diff options
Diffstat (limited to 'src/firejail/fs_hostname.c')
-rw-r--r-- | src/firejail/fs_hostname.c | 157 |
1 files changed, 157 insertions, 0 deletions
diff --git a/src/firejail/fs_hostname.c b/src/firejail/fs_hostname.c new file mode 100644 index 000000000..fb3fc530e --- /dev/null +++ b/src/firejail/fs_hostname.c | |||
@@ -0,0 +1,157 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2014, 2015 netblue30 (netblue30@yahoo.com) | ||
3 | * | ||
4 | * This file is part of firejail project | ||
5 | * | ||
6 | * This program is free software; you can redistribute it and/or modify | ||
7 | * it under the terms of the GNU General Public License as published by | ||
8 | * the Free Software Foundation; either version 2 of the License, or | ||
9 | * (at your option) any later version. | ||
10 | * | ||
11 | * This program is distributed in the hope that it will be useful, | ||
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
14 | * GNU General Public License for more details. | ||
15 | * | ||
16 | * You should have received a copy of the GNU General Public License along | ||
17 | * with this program; if not, write to the Free Software Foundation, Inc., | ||
18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | ||
19 | */ | ||
20 | #include "firejail.h" | ||
21 | #include <sys/mount.h> | ||
22 | #include <sys/stat.h> | ||
23 | #include <linux/limits.h> | ||
24 | #include <glob.h> | ||
25 | #include <dirent.h> | ||
26 | #include <fcntl.h> | ||
27 | |||
28 | void fs_hostname(const char *hostname) { | ||
29 | struct stat s; | ||
30 | fs_build_mnt_dir(); | ||
31 | |||
32 | // create a new /etc/hostname | ||
33 | if (stat("/etc/hostname", &s) == 0) { | ||
34 | if (arg_debug) | ||
35 | printf("Creating a new /etc/hostname file\n"); | ||
36 | char *fhost; | ||
37 | if (asprintf(&fhost, "%s/hostname", MNT_DIR) == -1) | ||
38 | errExit("asprintf"); | ||
39 | FILE *fp = fopen(fhost, "w"); | ||
40 | if (!fp) { | ||
41 | fprintf(stderr, "Error: cannot create %s\n", fhost); | ||
42 | free(fhost); | ||
43 | exit(1); | ||
44 | } | ||
45 | fprintf(fp, "%s\n", hostname); | ||
46 | fclose(fp); | ||
47 | |||
48 | // mode and owner | ||
49 | if (chown(fhost, 0, 0) < 0) | ||
50 | errExit("chown"); | ||
51 | if (chmod(fhost, S_IRUSR | S_IWRITE | S_IRGRP | S_IROTH ) < 0) | ||
52 | errExit("chmod"); | ||
53 | |||
54 | // bind-mount the file on top of /etc/hostname | ||
55 | if (mount(fhost, "/etc/hostname", NULL, MS_BIND|MS_REC, NULL) < 0) | ||
56 | errExit("mount bind /etc/hostname"); | ||
57 | free(fhost); | ||
58 | } | ||
59 | |||
60 | // create a new /etc/hosts | ||
61 | if (stat("/etc/hosts", &s) == 0) { | ||
62 | if (arg_debug) | ||
63 | printf("Creating a new /etc/hosts file\n"); | ||
64 | char *fhost; | ||
65 | if (asprintf(&fhost, "%s/hosts", MNT_DIR) == -1) | ||
66 | errExit("asprintf"); | ||
67 | // copy /etc/host into our new file, and modify it on the fly | ||
68 | /* coverity[toctou] */ | ||
69 | FILE *fp1 = fopen("/etc/hosts", "r"); | ||
70 | if (!fp1) { | ||
71 | fprintf(stderr, "Error: cannot open /etc/hosts\n"); | ||
72 | free(fhost); | ||
73 | exit(1); | ||
74 | } | ||
75 | FILE *fp2 = fopen(fhost, "w"); | ||
76 | if (!fp2) { | ||
77 | fprintf(stderr, "Error: cannot create %s\n", fhost); | ||
78 | free(fhost); | ||
79 | exit(1); | ||
80 | } | ||
81 | |||
82 | char buf[4096]; | ||
83 | while (fgets(buf, sizeof(buf), fp1)) { | ||
84 | // remove '\n' | ||
85 | char *ptr = strchr(buf, '\n'); | ||
86 | if (ptr) | ||
87 | *ptr = '\0'; | ||
88 | |||
89 | // copy line | ||
90 | if (strstr(buf, "127.0.0.1")) | ||
91 | fprintf(fp2, "%s %s\n", buf, hostname); | ||
92 | else | ||
93 | fprintf(fp2, "%s\n", buf); | ||
94 | } | ||
95 | fclose(fp1); | ||
96 | fclose(fp2); | ||
97 | |||
98 | // mode and owner | ||
99 | if (chown(fhost, 0, 0) < 0) | ||
100 | errExit("chown"); | ||
101 | if (chmod(fhost, S_IRUSR | S_IWRITE | S_IRGRP | S_IROTH ) < 0) | ||
102 | errExit("chmod"); | ||
103 | |||
104 | // bind-mount the file on top of /etc/hostname | ||
105 | if (mount(fhost, "/etc/hosts", NULL, MS_BIND|MS_REC, NULL) < 0) | ||
106 | errExit("mount bind /etc/hosts"); | ||
107 | free(fhost); | ||
108 | } | ||
109 | } | ||
110 | |||
111 | void fs_resolvconf(void) { | ||
112 | if (cfg.dns1 == 0) | ||
113 | return; | ||
114 | |||
115 | struct stat s; | ||
116 | fs_build_mnt_dir(); | ||
117 | |||
118 | // create a new /etc/hostname | ||
119 | if (stat("/etc/resolv.conf", &s) == 0) { | ||
120 | if (arg_debug) | ||
121 | printf("Creating a new /etc/resolv.conf file\n"); | ||
122 | char *fname; | ||
123 | if (asprintf(&fname, "%s/resolv.conf", MNT_DIR) == -1) | ||
124 | errExit("asprintf"); | ||
125 | FILE *fp = fopen(fname, "w"); | ||
126 | if (!fp) { | ||
127 | fprintf(stderr, "Error: cannot create %s\n", fname); | ||
128 | free(fname); | ||
129 | exit(1); | ||
130 | } | ||
131 | |||
132 | if (cfg.dns1) | ||
133 | fprintf(fp, "nameserver %d.%d.%d.%d\n", PRINT_IP(cfg.dns1)); | ||
134 | if (cfg.dns2) | ||
135 | fprintf(fp, "nameserver %d.%d.%d.%d\n", PRINT_IP(cfg.dns2)); | ||
136 | if (cfg.dns3) | ||
137 | fprintf(fp, "nameserver %d.%d.%d.%d\n", PRINT_IP(cfg.dns3)); | ||
138 | fclose(fp); | ||
139 | |||
140 | // mode and owner | ||
141 | if (chown(fname, 0, 0) < 0) | ||
142 | errExit("chown"); | ||
143 | if (chmod(fname, S_IRUSR | S_IWRITE | S_IRGRP | S_IROTH ) < 0) | ||
144 | errExit("chmod"); | ||
145 | |||
146 | // bind-mount the file on top of /etc/hostname | ||
147 | if (mount(fname, "/etc/resolv.conf", NULL, MS_BIND|MS_REC, NULL) < 0) | ||
148 | errExit("mount bind /etc/resolv.conf"); | ||
149 | free(fname); | ||
150 | } | ||
151 | else { | ||
152 | fprintf(stderr, "Error: cannot set DNS servers, /etc/resolv.conf file is missing\n"); | ||
153 | exit(1); | ||
154 | } | ||
155 | } | ||
156 | |||
157 | |||