diff options
Diffstat (limited to 'src/firejail/dbus.c')
| -rw-r--r-- | src/firejail/dbus.c | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/src/firejail/dbus.c b/src/firejail/dbus.c index 5b47567e2..18576612d 100644 --- a/src/firejail/dbus.c +++ b/src/firejail/dbus.c | |||
| @@ -285,6 +285,8 @@ static char *find_user_socket(void) { | |||
| 285 | void dbus_proxy_start(void) { | 285 | void dbus_proxy_start(void) { |
| 286 | dbus_create_user_dir(); | 286 | dbus_create_user_dir(); |
| 287 | 287 | ||
| 288 | EUID_USER(); | ||
| 289 | |||
| 288 | int status_pipe[2]; | 290 | int status_pipe[2]; |
| 289 | if (pipe(status_pipe) == -1) | 291 | if (pipe(status_pipe) == -1) |
| 290 | errExit("pipe"); | 292 | errExit("pipe"); |
| @@ -299,10 +301,21 @@ void dbus_proxy_start(void) { | |||
| 299 | errExit("fork"); | 301 | errExit("fork"); |
| 300 | if (dbus_proxy_pid == 0) { | 302 | if (dbus_proxy_pid == 0) { |
| 301 | int i; | 303 | int i; |
| 302 | for (i = 3; i < FIREJAIL_MAX_FD; i++) { | 304 | for (i = STDERR_FILENO + 1; i < FIREJAIL_MAX_FD; i++) { |
| 303 | if (i != status_pipe[1] && i != args_pipe[0]) | 305 | if (i != status_pipe[1] && i != args_pipe[0]) |
| 304 | close(i); // close open files | 306 | close(i); // close open files |
| 305 | } | 307 | } |
| 308 | if (arg_dbus_log_file != NULL) { | ||
| 309 | int output_fd = creat(arg_dbus_log_file, 0666); | ||
| 310 | if (output_fd < 0) | ||
| 311 | errExit("creat"); | ||
| 312 | if (output_fd != STDOUT_FILENO) { | ||
| 313 | if (dup2(output_fd, STDOUT_FILENO) != STDOUT_FILENO) | ||
| 314 | errExit("dup2"); | ||
| 315 | close(output_fd); | ||
| 316 | } | ||
| 317 | } | ||
| 318 | close(STDIN_FILENO); | ||
| 306 | char *args[4] = {XDG_DBUS_PROXY_PATH, NULL, NULL, NULL}; | 319 | char *args[4] = {XDG_DBUS_PROXY_PATH, NULL, NULL, NULL}; |
| 307 | if (asprintf(&args[1], "--fd=%d", status_pipe[1]) == -1 | 320 | if (asprintf(&args[1], "--fd=%d", status_pipe[1]) == -1 |
| 308 | || asprintf(&args[2], "--args=%d", args_pipe[0]) == -1) | 321 | || asprintf(&args[2], "--args=%d", args_pipe[0]) == -1) |
| @@ -328,6 +341,9 @@ void dbus_proxy_start(void) { | |||
| 328 | (int) getuid(), (int) getpid()) == -1) | 341 | (int) getuid(), (int) getpid()) == -1) |
| 329 | errExit("asprintf"); | 342 | errExit("asprintf"); |
| 330 | write_arg(args_pipe[1], "%s", dbus_user_proxy_socket); | 343 | write_arg(args_pipe[1], "%s", dbus_user_proxy_socket); |
| 344 | if (arg_dbus_log_user) { | ||
| 345 | write_arg(args_pipe[1], "--log"); | ||
| 346 | } | ||
| 331 | write_arg(args_pipe[1], "--filter"); | 347 | write_arg(args_pipe[1], "--filter"); |
| 332 | write_profile(args_pipe[1], "dbus-user."); | 348 | write_profile(args_pipe[1], "dbus-user."); |
| 333 | } | 349 | } |
| @@ -344,6 +360,9 @@ void dbus_proxy_start(void) { | |||
| 344 | (int) getuid(), (int) getpid()) == -1) | 360 | (int) getuid(), (int) getpid()) == -1) |
| 345 | errExit("asprintf"); | 361 | errExit("asprintf"); |
| 346 | write_arg(args_pipe[1], "%s", dbus_system_proxy_socket); | 362 | write_arg(args_pipe[1], "%s", dbus_system_proxy_socket); |
| 363 | if (arg_dbus_log_system) { | ||
| 364 | write_arg(args_pipe[1], "--log"); | ||
| 365 | } | ||
| 347 | write_arg(args_pipe[1], "--filter"); | 366 | write_arg(args_pipe[1], "--filter"); |
| 348 | write_profile(args_pipe[1], "dbus-system."); | 367 | write_profile(args_pipe[1], "dbus-system."); |
| 349 | } | 368 | } |