diff options
-rw-r--r-- | src/firejail/appimage.c | 31 | ||||
-rw-r--r-- | src/firejail/firejail.h | 2 | ||||
-rw-r--r-- | src/firejail/fs_etc.c | 4 | ||||
-rw-r--r-- | src/firejail/fs_hostname.c | 5 | ||||
-rw-r--r-- | src/firejail/main.c | 2 | ||||
-rw-r--r-- | src/firejail/profile.c | 2 | ||||
-rwxr-xr-x | test/environment/environment.sh | 6 | ||||
-rw-r--r-- | test/environment/hostfile | 1 | ||||
-rwxr-xr-x | test/environment/hostfile.exp | 32 | ||||
-rwxr-xr-x | test/environment/machineid.exp | 25 |
10 files changed, 88 insertions, 22 deletions
diff --git a/src/firejail/appimage.c b/src/firejail/appimage.c index 4cc5cc180..2368d7992 100644 --- a/src/firejail/appimage.c +++ b/src/firejail/appimage.c | |||
@@ -31,6 +31,11 @@ | |||
31 | static char *devloop = NULL; // device file | 31 | static char *devloop = NULL; // device file |
32 | static char *mntdir = NULL; // mount point in /tmp directory | 32 | static char *mntdir = NULL; // mount point in /tmp directory |
33 | 33 | ||
34 | static void err_loop(void) { | ||
35 | fprintf(stderr, "Error: cannot configure loopback device\n"); | ||
36 | exit(1); | ||
37 | } | ||
38 | |||
34 | void appimage_set(const char *appimage) { | 39 | void appimage_set(const char *appimage) { |
35 | assert(appimage); | 40 | assert(appimage); |
36 | assert(devloop == NULL); // don't call this twice! | 41 | assert(devloop == NULL); // don't call this twice! |
@@ -61,35 +66,27 @@ void appimage_set(const char *appimage) { | |||
61 | // find or allocate a free loop device to use | 66 | // find or allocate a free loop device to use |
62 | EUID_ROOT(); | 67 | EUID_ROOT(); |
63 | int cfd = open("/dev/loop-control", O_RDWR); | 68 | int cfd = open("/dev/loop-control", O_RDWR); |
64 | if (cfd == -1) { | 69 | if (cfd == -1) |
65 | fprintf(stderr, "Error: /dev/loop-control interface is not supported by your kernel\n"); | 70 | err_loop(); |
66 | exit(1); | ||
67 | } | ||
68 | int devnr = ioctl(cfd, LOOP_CTL_GET_FREE); | 71 | int devnr = ioctl(cfd, LOOP_CTL_GET_FREE); |
69 | if (devnr == -1) { | 72 | if (devnr == -1) |
70 | fprintf(stderr, "Error: cannot allocate a new loopback device\n"); | 73 | err_loop(); |
71 | exit(1); | ||
72 | } | ||
73 | close(cfd); | 74 | close(cfd); |
74 | if (asprintf(&devloop, "/dev/loop%d", devnr) == -1) | 75 | if (asprintf(&devloop, "/dev/loop%d", devnr) == -1) |
75 | errExit("asprintf"); | 76 | errExit("asprintf"); |
76 | 77 | ||
77 | int lfd = open(devloop, O_RDONLY); | 78 | int lfd = open(devloop, O_RDONLY); |
78 | if (lfd == -1) { | 79 | if (lfd == -1) |
79 | fprintf(stderr, "Error: cannot open %s\n", devloop); | 80 | err_loop(); |
80 | exit(1); | 81 | if (ioctl(lfd, LOOP_SET_FD, ffd) == -1) |
81 | } | 82 | err_loop(); |
82 | if (ioctl(lfd, LOOP_SET_FD, ffd) == -1) { | ||
83 | fprintf(stderr, "Error: cannot configure the loopback device\n"); | ||
84 | exit(1); | ||
85 | } | ||
86 | 83 | ||
87 | if (size) { | 84 | if (size) { |
88 | struct loop_info64 info; | 85 | struct loop_info64 info; |
89 | memset(&info, 0, sizeof(struct loop_info64)); | 86 | memset(&info, 0, sizeof(struct loop_info64)); |
90 | info.lo_offset = size; | 87 | info.lo_offset = size; |
91 | if (ioctl(lfd, LOOP_SET_STATUS64, &info) == -1) | 88 | if (ioctl(lfd, LOOP_SET_STATUS64, &info) == -1) |
92 | errExit("configure appimage offset"); | 89 | err_loop(); |
93 | } | 90 | } |
94 | 91 | ||
95 | close(lfd); | 92 | close(lfd); |
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index dbb6c4d16..75e5feaff 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
@@ -542,7 +542,7 @@ void fs_trace(void); | |||
542 | // fs_hostname.c | 542 | // fs_hostname.c |
543 | void fs_hostname(const char *hostname); | 543 | void fs_hostname(const char *hostname); |
544 | void fs_resolvconf(void); | 544 | void fs_resolvconf(void); |
545 | char *fs_check_hosts_fiile(const char *fname); | 545 | char *fs_check_hosts_file(const char *fname); |
546 | void fs_store_hosts_file(void); | 546 | void fs_store_hosts_file(void); |
547 | void fs_mount_hosts_file(void); | 547 | void fs_mount_hosts_file(void); |
548 | 548 | ||
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c index 19c2210b3..69c422f1d 100644 --- a/src/firejail/fs_etc.c +++ b/src/firejail/fs_etc.c | |||
@@ -34,7 +34,9 @@ void fs_machineid(void) { | |||
34 | // if --machine-id flag is inactive, do nothing | 34 | // if --machine-id flag is inactive, do nothing |
35 | if (arg_machineid == 0) | 35 | if (arg_machineid == 0) |
36 | return; | 36 | return; |
37 | 37 | if (arg_debug) | |
38 | printf("Generating a new machine-id\n"); | ||
39 | |||
38 | // init random number generator | 40 | // init random number generator |
39 | srand(time(NULL)); | 41 | srand(time(NULL)); |
40 | 42 | ||
diff --git a/src/firejail/fs_hostname.c b/src/firejail/fs_hostname.c index 535526409..32243c700 100644 --- a/src/firejail/fs_hostname.c +++ b/src/firejail/fs_hostname.c | |||
@@ -127,7 +127,7 @@ void fs_resolvconf(void) { | |||
127 | } | 127 | } |
128 | } | 128 | } |
129 | 129 | ||
130 | char *fs_check_hosts_fiile(const char *fname) { | 130 | char *fs_check_hosts_file(const char *fname) { |
131 | assert(fname); | 131 | assert(fname); |
132 | invalid_filename(fname); | 132 | invalid_filename(fname); |
133 | char *rv = expand_home(fname, cfg.homedir); | 133 | char *rv = expand_home(fname, cfg.homedir); |
@@ -151,6 +151,9 @@ void fs_store_hosts_file(void) { | |||
151 | } | 151 | } |
152 | 152 | ||
153 | void fs_mount_hosts_file(void) { | 153 | void fs_mount_hosts_file(void) { |
154 | if (arg_debug) | ||
155 | printf("Loading user hosts file\n"); | ||
156 | |||
154 | // check /etc/hosts file | 157 | // check /etc/hosts file |
155 | struct stat s; | 158 | struct stat s; |
156 | if (stat("/etc/hosts", &s) == -1) | 159 | if (stat("/etc/hosts", &s) == -1) |
diff --git a/src/firejail/main.c b/src/firejail/main.c index 3dcc5c62d..843dc2f3a 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -1969,7 +1969,7 @@ int main(int argc, char **argv) { | |||
1969 | } | 1969 | } |
1970 | 1970 | ||
1971 | else if (strncmp(argv[i], "--hosts-file=", 13) == 0) | 1971 | else if (strncmp(argv[i], "--hosts-file=", 13) == 0) |
1972 | cfg.hosts_file = fs_check_hosts_fiile(argv[i] + 13); | 1972 | cfg.hosts_file = fs_check_hosts_file(argv[i] + 13); |
1973 | 1973 | ||
1974 | #ifdef HAVE_NETWORK | 1974 | #ifdef HAVE_NETWORK |
1975 | else if (strcmp(argv[i], "--netfilter") == 0) { | 1975 | else if (strcmp(argv[i], "--netfilter") == 0) { |
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 00dd87dad..4b3cab041 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
@@ -608,7 +608,7 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
608 | 608 | ||
609 | // hosts-file | 609 | // hosts-file |
610 | if (strncmp(ptr, "hosts-file ", 11) == 0) { | 610 | if (strncmp(ptr, "hosts-file ", 11) == 0) { |
611 | cfg.hosts_file = fs_check_hosts_fiile(ptr + 11); | 611 | cfg.hosts_file = fs_check_hosts_file(ptr + 11); |
612 | return 0; | 612 | return 0; |
613 | } | 613 | } |
614 | 614 | ||
diff --git a/test/environment/environment.sh b/test/environment/environment.sh index e2b9cb9d4..60ba7f245 100755 --- a/test/environment/environment.sh +++ b/test/environment/environment.sh | |||
@@ -10,6 +10,12 @@ export MALLOC_PERTURB_=$(($RANDOM % 255 + 1)) | |||
10 | echo "TESTING: DNS (test/environment/dns.exp)" | 10 | echo "TESTING: DNS (test/environment/dns.exp)" |
11 | ./dns.exp | 11 | ./dns.exp |
12 | 12 | ||
13 | echo "TESTING: machine-id (test/environment/machineid.exp)" | ||
14 | ./machineid.exp | ||
15 | |||
16 | echo "TESTING: hosts file (test/environment/hostfile.exp)" | ||
17 | ./hostfile.exp | ||
18 | |||
13 | echo "TESTING: doubledash (test/environment/doubledash.exp" | 19 | echo "TESTING: doubledash (test/environment/doubledash.exp" |
14 | mkdir -- -testdir | 20 | mkdir -- -testdir |
15 | touch -- -testdir/ttt | 21 | touch -- -testdir/ttt |
diff --git a/test/environment/hostfile b/test/environment/hostfile new file mode 100644 index 000000000..913f90c13 --- /dev/null +++ b/test/environment/hostfile | |||
@@ -0,0 +1 @@ | |||
hostfile test | |||
diff --git a/test/environment/hostfile.exp b/test/environment/hostfile.exp new file mode 100755 index 000000000..06003f744 --- /dev/null +++ b/test/environment/hostfile.exp | |||
@@ -0,0 +1,32 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2017 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | |||
7 | set timeout 10 | ||
8 | spawn $env(SHELL) | ||
9 | match_max 100000 | ||
10 | |||
11 | send -- "firejail --debug --hosts-file=hostfile\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 1\n";exit} | ||
14 | "Loading user hosts file" | ||
15 | } | ||
16 | expect { | ||
17 | timeout {puts "TESTING ERROR 2\n";exit} | ||
18 | "Child process initialized" | ||
19 | } | ||
20 | after 100 | ||
21 | |||
22 | send -- "cat /etc/hosts\r" | ||
23 | expect { | ||
24 | timeout {puts "TESTING ERROR 3\n";exit} | ||
25 | "hostfile test" | ||
26 | } | ||
27 | |||
28 | send -- "exit\r" | ||
29 | after 100 | ||
30 | |||
31 | puts "\nall done\n" | ||
32 | |||
diff --git a/test/environment/machineid.exp b/test/environment/machineid.exp new file mode 100755 index 000000000..85510247b --- /dev/null +++ b/test/environment/machineid.exp | |||
@@ -0,0 +1,25 @@ | |||
1 | #!/usr/bin/expect -f | ||
2 | # This file is part of Firejail project | ||
3 | # Copyright (C) 2014-2017 Firejail Authors | ||
4 | # License GPL v2 | ||
5 | |||
6 | |||
7 | set timeout 10 | ||
8 | spawn $env(SHELL) | ||
9 | match_max 100000 | ||
10 | |||
11 | send -- "firejail --debug --machine-id\r" | ||
12 | expect { | ||
13 | timeout {puts "TESTING ERROR 1\n";exit} | ||
14 | "Generating a new machine-id" | ||
15 | } | ||
16 | expect { | ||
17 | timeout {puts "TESTING ERROR 1\n";exit} | ||
18 | "Child process initialized" | ||
19 | } | ||
20 | after 100 | ||
21 | send -- "exit\r" | ||
22 | after 100 | ||
23 | |||
24 | puts "\nall done\n" | ||
25 | |||