1 files changed, 85 insertions, 0 deletions
diff --git a/src/lib/common.c b/src/lib/common.c
index 8ea926df1..2f2340963 100644
--- a/src/lib/common.c
+++ b/src/lib/common.c
@@ -199,3 +199,88 @@ char *pid_proc_cmdline(const pid_t pid) {
        }
        return rv;
 }
+// return 1 if firejail --x11 on command line
+int pid_proc_cmdline_x11_xpra_xephyr(const pid_t pid) {
+        // if comm is not firejail return 0
+        char *comm = pid_proc_comm(pid);
+        if (strcmp(comm, "firejail") != 0) {
+                free(comm);
+                return 0;
+        }
+        free(comm);
+        // open /proc/pid/cmdline file
+        char *fname;
+        int fd;
+        if (asprintf(&fname, "/proc/%d/cmdline", pid) == -1)
+                return 0;
+        if ((fd = open(fname, O_RDONLY)) < 0) {
+                free(fname);
+                return 0;
+        }
+        free(fname);
+        // read file
+        unsigned char buffer[BUFLEN];
+        ssize_t len;
+        if ((len = read(fd, buffer, sizeof(buffer) - 1)) <= 0) {
+                close(fd);
+                return 0;
+        }
+        buffer[len] = '\0';
+        close(fd);
+        // skip the first argument
+        int i;
+        for (i = 0; buffer[i] != '\0'; i++);
+        // parse remaining command line options
+        while (1) {
+                // extract argument
+                i++;
+                if (i >= len)
+                        break;
+                char *arg = (char *)buffer + i;
+                // detect the last command line option
+                if (strcmp(arg, "--") == 0)
+                        break;
+                if (strncmp(arg, "--", 2) != 0)
+                        break;
+                
+                if (strcmp(arg, "--x11=xorg") == 0)
+                        return 0;
+                
+                // check x11 xpra or xephyr
+                if (strncmp(arg, "--x11", 5) == 0)
+                        return 1;
+                i += strlen(arg);
+        }
+        return 0;
+}
+// return 1 if /proc is mounted hidepid, or if /proc/mouns access is denied
+#define BUFLEN 4096
+int pid_hidepid(void) {
+        FILE *fp = fopen("/proc/mounts", "r");
+        if (!fp)
+                return 1;
+                
+        char buf[BUFLEN];
+        while (fgets(buf, BUFLEN, fp)) {
+                if (strstr(buf, "proc /proc proc")) {
+                        fclose(fp);
+                        // check hidepid
+                        if (strstr(buf, "hidepid=2") || strstr(buf, "hidepid=1"))
+                                return 1;
+                        return 0;
+                }
+        }
+        
+        fclose(fp);
+        return 0;
+}

diff --git a/src/lib/common.c b/src/lib/common.c index 8ea926df1..2f2340963 100644 --- a/src/lib/common.c +++ b/src/lib/common.c
@@ -199,3 +199,88 @@ char *pid_proc_cmdline(const pid_t pid) {
199	}	199	}
200	return rv;	200	return rv;
201	}	201	}
		202
		203	// return 1 if firejail --x11 on command line
		204	int pid_proc_cmdline_x11_xpra_xephyr(const pid_t pid) {
		205	// if comm is not firejail return 0
		206	char *comm = pid_proc_comm(pid);
		207	if (strcmp(comm, "firejail") != 0) {
		208	free(comm);
		209	return 0;
		210	}
		211	free(comm);
		212
		213	// open /proc/pid/cmdline file
		214	char *fname;
		215	int fd;
		216	if (asprintf(&fname, "/proc/%d/cmdline", pid) == -1)
		217	return 0;
		218	if ((fd = open(fname, O_RDONLY)) < 0) {
		219	free(fname);
		220	return 0;
		221	}
		222	free(fname);
		223
		224	// read file
		225	unsigned char buffer[BUFLEN];
		226	ssize_t len;
		227	if ((len = read(fd, buffer, sizeof(buffer) - 1)) <= 0) {
		228	close(fd);
		229	return 0;
		230	}
		231	buffer[len] = '\0';
		232	close(fd);
		233
		234	// skip the first argument
		235	int i;
		236	for (i = 0; buffer[i] != '\0'; i++);
		237
		238	// parse remaining command line options
		239	while (1) {
		240	// extract argument
		241	i++;
		242	if (i >= len)
		243	break;
		244	char arg = (char )buffer + i;
		245
		246	// detect the last command line option
		247	if (strcmp(arg, "--") == 0)
		248	break;
		249	if (strncmp(arg, "--", 2) != 0)
		250	break;
		251
		252	if (strcmp(arg, "--x11=xorg") == 0)
		253	return 0;
		254
		255	// check x11 xpra or xephyr
		256	if (strncmp(arg, "--x11", 5) == 0)
		257	return 1;
		258	i += strlen(arg);
		259	}
		260	return 0;
		261	}
		262
		263	// return 1 if /proc is mounted hidepid, or if /proc/mouns access is denied
		264	#define BUFLEN 4096
		265	int pid_hidepid(void) {
		266	FILE *fp = fopen("/proc/mounts", "r");
		267	if (!fp)
		268	return 1;
		269
		270	char buf[BUFLEN];
		271	while (fgets(buf, BUFLEN, fp)) {
		272	if (strstr(buf, "proc /proc proc")) {
		273	fclose(fp);
		274	// check hidepid
		275	if (strstr(buf, "hidepid=2") \|\| strstr(buf, "hidepid=1"))
		276	return 1;
		277	return 0;
		278	}
		279	}
		280
		281	fclose(fp);
		282	return 0;
		283	}
		284
		285
		286