1 files changed, 19 insertions, 13 deletions
diff --git a/src/firejail/fs_trace.c b/src/firejail/fs_trace.c
index dd9abe253..17a7b3d23 100644
--- a/src/firejail/fs_trace.c
+++ b/src/firejail/fs_trace.c
@@ -20,25 +20,31 @@
 #include "firejail.h"
 #include <sys/mount.h>
 #include <sys/stat.h>
-#include <linux/limits.h>
 #include <glob.h>
 #include <dirent.h>
 #include <fcntl.h>
 #include <pwd.h>
-void fs_trace_preload(void) {
+// create an empty /etc/ld.so.preload
+void fs_trace_touch_preload(void) {
+        create_empty_file_as_root("/etc/ld.so.preload", S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+}
+void fs_trace_touch_or_store_preload(void) {
        struct stat s;
-        // create an empty /etc/ld.so.preload
+        if (stat("/etc/ld.so.preload", &s) != 0) {
-        if (stat("/etc/ld.so.preload", &s)) {
+                fs_trace_touch_preload();
-                if (arg_debug)
+                return;
-                        printf("Creating an empty /etc/ld.so.preload file\n");
+        }
-                FILE *fp = fopen("/etc/ld.so.preload", "wxe");
-                if (!fp)
+        if (s.st_size == 0)
-                        errExit("fopen");
+                return;
-                SET_PERMS_STREAM(fp, 0, 0, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
-                fclose(fp);
+        // create a copy of /etc/ld.so.preload
-                fs_logger("touch /etc/ld.so.preload");
+        if (copy_file("/etc/ld.so.preload", RUN_LDPRELOAD_FILE, 0, 0, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)) {
+                fprintf(stderr, "Error: cannot copy /etc/ld.so.preload file\n");
+                exit(1);
        }
 }
@@ -83,7 +89,7 @@ void fs_trace(void) {
        if (arg_debug)
                printf("Create the new ld.so.preload file\n");
-        FILE *fp = fopen(RUN_LDPRELOAD_FILE, "we");
+        FILE *fp = fopen(RUN_LDPRELOAD_FILE, "ae");
        if (!fp)
                errExit("fopen");
        const char *prefix = RUN_FIREJAIL_LIB_DIR;

diff --git a/src/firejail/fs_trace.c b/src/firejail/fs_trace.c index dd9abe253..17a7b3d23 100644 --- a/src/firejail/fs_trace.c +++ b/src/firejail/fs_trace.c
@@ -20,25 +20,31 @@
20	#include "firejail.h"	20	#include "firejail.h"
21	#include <sys/mount.h>	21	#include <sys/mount.h>
22	#include <sys/stat.h>	22	#include <sys/stat.h>
23	#include <linux/limits.h>
24	#include <glob.h>	23	#include <glob.h>
25	#include <dirent.h>	24	#include <dirent.h>
26	#include <fcntl.h>	25	#include <fcntl.h>
27	#include <pwd.h>	26	#include <pwd.h>
28		27
29	void fs_trace_preload(void) {	28	// create an empty /etc/ld.so.preload
		29	void fs_trace_touch_preload(void) {
		30	create_empty_file_as_root("/etc/ld.so.preload", S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH);
		31	}
		32
		33	void fs_trace_touch_or_store_preload(void) {
30	struct stat s;	34	struct stat s;
31		35
32	// create an empty /etc/ld.so.preload	36	if (stat("/etc/ld.so.preload", &s) != 0) {
33	if (stat("/etc/ld.so.preload", &s)) {	37	fs_trace_touch_preload();
34	if (arg_debug)	38	return;
35	printf("Creating an empty /etc/ld.so.preload file\n");	39	}
36	FILE *fp = fopen("/etc/ld.so.preload", "wxe");	40
37	if (!fp)	41	if (s.st_size == 0)
38	errExit("fopen");	42	return;
39	SET_PERMS_STREAM(fp, 0, 0, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH);	43
40	fclose(fp);	44	// create a copy of /etc/ld.so.preload
41	fs_logger("touch /etc/ld.so.preload");	45	if (copy_file("/etc/ld.so.preload", RUN_LDPRELOAD_FILE, 0, 0, S_IRUSR \| S_IWUSR \| S_IRGRP \| S_IROTH)) {
		46	fprintf(stderr, "Error: cannot copy /etc/ld.so.preload file\n");
		47	exit(1);
42	}	48	}
43	}	49	}
44		50
@@ -83,7 +89,7 @@ void fs_trace(void) {
83	if (arg_debug)	89	if (arg_debug)
84	printf("Create the new ld.so.preload file\n");	90	printf("Create the new ld.so.preload file\n");
85		91
86	FILE *fp = fopen(RUN_LDPRELOAD_FILE, "we");	92	FILE *fp = fopen(RUN_LDPRELOAD_FILE, "ae");
87	if (!fp)	93	if (!fp)
88	errExit("fopen");	94	errExit("fopen");
89	const char *prefix = RUN_FIREJAIL_LIB_DIR;	95	const char *prefix = RUN_FIREJAIL_LIB_DIR;