diff options
Diffstat (limited to 'src/jailtest/utils.c')
-rw-r--r-- | src/jailtest/utils.c | 102 |
1 files changed, 102 insertions, 0 deletions
diff --git a/src/jailtest/utils.c b/src/jailtest/utils.c new file mode 100644 index 000000000..41c21b753 --- /dev/null +++ b/src/jailtest/utils.c | |||
@@ -0,0 +1,102 @@ | |||
1 | /* | ||
2 | * Copyright (C) 2014-2021 Firejail Authors | ||
3 | * | ||
4 | * This file is part of firejail project | ||
5 | * | ||
6 | * This program is free software; you can redistribute it and/or modify | ||
7 | * it under the terms of the GNU General Public License as published by | ||
8 | * the Free Software Foundation; either version 2 of the License, or | ||
9 | * (at your option) any later version. | ||
10 | * | ||
11 | * This program is distributed in the hope that it will be useful, | ||
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
14 | * GNU General Public License for more details. | ||
15 | * | ||
16 | * You should have received a copy of the GNU General Public License along | ||
17 | * with this program; if not, write to the Free Software Foundation, Inc., | ||
18 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. | ||
19 | */ | ||
20 | #include "jailtest.h" | ||
21 | #include "../include/pid.h" | ||
22 | #include <errno.h> | ||
23 | #include <pwd.h> | ||
24 | #include <dirent.h> | ||
25 | |||
26 | #define BUFLEN 4096 | ||
27 | |||
28 | char *get_sudo_user(void) { | ||
29 | char *user = getenv("SUDO_USER"); | ||
30 | if (!user) { | ||
31 | user = getpwuid(getuid())->pw_name; | ||
32 | if (!user) { | ||
33 | fprintf(stderr, "Error: cannot detect login user\n"); | ||
34 | exit(1); | ||
35 | } | ||
36 | } | ||
37 | |||
38 | return user; | ||
39 | } | ||
40 | |||
41 | char *get_homedir(const char *user, uid_t *uid, gid_t *gid) { | ||
42 | // find home directory | ||
43 | struct passwd *pw = getpwnam(user); | ||
44 | if (!pw) | ||
45 | goto errexit; | ||
46 | |||
47 | char *home = pw->pw_dir; | ||
48 | if (!home) | ||
49 | goto errexit; | ||
50 | |||
51 | *uid = pw->pw_uid; | ||
52 | *gid = pw->pw_gid; | ||
53 | |||
54 | return home; | ||
55 | |||
56 | errexit: | ||
57 | fprintf(stderr, "Error: cannot find home directory for user %s\n", user); | ||
58 | exit(1); | ||
59 | } | ||
60 | |||
61 | // find the second child process for the specified pid | ||
62 | // return -1 if not found | ||
63 | // | ||
64 | // Example: | ||
65 | //14776:netblue:/usr/bin/firejail /usr/bin/transmission-qt | ||
66 | // 14777:netblue:/usr/bin/firejail /usr/bin/transmission-qt | ||
67 | // 14792:netblue:/usr/bin/transmission-qt | ||
68 | // We need 14792, the first real sandboxed process | ||
69 | // duplicate from src/firemon/main.c | ||
70 | int find_child(int id) { | ||
71 | int i; | ||
72 | int first_child = -1; | ||
73 | |||
74 | // find the first child | ||
75 | for (i = 0; i < max_pids; i++) { | ||
76 | if (pids[i].level == 2 && pids[i].parent == id) { | ||
77 | // skip /usr/bin/xdg-dbus-proxy (started by firejail for dbus filtering) | ||
78 | char *cmdline = pid_proc_cmdline(i); | ||
79 | if (strncmp(cmdline, XDG_DBUS_PROXY_PATH, strlen(XDG_DBUS_PROXY_PATH)) == 0) { | ||
80 | free(cmdline); | ||
81 | continue; | ||
82 | } | ||
83 | free(cmdline); | ||
84 | first_child = i; | ||
85 | break; | ||
86 | } | ||
87 | } | ||
88 | |||
89 | if (first_child == -1) | ||
90 | return -1; | ||
91 | |||
92 | // find the second-level child | ||
93 | for (i = 0; i < max_pids; i++) { | ||
94 | if (pids[i].level == 3 && pids[i].parent == first_child) | ||
95 | return i; | ||
96 | } | ||
97 | |||
98 | // if a second child is not found, return the first child pid | ||
99 | // this happens for processes sandboxed with --join | ||
100 | return first_child; | ||
101 | } | ||
102 | |||