diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/fcopy/main.c | 27 | ||||
-rw-r--r-- | src/firejail/fs_lib.c | 16 | ||||
-rw-r--r-- | src/firejail/fs_lib2.c | 9 |
3 files changed, 25 insertions, 27 deletions
diff --git a/src/fcopy/main.c b/src/fcopy/main.c index 0a4a61e2a..e65501d6d 100644 --- a/src/fcopy/main.c +++ b/src/fcopy/main.c | |||
@@ -111,7 +111,7 @@ static void copy_file(const char *srcname, const char *destname, mode_t mode, ui | |||
111 | } | 111 | } |
112 | 112 | ||
113 | // open destination | 113 | // open destination |
114 | int dst = open(destname, O_CREAT|O_WRONLY|O_TRUNC, 0755); | 114 | int dst = open(destname, O_CREAT|O_WRONLY|O_TRUNC, S_IRUSR | S_IWUSR); |
115 | if (dst < 0) { | 115 | if (dst < 0) { |
116 | if (!arg_quiet) | 116 | if (!arg_quiet) |
117 | fprintf(stderr, "Warning fcopy: cannot open %s, file not copied\n", destname); | 117 | fprintf(stderr, "Warning fcopy: cannot open %s, file not copied\n", destname); |
@@ -132,7 +132,8 @@ static void copy_file(const char *srcname, const char *destname, mode_t mode, ui | |||
132 | done += rv; | 132 | done += rv; |
133 | } | 133 | } |
134 | } | 134 | } |
135 | fflush(0); | 135 | if (len < 0) |
136 | goto errexit; | ||
136 | 137 | ||
137 | if (fchown(dst, uid, gid) == -1) | 138 | if (fchown(dst, uid, gid) == -1) |
138 | goto errexit; | 139 | goto errexit; |
@@ -179,7 +180,7 @@ void copy_link(const char *target, const char *linkpath, mode_t mode, uid_t uid, | |||
179 | 180 | ||
180 | // if the link is already there, don't create it | 181 | // if the link is already there, don't create it |
181 | struct stat s; | 182 | struct stat s; |
182 | if (stat(linkpath, &s) == 0) | 183 | if (lstat(linkpath, &s) == 0) |
183 | return; | 184 | return; |
184 | 185 | ||
185 | char *rp = realpath(target, NULL); | 186 | char *rp = realpath(target, NULL); |
@@ -413,25 +414,19 @@ int main(int argc, char **argv) { | |||
413 | 414 | ||
414 | warn_dumpable(); | 415 | warn_dumpable(); |
415 | 416 | ||
416 | // trim trailing chars | ||
417 | if (src[strlen(src) - 1] == '/') | ||
418 | src[strlen(src) - 1] = '\0'; | ||
419 | if (dest[strlen(dest) - 1] == '/') | ||
420 | dest[strlen(dest) - 1] = '\0'; | ||
421 | |||
422 | // check the two files; remove ending / | 417 | // check the two files; remove ending / |
423 | int len = strlen(src); | 418 | size_t len = strlen(src); |
424 | if (src[len - 1] == '/') | 419 | while (len > 1 && src[len - 1] == '/') |
425 | src[len - 1] = '\0'; | 420 | src[--len] = '\0'; |
426 | if (strcspn(src, "\\*&!?\"'<>%^(){}[];,") != (size_t)len) { | 421 | if (strcspn(src, "\\*&!?\"'<>%^(){}[];,") != len) { |
427 | fprintf(stderr, "Error fcopy: invalid source file name %s\n", src); | 422 | fprintf(stderr, "Error fcopy: invalid source file name %s\n", src); |
428 | exit(1); | 423 | exit(1); |
429 | } | 424 | } |
430 | 425 | ||
431 | len = strlen(dest); | 426 | len = strlen(dest); |
432 | if (dest[len - 1] == '/') | 427 | while (len > 1 && dest[len - 1] == '/') |
433 | dest[len - 1] = '\0'; | 428 | dest[--len] = '\0'; |
434 | if (strcspn(dest, "\\*&!?\"'<>%^(){}[];,~") != (size_t)len) { | 429 | if (strcspn(dest, "\\*&!?\"'<>%^(){}[];,~") != len) { |
435 | fprintf(stderr, "Error fcopy: invalid dest file name %s\n", dest); | 430 | fprintf(stderr, "Error fcopy: invalid dest file name %s\n", dest); |
436 | exit(1); | 431 | exit(1); |
437 | } | 432 | } |
diff --git a/src/firejail/fs_lib.c b/src/firejail/fs_lib.c index ae3172991..2d5689a6a 100644 --- a/src/firejail/fs_lib.c +++ b/src/firejail/fs_lib.c | |||
@@ -383,14 +383,22 @@ void fs_private_lib(void) { | |||
383 | timetrace_start(); | 383 | timetrace_start(); |
384 | 384 | ||
385 | // bring in firejail executable libraries in case we are redirected here by a firejail symlink from /usr/local/bin/firejail | 385 | // bring in firejail executable libraries in case we are redirected here by a firejail symlink from /usr/local/bin/firejail |
386 | if (arg_debug || arg_debug_private_lib) | ||
387 | printf("Installing Firejail libraries\n"); | ||
386 | fslib_install_list(PATH_FIREJAIL); | 388 | fslib_install_list(PATH_FIREJAIL); |
387 | 389 | ||
388 | // bring in firejail directory | 390 | // bring in firejail directory |
389 | fslib_install_list("firejail"); | 391 | fslib_install_list(LIBDIR "/firejail"); |
390 | 392 | ||
391 | // for dhclient | 393 | // bring in dhclient libraries |
392 | if (any_dhcp()) | 394 | if (any_dhcp()) { |
395 | if (arg_debug || arg_debug_private_lib) | ||
396 | printf("Installing dhclient libraries\n"); | ||
393 | fslib_install_list(RUN_MNT_DIR "/dhclient"); | 397 | fslib_install_list(RUN_MNT_DIR "/dhclient"); |
398 | } | ||
399 | fmessage("Firejail libraries installed in %0.2f ms\n", timetrace_end()); | ||
400 | |||
401 | timetrace_start(); | ||
394 | 402 | ||
395 | // copy the libs in the new lib directory for the main exe | 403 | // copy the libs in the new lib directory for the main exe |
396 | if (cfg.original_program_index > 0) { | 404 | if (cfg.original_program_index > 0) { |
@@ -436,7 +444,7 @@ void fs_private_lib(void) { | |||
436 | } | 444 | } |
437 | fmessage("Program libraries installed in %0.2f ms\n", timetrace_end()); | 445 | fmessage("Program libraries installed in %0.2f ms\n", timetrace_end()); |
438 | 446 | ||
439 | // install the reset of the system libraries | 447 | // install the rest of the system libraries |
440 | if (arg_debug || arg_debug_private_lib) | 448 | if (arg_debug || arg_debug_private_lib) |
441 | printf("Installing system libraries\n"); | 449 | printf("Installing system libraries\n"); |
442 | fslib_install_system(); | 450 | fslib_install_system(); |
diff --git a/src/firejail/fs_lib2.c b/src/firejail/fs_lib2.c index 758e079a4..95e10ee05 100644 --- a/src/firejail/fs_lib2.c +++ b/src/firejail/fs_lib2.c | |||
@@ -108,18 +108,13 @@ void fslib_install_stdc(void) { | |||
108 | // install standard C libraries | 108 | // install standard C libraries |
109 | timetrace_start(); | 109 | timetrace_start(); |
110 | struct stat s; | 110 | struct stat s; |
111 | char *stdclib = "/lib64"; // CentOS, Fedora, Arch | ||
112 | |||
113 | if (stat("/lib/x86_64-linux-gnu", &s) == 0) { // Debian & friends | 111 | if (stat("/lib/x86_64-linux-gnu", &s) == 0) { // Debian & friends |
114 | // PT_INTERP | ||
115 | fslib_duplicate("/lib64/ld-linux-x86-64.so.2"); | ||
116 | |||
117 | mkdir_attr(RUN_LIB_DIR "/x86_64-linux-gnu", 0755, 0, 0); | 112 | mkdir_attr(RUN_LIB_DIR "/x86_64-linux-gnu", 0755, 0, 0); |
118 | selinux_relabel_path(RUN_LIB_DIR "/x86_64-linux-gnu", "/lib/x86_64-linux-gnu"); | 113 | selinux_relabel_path(RUN_LIB_DIR "/x86_64-linux-gnu", "/lib/x86_64-linux-gnu"); |
119 | stdclib = "/lib/x86_64-linux-gnu"; | 114 | stdc("/lib/x86_64-linux-gnu"); |
120 | } | 115 | } |
121 | 116 | ||
122 | stdc(stdclib); | 117 | stdc("/lib64"); // CentOS, Fedora, Arch, ld-linux.so in Debian & friends |
123 | 118 | ||
124 | // install locale | 119 | // install locale |
125 | if (stat("/usr/lib/locale", &s) == 0) | 120 | if (stat("/usr/lib/locale", &s) == 0) |