aboutsummaryrefslogtreecommitdiffstats
path: root/src/faudit
diff options
context:
space:
mode:
Diffstat (limited to 'src/faudit')
-rw-r--r--src/faudit/dbus.c2
-rw-r--r--src/faudit/files.c2
-rw-r--r--src/faudit/main.c2
-rw-r--r--src/faudit/network.c2
-rw-r--r--src/faudit/syscall.c5
5 files changed, 5 insertions, 8 deletions
diff --git a/src/faudit/dbus.c b/src/faudit/dbus.c
index 5f25e7312..f7b5a221d 100644
--- a/src/faudit/dbus.c
+++ b/src/faudit/dbus.c
@@ -42,7 +42,7 @@ void check_session_bus(const char *sockfile) {
42 printf("GOOD: I cannot connect to session bus. If the application misbehaves, please log a bug with the application developer.\n"); 42 printf("GOOD: I cannot connect to session bus. If the application misbehaves, please log a bug with the application developer.\n");
43 } 43 }
44 else { 44 else {
45 printf("MAYBE: I can connect to session bus. If this is undesirable, use \"--private-tmp\" or blacklist the socket file.\n"); 45 printf("MAYBE: I can connect to session bus. It could be a good idea to create a new network namespace using \"--net=none\" or \"--net=eth0\".\n");
46 } 46 }
47 47
48 close(sock); 48 close(sock);
diff --git a/src/faudit/files.c b/src/faudit/files.c
index c27973358..e27d3436a 100644
--- a/src/faudit/files.c
+++ b/src/faudit/files.c
@@ -33,7 +33,7 @@ static void check_home_file(const char *name) {
33 33
34 if (access(fname, R_OK) == 0) { 34 if (access(fname, R_OK) == 0) {
35 printf("UGLY: I can access files in %s directory. ", fname); 35 printf("UGLY: I can access files in %s directory. ", fname);
36 printf("Use \"firejail --blacklist=~/%s\" to block it.\n", fname); 36 printf("Use \"firejail --blacklist=%s\" to block it.\n", fname);
37 } 37 }
38 else 38 else
39 printf("GOOD: I cannot access files in %s directory.\n", fname); 39 printf("GOOD: I cannot access files in %s directory.\n", fname);
diff --git a/src/faudit/main.c b/src/faudit/main.c
index df549ac3e..86d3fe4a9 100644
--- a/src/faudit/main.c
+++ b/src/faudit/main.c
@@ -41,7 +41,7 @@ int main(int argc, char **argv) {
41 fprintf(stderr, "Error: cannot extract the path of the audit program\n"); 41 fprintf(stderr, "Error: cannot extract the path of the audit program\n");
42 return 1; 42 return 1;
43 } 43 }
44 printf("INFO: Starting %s.\n", prog); 44 printf("INFO: starting %s.\n", prog);
45 45
46 46
47 // check pid namespace 47 // check pid namespace
diff --git a/src/faudit/network.c b/src/faudit/network.c
index bb3116c3b..39821cd25 100644
--- a/src/faudit/network.c
+++ b/src/faudit/network.c
@@ -40,7 +40,7 @@ void check_ssh(void) {
40 if (connect(sock , (struct sockaddr *)&server , sizeof(server)) < 0) 40 if (connect(sock , (struct sockaddr *)&server , sizeof(server)) < 0)
41 printf("GOOD: SSH server not available on localhost.\n"); 41 printf("GOOD: SSH server not available on localhost.\n");
42 else { 42 else {
43 printf("MAYBE: An SSH server is accessible on localhost. "); 43 printf("MAYBE: an SSH server is accessible on localhost. ");
44 printf("It could be a good idea to create a new network namespace using \"--net=none\" or \"--net=eth0\".\n"); 44 printf("It could be a good idea to create a new network namespace using \"--net=none\" or \"--net=eth0\".\n");
45 } 45 }
46 46
diff --git a/src/faudit/syscall.c b/src/faudit/syscall.c
index 84d73a03f..7088ad340 100644
--- a/src/faudit/syscall.c
+++ b/src/faudit/syscall.c
@@ -79,11 +79,8 @@ void syscall_run(const char *name) {
79 if (child < 0) 79 if (child < 0)
80 errExit("fork"); 80 errExit("fork");
81 if (child == 0) { 81 if (child == 0) {
82 char *cmd;
83 if (asprintf(&cmd, "%s syscall %s", prog, name) == -1)
84 errExit("asprintf");
85 execl(prog, prog, "syscall", name, NULL); 82 execl(prog, prog, "syscall", name, NULL);
86 exit(0); 83 exit(1);
87 } 84 }
88 85
89 // wait for the child to finish 86 // wait for the child to finish
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-07 12:39:19 +0000