diff options
Diffstat (limited to 'src/lib/common.c')
-rw-r--r-- | src/lib/common.c | 85 |
1 files changed, 85 insertions, 0 deletions
diff --git a/src/lib/common.c b/src/lib/common.c index 8ea926df1..2f2340963 100644 --- a/src/lib/common.c +++ b/src/lib/common.c | |||
@@ -199,3 +199,88 @@ char *pid_proc_cmdline(const pid_t pid) { | |||
199 | } | 199 | } |
200 | return rv; | 200 | return rv; |
201 | } | 201 | } |
202 | |||
203 | // return 1 if firejail --x11 on command line | ||
204 | int pid_proc_cmdline_x11_xpra_xephyr(const pid_t pid) { | ||
205 | // if comm is not firejail return 0 | ||
206 | char *comm = pid_proc_comm(pid); | ||
207 | if (strcmp(comm, "firejail") != 0) { | ||
208 | free(comm); | ||
209 | return 0; | ||
210 | } | ||
211 | free(comm); | ||
212 | |||
213 | // open /proc/pid/cmdline file | ||
214 | char *fname; | ||
215 | int fd; | ||
216 | if (asprintf(&fname, "/proc/%d/cmdline", pid) == -1) | ||
217 | return 0; | ||
218 | if ((fd = open(fname, O_RDONLY)) < 0) { | ||
219 | free(fname); | ||
220 | return 0; | ||
221 | } | ||
222 | free(fname); | ||
223 | |||
224 | // read file | ||
225 | unsigned char buffer[BUFLEN]; | ||
226 | ssize_t len; | ||
227 | if ((len = read(fd, buffer, sizeof(buffer) - 1)) <= 0) { | ||
228 | close(fd); | ||
229 | return 0; | ||
230 | } | ||
231 | buffer[len] = '\0'; | ||
232 | close(fd); | ||
233 | |||
234 | // skip the first argument | ||
235 | int i; | ||
236 | for (i = 0; buffer[i] != '\0'; i++); | ||
237 | |||
238 | // parse remaining command line options | ||
239 | while (1) { | ||
240 | // extract argument | ||
241 | i++; | ||
242 | if (i >= len) | ||
243 | break; | ||
244 | char *arg = (char *)buffer + i; | ||
245 | |||
246 | // detect the last command line option | ||
247 | if (strcmp(arg, "--") == 0) | ||
248 | break; | ||
249 | if (strncmp(arg, "--", 2) != 0) | ||
250 | break; | ||
251 | |||
252 | if (strcmp(arg, "--x11=xorg") == 0) | ||
253 | return 0; | ||
254 | |||
255 | // check x11 xpra or xephyr | ||
256 | if (strncmp(arg, "--x11", 5) == 0) | ||
257 | return 1; | ||
258 | i += strlen(arg); | ||
259 | } | ||
260 | return 0; | ||
261 | } | ||
262 | |||
263 | // return 1 if /proc is mounted hidepid, or if /proc/mouns access is denied | ||
264 | #define BUFLEN 4096 | ||
265 | int pid_hidepid(void) { | ||
266 | FILE *fp = fopen("/proc/mounts", "r"); | ||
267 | if (!fp) | ||
268 | return 1; | ||
269 | |||
270 | char buf[BUFLEN]; | ||
271 | while (fgets(buf, BUFLEN, fp)) { | ||
272 | if (strstr(buf, "proc /proc proc")) { | ||
273 | fclose(fp); | ||
274 | // check hidepid | ||
275 | if (strstr(buf, "hidepid=2") || strstr(buf, "hidepid=1")) | ||
276 | return 1; | ||
277 | return 0; | ||
278 | } | ||
279 | } | ||
280 | |||
281 | fclose(fp); | ||
282 | return 0; | ||
283 | } | ||
284 | |||
285 | |||
286 | |||