diff options
Diffstat (limited to 'src/faudit')
-rw-r--r-- | src/faudit/dbus.c | 2 | ||||
-rw-r--r-- | src/faudit/files.c | 2 | ||||
-rw-r--r-- | src/faudit/main.c | 2 | ||||
-rw-r--r-- | src/faudit/network.c | 2 | ||||
-rw-r--r-- | src/faudit/syscall.c | 5 |
5 files changed, 5 insertions, 8 deletions
diff --git a/src/faudit/dbus.c b/src/faudit/dbus.c index 5f25e7312..f7b5a221d 100644 --- a/src/faudit/dbus.c +++ b/src/faudit/dbus.c | |||
@@ -42,7 +42,7 @@ void check_session_bus(const char *sockfile) { | |||
42 | printf("GOOD: I cannot connect to session bus. If the application misbehaves, please log a bug with the application developer.\n"); | 42 | printf("GOOD: I cannot connect to session bus. If the application misbehaves, please log a bug with the application developer.\n"); |
43 | } | 43 | } |
44 | else { | 44 | else { |
45 | printf("MAYBE: I can connect to session bus. If this is undesirable, use \"--private-tmp\" or blacklist the socket file.\n"); | 45 | printf("MAYBE: I can connect to session bus. It could be a good idea to create a new network namespace using \"--net=none\" or \"--net=eth0\".\n"); |
46 | } | 46 | } |
47 | 47 | ||
48 | close(sock); | 48 | close(sock); |
diff --git a/src/faudit/files.c b/src/faudit/files.c index c27973358..e27d3436a 100644 --- a/src/faudit/files.c +++ b/src/faudit/files.c | |||
@@ -33,7 +33,7 @@ static void check_home_file(const char *name) { | |||
33 | 33 | ||
34 | if (access(fname, R_OK) == 0) { | 34 | if (access(fname, R_OK) == 0) { |
35 | printf("UGLY: I can access files in %s directory. ", fname); | 35 | printf("UGLY: I can access files in %s directory. ", fname); |
36 | printf("Use \"firejail --blacklist=~/%s\" to block it.\n", fname); | 36 | printf("Use \"firejail --blacklist=%s\" to block it.\n", fname); |
37 | } | 37 | } |
38 | else | 38 | else |
39 | printf("GOOD: I cannot access files in %s directory.\n", fname); | 39 | printf("GOOD: I cannot access files in %s directory.\n", fname); |
diff --git a/src/faudit/main.c b/src/faudit/main.c index df549ac3e..86d3fe4a9 100644 --- a/src/faudit/main.c +++ b/src/faudit/main.c | |||
@@ -41,7 +41,7 @@ int main(int argc, char **argv) { | |||
41 | fprintf(stderr, "Error: cannot extract the path of the audit program\n"); | 41 | fprintf(stderr, "Error: cannot extract the path of the audit program\n"); |
42 | return 1; | 42 | return 1; |
43 | } | 43 | } |
44 | printf("INFO: Starting %s.\n", prog); | 44 | printf("INFO: starting %s.\n", prog); |
45 | 45 | ||
46 | 46 | ||
47 | // check pid namespace | 47 | // check pid namespace |
diff --git a/src/faudit/network.c b/src/faudit/network.c index bb3116c3b..39821cd25 100644 --- a/src/faudit/network.c +++ b/src/faudit/network.c | |||
@@ -40,7 +40,7 @@ void check_ssh(void) { | |||
40 | if (connect(sock , (struct sockaddr *)&server , sizeof(server)) < 0) | 40 | if (connect(sock , (struct sockaddr *)&server , sizeof(server)) < 0) |
41 | printf("GOOD: SSH server not available on localhost.\n"); | 41 | printf("GOOD: SSH server not available on localhost.\n"); |
42 | else { | 42 | else { |
43 | printf("MAYBE: An SSH server is accessible on localhost. "); | 43 | printf("MAYBE: an SSH server is accessible on localhost. "); |
44 | printf("It could be a good idea to create a new network namespace using \"--net=none\" or \"--net=eth0\".\n"); | 44 | printf("It could be a good idea to create a new network namespace using \"--net=none\" or \"--net=eth0\".\n"); |
45 | } | 45 | } |
46 | 46 | ||
diff --git a/src/faudit/syscall.c b/src/faudit/syscall.c index 84d73a03f..7088ad340 100644 --- a/src/faudit/syscall.c +++ b/src/faudit/syscall.c | |||
@@ -79,11 +79,8 @@ void syscall_run(const char *name) { | |||
79 | if (child < 0) | 79 | if (child < 0) |
80 | errExit("fork"); | 80 | errExit("fork"); |
81 | if (child == 0) { | 81 | if (child == 0) { |
82 | char *cmd; | ||
83 | if (asprintf(&cmd, "%s syscall %s", prog, name) == -1) | ||
84 | errExit("asprintf"); | ||
85 | execl(prog, prog, "syscall", name, NULL); | 82 | execl(prog, prog, "syscall", name, NULL); |
86 | exit(0); | 83 | exit(1); |
87 | } | 84 | } |
88 | 85 | ||
89 | // wait for the child to finish | 86 | // wait for the child to finish |