
657 | ttygid = g->gr_gid; | 657 | gid = g->gr_gid; |
658 | 658 | ||
659 | return ttygid; | 659 | return gid; |
660 | } | ||
661 | |||
662 | |||
663 | uid_t get_audio_gid(void) { | ||
664 | // find tty group id | ||
665 | gid_t audiogid = 0; | ||
666 | struct group *g = getgrnam("audio"); | ||
667 | if (g) | ||
668 | audiogid = g->gr_gid; | ||
669 | |||
670 | return audiogid; | ||
671 | } | 660 | } |
672 | 661 | ||
673 | 662 | ||