diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/network_main.c | 41 |
1 files changed, 27 insertions, 14 deletions
diff --git a/src/firejail/network_main.c b/src/firejail/network_main.c index 172395146..91f1274bd 100644 --- a/src/firejail/network_main.c +++ b/src/firejail/network_main.c | |||
@@ -24,6 +24,7 @@ | |||
24 | #include <unistd.h> | 24 | #include <unistd.h> |
25 | #include <net/if.h> | 25 | #include <net/if.h> |
26 | #include <stdarg.h> | 26 | #include <stdarg.h> |
27 | #include <sys/wait.h> | ||
27 | 28 | ||
28 | // configure bridge structure | 29 | // configure bridge structure |
29 | // - extract ip address and mask from the bridge interface | 30 | // - extract ip address and mask from the bridge interface |
@@ -250,24 +251,36 @@ void net_dns_print(pid_t pid) { | |||
250 | free(comm); | 251 | free(comm); |
251 | } | 252 | } |
252 | 253 | ||
253 | char *fname; | ||
254 | EUID_ROOT(); | 254 | EUID_ROOT(); |
255 | if (asprintf(&fname, "/proc/%d/root/etc/resolv.conf", pid) == -1) | 255 | if (join_namespace(pid, "mnt")) |
256 | errExit("asprintf"); | ||
257 | |||
258 | // access /etc/resolv.conf | ||
259 | FILE *fp = fopen(fname, "r"); | ||
260 | if (!fp) { | ||
261 | fprintf(stderr, "Error: cannot access /etc/resolv.conf\n"); | ||
262 | exit(1); | 256 | exit(1); |
257 | |||
258 | pid_t child = fork(); | ||
259 | if (child < 0) | ||
260 | errExit("fork"); | ||
261 | if (child == 0) { | ||
262 | caps_drop_all(); | ||
263 | if (chdir("/") < 0) | ||
264 | errExit("chdir"); | ||
265 | |||
266 | // access /etc/resolv.conf | ||
267 | FILE *fp = fopen("/etc/resolv.conf", "r"); | ||
268 | if (!fp) { | ||
269 | fprintf(stderr, "Error: cannot access /etc/resolv.conf\n"); | ||
270 | exit(1); | ||
271 | } | ||
272 | |||
273 | char buf[MAXBUF]; | ||
274 | while (fgets(buf, MAXBUF, fp)) | ||
275 | printf("%s", buf); | ||
276 | printf("\n"); | ||
277 | fclose(fp); | ||
278 | exit(0); | ||
263 | } | 279 | } |
264 | 280 | ||
265 | char buf[MAXBUF]; | 281 | // wait for the child to finish |
266 | while (fgets(buf, MAXBUF, fp)) | 282 | waitpid(child, NULL, 0); |
267 | printf("%s", buf); | 283 | flush_stdin(); |
268 | printf("\n"); | ||
269 | fclose(fp); | ||
270 | free(fname); | ||
271 | exit(0); | 284 | exit(0); |
272 | } | 285 | } |
273 | 286 | ||