diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/appimage.c | 3 | ||||
-rw-r--r-- | src/firejail/checkcfg.c | 6 | ||||
-rw-r--r-- | src/firejail/firejail.h | 1 | ||||
-rw-r--r-- | src/firejail/fs.c | 3 | ||||
-rw-r--r-- | src/firejail/fs_etc.c | 3 | ||||
-rw-r--r-- | src/firejail/fs_lib.c | 6 | ||||
-rw-r--r-- | src/firejail/fs_lib2.c | 6 | ||||
-rw-r--r-- | src/firejail/fs_trace.c | 6 | ||||
-rw-r--r-- | src/firejail/join.c | 3 | ||||
-rw-r--r-- | src/firejail/main.c | 23 | ||||
-rw-r--r-- | src/firejail/profile.c | 6 | ||||
-rw-r--r-- | src/firejail/sandbox.c | 29 | ||||
-rw-r--r-- | src/firejail/util.c | 10 | ||||
-rw-r--r-- | src/firejail/x11.c | 9 | ||||
-rw-r--r-- | src/fnet/arp.c | 4 | ||||
-rw-r--r-- | src/fnet/fnet.h | 2 | ||||
-rw-r--r-- | src/fnet/interface.c | 4 | ||||
-rw-r--r-- | src/fnet/main.c | 12 |
18 files changed, 67 insertions, 69 deletions
diff --git a/src/firejail/appimage.c b/src/firejail/appimage.c index 2a045f628..098601b6c 100644 --- a/src/firejail/appimage.c +++ b/src/firejail/appimage.c | |||
@@ -151,8 +151,7 @@ void appimage_clear(void) { | |||
151 | for (i = 0; i < 5; i++) { | 151 | for (i = 0; i < 5; i++) { |
152 | rv = umount2(mntdir, MNT_FORCE); | 152 | rv = umount2(mntdir, MNT_FORCE); |
153 | if (rv == 0) { | 153 | if (rv == 0) { |
154 | if (!arg_quiet) | 154 | fmessage("AppImage unmounted\n"); |
155 | printf("AppImage unmounted\n"); | ||
156 | 155 | ||
157 | break; | 156 | break; |
158 | } | 157 | } |
diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c index f101a8457..12e6d307a 100644 --- a/src/firejail/checkcfg.c +++ b/src/firejail/checkcfg.c | |||
@@ -150,8 +150,7 @@ int checkcfg(int val) { | |||
150 | } | 150 | } |
151 | // follow symlink in private-bin command | 151 | // follow symlink in private-bin command |
152 | else if (strncmp(ptr, "follow-symlink-private-bin ", 27) == 0) { | 152 | else if (strncmp(ptr, "follow-symlink-private-bin ", 27) == 0) { |
153 | if (!arg_quiet) | 153 | fwarning("follow-symlink-private-bin from firejail.config was deprecated\n"); |
154 | fprintf(stderr, "Warning:follow-symlink-private-bin from firejail.config was deprecated\n"); | ||
155 | } | 154 | } |
156 | // nonewprivs | 155 | // nonewprivs |
157 | else if (strncmp(ptr, "force-nonewprivs ", 17) == 0) { | 156 | else if (strncmp(ptr, "force-nonewprivs ", 17) == 0) { |
@@ -295,8 +294,7 @@ int checkcfg(int val) { | |||
295 | goto errout; | 294 | goto errout; |
296 | } | 295 | } |
297 | else if (strncmp(ptr, "remount-proc-sys ", 17) == 0) { | 296 | else if (strncmp(ptr, "remount-proc-sys ", 17) == 0) { |
298 | if (!arg_quiet) | 297 | fwarning("remount-proc-sys from firejail.config was deprecated\n"); |
299 | fprintf(stderr, "Warning: remount-proc-sys from firejail.config was deprecated\n"); | ||
300 | } | 298 | } |
301 | else if (strncmp(ptr, "overlayfs ", 10) == 0) { | 299 | else if (strncmp(ptr, "overlayfs ", 10) == 0) { |
302 | if (strcmp(ptr + 10, "yes") == 0) | 300 | if (strcmp(ptr + 10, "yes") == 0) |
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index f7bebe1b6..3df6af7b6 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
@@ -484,6 +484,7 @@ uint32_t arp_assign(const char *dev, Bridge *br); | |||
484 | 484 | ||
485 | // util.c | 485 | // util.c |
486 | void fwarning(char* fmt, ...); | 486 | void fwarning(char* fmt, ...); |
487 | void fmessage(char* fmt, ...); | ||
487 | void drop_privs(int nogroups); | 488 | void drop_privs(int nogroups); |
488 | int mkpath_as_root(const char* path); | 489 | int mkpath_as_root(const char* path); |
489 | void extract_command_name(int index, char **argv); | 490 | void extract_command_name(int index, char **argv); |
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index 4d99b70bd..29bac878a 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
@@ -959,8 +959,7 @@ void fs_overlayfs(void) { | |||
959 | // issue #263 end code | 959 | // issue #263 end code |
960 | //*************************** | 960 | //*************************** |
961 | } | 961 | } |
962 | if (!arg_quiet) | 962 | fmessage("OverlayFS configured in %s directory\n", basedir); |
963 | printf("OverlayFS configured in %s directory\n", basedir); | ||
964 | 963 | ||
965 | // mount-bind dev directory | 964 | // mount-bind dev directory |
966 | if (arg_debug) | 965 | if (arg_debug) |
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c index 1fa1b83c3..dfaa1fdcf 100644 --- a/src/firejail/fs_etc.c +++ b/src/firejail/fs_etc.c | |||
@@ -176,6 +176,5 @@ void fs_private_dir_list(const char *private_dir, const char *private_run_dir, c | |||
176 | errExit("mount bind"); | 176 | errExit("mount bind"); |
177 | fs_logger2("mount", private_dir); | 177 | fs_logger2("mount", private_dir); |
178 | 178 | ||
179 | if (!arg_quiet) | 179 | fmessage("Private %s installed in %0.2f ms\n", private_dir, timetrace_end()); |
180 | fprintf(stderr, "Private %s installed in %0.2f ms\n", private_dir, timetrace_end()); | ||
181 | } | 180 | } |
diff --git a/src/firejail/fs_lib.c b/src/firejail/fs_lib.c index d5cad2440..ad86d1fd8 100644 --- a/src/firejail/fs_lib.c +++ b/src/firejail/fs_lib.c | |||
@@ -369,14 +369,12 @@ void fs_private_lib(void) { | |||
369 | } | 369 | } |
370 | fclose(fp); | 370 | fclose(fp); |
371 | } | 371 | } |
372 | if (!arg_quiet) | 372 | fmessage("Program libraries installed in %0.2f ms\n", timetrace_end()); |
373 | fprintf(stderr, "Program libraries installed in %0.2f ms\n", timetrace_end()); | ||
374 | 373 | ||
375 | // install the reset of the system libraries | 374 | // install the reset of the system libraries |
376 | fslib_install_system(); | 375 | fslib_install_system(); |
377 | 376 | ||
378 | if (!arg_quiet) | 377 | fmessage("Installed %d libraries and %d directories\n", lib_cnt, dir_cnt); |
379 | fprintf(stderr, "Installed %d libraries and %d directories\n", lib_cnt, dir_cnt); | ||
380 | 378 | ||
381 | // bring in firejail directory for --trace options | 379 | // bring in firejail directory for --trace options |
382 | fslib_copy_dir(LIBDIR "/firejail"); | 380 | fslib_copy_dir(LIBDIR "/firejail"); |
diff --git a/src/firejail/fs_lib2.c b/src/firejail/fs_lib2.c index 4e49730f4..e2780afca 100644 --- a/src/firejail/fs_lib2.c +++ b/src/firejail/fs_lib2.c | |||
@@ -118,8 +118,7 @@ void fslib_install_stdc(void) { | |||
118 | if (stat("/usr/lib/locale", &s) == 0) | 118 | if (stat("/usr/lib/locale", &s) == 0) |
119 | fslib_copy_dir("/usr/lib/locale"); | 119 | fslib_copy_dir("/usr/lib/locale"); |
120 | 120 | ||
121 | if (!arg_quiet) | 121 | fmessage("Standard C library installed in %0.2f ms\n", timetrace_end()); |
122 | fprintf(stderr, "Standard C library installed in %0.2f ms\n", timetrace_end()); | ||
123 | } | 122 | } |
124 | 123 | ||
125 | 124 | ||
@@ -303,8 +302,7 @@ void fslib_install_system(void) { | |||
303 | free(name); | 302 | free(name); |
304 | } | 303 | } |
305 | 304 | ||
306 | if (!arg_quiet) | 305 | fmessage("%s installed in %0.2f ms\n", ptr->message, timetrace_end()); |
307 | fprintf(stderr, "%s installed in %0.2f ms\n", ptr->message, timetrace_end()); | ||
308 | } | 306 | } |
309 | ptr++; | 307 | ptr++; |
310 | } | 308 | } |
diff --git a/src/firejail/fs_trace.c b/src/firejail/fs_trace.c index 496c2aa4e..472b69cb2 100644 --- a/src/firejail/fs_trace.c +++ b/src/firejail/fs_trace.c | |||
@@ -58,13 +58,11 @@ void fs_trace(void) { | |||
58 | } | 58 | } |
59 | else if (arg_tracelog) { | 59 | else if (arg_tracelog) { |
60 | fprintf(fp, "%s/libtracelog.so\n", prefix); | 60 | fprintf(fp, "%s/libtracelog.so\n", prefix); |
61 | if (!arg_quiet) | 61 | fmessage("Blacklist violations are logged to syslog\n"); |
62 | printf("Blacklist violations are logged to syslog\n"); | ||
63 | } | 62 | } |
64 | if (arg_seccomp_postexec) { | 63 | if (arg_seccomp_postexec) { |
65 | fprintf(fp, "%s/libpostexecseccomp.so\n", prefix); | 64 | fprintf(fp, "%s/libpostexecseccomp.so\n", prefix); |
66 | if (!arg_quiet) | 65 | fmessage("Post-exec seccomp protector enabled\n"); |
67 | printf("Post-exec seccomp protector enabled\n"); | ||
68 | } | 66 | } |
69 | 67 | ||
70 | SET_PERMS_STREAM(fp, 0, 0, S_IRUSR | S_IWRITE | S_IRGRP | S_IROTH); | 68 | SET_PERMS_STREAM(fp, 0, 0, S_IRUSR | S_IWRITE | S_IRGRP | S_IROTH); |
diff --git a/src/firejail/join.c b/src/firejail/join.c index 4ce690737..e255161da 100644 --- a/src/firejail/join.c +++ b/src/firejail/join.c | |||
@@ -222,8 +222,7 @@ void join(pid_t pid, int argc, char **argv, int index) { | |||
222 | pid_t child; | 222 | pid_t child; |
223 | if (find_child(pid, &child) == 0) { | 223 | if (find_child(pid, &child) == 0) { |
224 | pid = child; | 224 | pid = child; |
225 | if (!arg_quiet) | 225 | fmessage("Switching to pid %u, the first child process inside the sandbox\n", (unsigned) pid); |
226 | printf("Switching to pid %u, the first child process inside the sandbox\n", (unsigned) pid); | ||
227 | } | 226 | } |
228 | } | 227 | } |
229 | free(comm); | 228 | free(comm); |
diff --git a/src/firejail/main.c b/src/firejail/main.c index df758e11e..d0d80e62c 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -152,8 +152,8 @@ static void clear_atexit(void) { | |||
152 | 152 | ||
153 | static void myexit(int rv) { | 153 | static void myexit(int rv) { |
154 | logmsg("exiting..."); | 154 | logmsg("exiting..."); |
155 | if (!arg_command && !arg_quiet) | 155 | if (!arg_command) |
156 | printf("\nParent is shutting down, bye...\n"); | 156 | fmessage("\nParent is shutting down, bye...\n"); |
157 | 157 | ||
158 | 158 | ||
159 | // delete sandbox files in shared memory | 159 | // delete sandbox files in shared memory |
@@ -166,10 +166,7 @@ static void myexit(int rv) { | |||
166 | 166 | ||
167 | static void my_handler(int s){ | 167 | static void my_handler(int s){ |
168 | EUID_ROOT(); | 168 | EUID_ROOT(); |
169 | if (!arg_quiet) { | 169 | fmessage("\nParent received signal %d, shutting down the child process...\n", s); |
170 | printf("\nParent received signal %d, shutting down the child process...\n", s); | ||
171 | fflush(0); | ||
172 | } | ||
173 | logsignal(s); | 170 | logsignal(s); |
174 | kill(child, SIGTERM); | 171 | kill(child, SIGTERM); |
175 | myexit(1); | 172 | myexit(1); |
@@ -1129,7 +1126,7 @@ int main(int argc, char **argv) { | |||
1129 | if (!arg_quiet) { | 1126 | if (!arg_quiet) { |
1130 | arg_debug = 1; | 1127 | arg_debug = 1; |
1131 | if (option_force) | 1128 | if (option_force) |
1132 | printf("Entering sandbox-in-sandbox mode\n"); | 1129 | fmessage("Entering sandbox-in-sandbox mode\n"); |
1133 | } | 1130 | } |
1134 | } | 1131 | } |
1135 | else if (strcmp(argv[i], "--debug-check-filename") == 0) | 1132 | else if (strcmp(argv[i], "--debug-check-filename") == 0) |
@@ -1510,8 +1507,7 @@ int main(int argc, char **argv) { | |||
1510 | free(ppath); | 1507 | free(ppath); |
1511 | } | 1508 | } |
1512 | else if (strncmp(argv[i], "--profile-path=", 15) == 0) { | 1509 | else if (strncmp(argv[i], "--profile-path=", 15) == 0) { |
1513 | if (!arg_quiet) | 1510 | fwarning("--profile-path has been deprecated\n"); |
1514 | fprintf(stderr, "Warning: --profile-path has been deprecated\n"); | ||
1515 | } | 1511 | } |
1516 | else if (strcmp(argv[i], "--noprofile") == 0) { | 1512 | else if (strcmp(argv[i], "--noprofile") == 0) { |
1517 | if (custom_profile) { | 1513 | if (custom_profile) { |
@@ -1613,8 +1609,7 @@ int main(int argc, char **argv) { | |||
1613 | arg_machineid = 1; | 1609 | arg_machineid = 1; |
1614 | } | 1610 | } |
1615 | else if (strcmp(argv[i], "--allow-private-blacklist") == 0) { | 1611 | else if (strcmp(argv[i], "--allow-private-blacklist") == 0) { |
1616 | if (!arg_quiet) | 1612 | fwarning("--allow-private-blacklist was deprecated\n"); |
1617 | fprintf(stderr, "Warning: --allow-private-blacklist was deprecated\n"); | ||
1618 | } | 1613 | } |
1619 | else if (strcmp(argv[i], "--private") == 0) { | 1614 | else if (strcmp(argv[i], "--private") == 0) { |
1620 | arg_private = 1; | 1615 | arg_private = 1; |
@@ -2434,8 +2429,8 @@ int main(int argc, char **argv) { | |||
2434 | exit(1); | 2429 | exit(1); |
2435 | } | 2430 | } |
2436 | 2431 | ||
2437 | if (custom_profile && !arg_quiet) | 2432 | if (custom_profile) |
2438 | printf("\n** Note: you can use --noprofile to disable %s.profile **\n\n", profile_name); | 2433 | fmessage("\n** Note: you can use --noprofile to disable %s.profile **\n\n", profile_name); |
2439 | } | 2434 | } |
2440 | } | 2435 | } |
2441 | 2436 | ||
@@ -2518,7 +2513,7 @@ int main(int argc, char **argv) { | |||
2518 | EUID_USER(); | 2513 | EUID_USER(); |
2519 | 2514 | ||
2520 | if (!arg_command && !arg_quiet) { | 2515 | if (!arg_command && !arg_quiet) { |
2521 | printf("Parent pid %u, child pid %u\n", sandbox_pid, child); | 2516 | fmessage("Parent pid %u, child pid %u\n", sandbox_pid, child); |
2522 | // print the path of the new log directory | 2517 | // print the path of the new log directory |
2523 | if (getuid() == 0) // only for root | 2518 | if (getuid() == 0) // only for root |
2524 | printf("The new log directory is /proc/%d/root/var/log\n", child); | 2519 | printf("The new log directory is /proc/%d/root/var/log\n", child); |
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 7d97842df..17a45bf0e 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
@@ -250,8 +250,7 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
250 | return 0; | 250 | return 0; |
251 | } | 251 | } |
252 | else if (strcmp(ptr, "allow-private-blacklist") == 0) { | 252 | else if (strcmp(ptr, "allow-private-blacklist") == 0) { |
253 | if (!arg_quiet) | 253 | fmessage("--allow-private-blacklist was deprecated\n"); |
254 | fprintf(stderr, "Warning: --allow-private-blacklist was deprecated\n"); | ||
255 | return 0; | 254 | return 0; |
256 | } | 255 | } |
257 | else if (strcmp(ptr, "netfilter") == 0) { | 256 | else if (strcmp(ptr, "netfilter") == 0) { |
@@ -1274,8 +1273,7 @@ void profile_read(const char *fname) { | |||
1274 | continue; | 1273 | continue; |
1275 | } | 1274 | } |
1276 | if (!msg_printed) { | 1275 | if (!msg_printed) { |
1277 | if (!arg_quiet) | 1276 | fmessage("Reading profile %s\n", fname); |
1278 | fprintf(stderr, "Reading profile %s\n", fname); | ||
1279 | msg_printed = 1; | 1277 | msg_printed = 1; |
1280 | } | 1278 | } |
1281 | 1279 | ||
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index 8754f05bb..23cdc07d1 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
@@ -53,10 +53,7 @@ int enforce_seccomp = 0; | |||
53 | 53 | ||
54 | static int monitored_pid = 0; | 54 | static int monitored_pid = 0; |
55 | static void sandbox_handler(int sig){ | 55 | static void sandbox_handler(int sig){ |
56 | if (!arg_quiet) { | 56 | fmessage("\nChild received signal %d, shutting down the sandbox...\n", sig); |
57 | printf("\nChild received signal %d, shutting down the sandbox...\n", sig); | ||
58 | fflush(0); | ||
59 | } | ||
60 | 57 | ||
61 | // broadcast sigterm to all processes in the group | 58 | // broadcast sigterm to all processes in the group |
62 | kill(-1, SIGTERM); | 59 | kill(-1, SIGTERM); |
@@ -298,13 +295,13 @@ static void print_time(void) { | |||
298 | usleep(1000); | 295 | usleep(1000); |
299 | unsigned long long onems = getticks() - end_timestamp; | 296 | unsigned long long onems = getticks() - end_timestamp; |
300 | if (onems) { | 297 | if (onems) { |
301 | printf("Child process initialized in %.02f ms\n", | 298 | fmessage("Child process initialized in %.02f ms\n", |
302 | (float) (end_timestamp - start_timestamp) / (float) onems); | 299 | (float) (end_timestamp - start_timestamp) / (float) onems); |
303 | return; | 300 | return; |
304 | } | 301 | } |
305 | } | 302 | } |
306 | 303 | ||
307 | printf("Child process initialized\n"); | 304 | fmessage("Child process initialized\n"); |
308 | } | 305 | } |
309 | 306 | ||
310 | 307 | ||
@@ -503,8 +500,7 @@ static void enforce_filters(void) { | |||
503 | // drop all supplementary groups; /etc/group file inside chroot | 500 | // drop all supplementary groups; /etc/group file inside chroot |
504 | // is controlled by a regular usr | 501 | // is controlled by a regular usr |
505 | arg_nogroups = 1; | 502 | arg_nogroups = 1; |
506 | if (!arg_quiet) | 503 | fmessage("Dropping all Linux capabilities and enforcing default seccomp filter\n"); |
507 | printf("Dropping all Linux capabilities and enforcing default seccomp filter\n"); | ||
508 | } | 504 | } |
509 | 505 | ||
510 | int sandbox(void* sandbox_arg) { | 506 | int sandbox(void* sandbox_arg) { |
@@ -642,28 +638,27 @@ int sandbox(void* sandbox_arg) { | |||
642 | // print network configuration | 638 | // print network configuration |
643 | if (!arg_quiet) { | 639 | if (!arg_quiet) { |
644 | if (any_bridge_configured() || any_interface_configured() || cfg.defaultgw || cfg.dns1) { | 640 | if (any_bridge_configured() || any_interface_configured() || cfg.defaultgw || cfg.dns1) { |
645 | printf("\n"); | 641 | fmessage("\n"); |
646 | if (any_bridge_configured() || any_interface_configured()) { | 642 | if (any_bridge_configured() || any_interface_configured()) { |
647 | // net_ifprint(); | ||
648 | if (arg_scan) | 643 | if (arg_scan) |
649 | sbox_run(SBOX_ROOT | SBOX_CAPS_NETWORK | SBOX_SECCOMP, 3, PATH_FNET, "printif", "scan"); | 644 | sbox_run(SBOX_ROOT | SBOX_CAPS_NETWORK | SBOX_SECCOMP, 3, PATH_FNET, "printif", "scan"); |
650 | else | 645 | else |
651 | sbox_run(SBOX_ROOT | SBOX_CAPS_NETWORK | SBOX_SECCOMP, 2, PATH_FNET, "printif", "scan"); | 646 | sbox_run(SBOX_ROOT | SBOX_CAPS_NETWORK | SBOX_SECCOMP, 2, PATH_FNET, "printif"); |
652 | 647 | ||
653 | } | 648 | } |
654 | if (cfg.defaultgw != 0) { | 649 | if (cfg.defaultgw != 0) { |
655 | if (gw_cfg_failed) | 650 | if (gw_cfg_failed) |
656 | printf("Default gateway configuration failed\n"); | 651 | fmessage("Default gateway configuration failed\n"); |
657 | else | 652 | else |
658 | printf("Default gateway %d.%d.%d.%d\n", PRINT_IP(cfg.defaultgw)); | 653 | fmessage("Default gateway %d.%d.%d.%d\n", PRINT_IP(cfg.defaultgw)); |
659 | } | 654 | } |
660 | if (cfg.dns1 != 0) | 655 | if (cfg.dns1 != 0) |
661 | printf("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns1)); | 656 | fmessage("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns1)); |
662 | if (cfg.dns2 != 0) | 657 | if (cfg.dns2 != 0) |
663 | printf("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns2)); | 658 | fmessage("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns2)); |
664 | if (cfg.dns3 != 0) | 659 | if (cfg.dns3 != 0) |
665 | printf("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns3)); | 660 | fmessage("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns3)); |
666 | printf("\n"); | 661 | fmessage("\n"); |
667 | } | 662 | } |
668 | } | 663 | } |
669 | 664 | ||
diff --git a/src/firejail/util.c b/src/firejail/util.c index 0d703a1b6..6758a14e1 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
@@ -126,6 +126,16 @@ void fwarning(char* fmt, ...) { | |||
126 | va_end(args); | 126 | va_end(args); |
127 | } | 127 | } |
128 | 128 | ||
129 | void fmessage(char* fmt, ...) { // TODO: this function is duplicated in src/fnet/interface.c | ||
130 | if (arg_quiet) | ||
131 | return; | ||
132 | |||
133 | va_list args; | ||
134 | va_start(args,fmt); | ||
135 | vfprintf(stderr, fmt, args); | ||
136 | va_end(args); | ||
137 | fflush(0); | ||
138 | } | ||
129 | 139 | ||
130 | void logsignal(int s) { | 140 | void logsignal(int s) { |
131 | if (!arg_debug) | 141 | if (!arg_debug) |
diff --git a/src/firejail/x11.c b/src/firejail/x11.c index 18617e75f..8604e8bc8 100644 --- a/src/firejail/x11.c +++ b/src/firejail/x11.c | |||
@@ -360,8 +360,7 @@ void x11_start_xvfb(int argc, char **argv) { | |||
360 | if (jail < 0) | 360 | if (jail < 0) |
361 | errExit("fork"); | 361 | errExit("fork"); |
362 | if (jail == 0) { | 362 | if (jail == 0) { |
363 | if (!arg_quiet) | 363 | fmessage("\n*** Attaching to Xvfb display %d ***\n\n", display); |
364 | printf("\n*** Attaching to Xvfb display %d ***\n\n", display); | ||
365 | 364 | ||
366 | // running without privileges - see drop_privs call above | 365 | // running without privileges - see drop_privs call above |
367 | assert(getenv("LD_PRELOAD") == NULL); | 366 | assert(getenv("LD_PRELOAD") == NULL); |
@@ -776,8 +775,7 @@ void x11_start_xpra_old(int argc, char **argv, int display, char *display_str) { | |||
776 | dup2(fd_null,2); | 775 | dup2(fd_null,2); |
777 | } | 776 | } |
778 | 777 | ||
779 | if (!arg_quiet) | 778 | fmessage("\n*** Attaching to xpra display %d ***\n\n", display); |
780 | printf("\n*** Attaching to xpra display %d ***\n\n", display); | ||
781 | 779 | ||
782 | // running without privileges - see drop_privs call above | 780 | // running without privileges - see drop_privs call above |
783 | assert(getenv("LD_PRELOAD") == NULL); | 781 | assert(getenv("LD_PRELOAD") == NULL); |
@@ -816,8 +814,7 @@ void x11_start_xpra_old(int argc, char **argv, int display, char *display_str) { | |||
816 | exit(1); | 814 | exit(1); |
817 | } | 815 | } |
818 | 816 | ||
819 | if (!arg_quiet) | 817 | fmessage("Xpra server pid %d, xpra client pid %d, jail %d\n", server, client, jail); |
820 | printf("Xpra server pid %d, xpra client pid %d, jail %d\n", server, client, jail); | ||
821 | 818 | ||
822 | sleep(1); // adding a delay in order to let the server start | 819 | sleep(1); // adding a delay in order to let the server start |
823 | 820 | ||
diff --git a/src/fnet/arp.c b/src/fnet/arp.c index 4736f3509..00525229e 100644 --- a/src/fnet/arp.c +++ b/src/fnet/arp.c | |||
@@ -192,10 +192,10 @@ void arp_scan(const char *dev, uint32_t ifip, uint32_t ifmask) { | |||
192 | 192 | ||
193 | // printing | 193 | // printing |
194 | if (header_printed == 0) { | 194 | if (header_printed == 0) { |
195 | printf(" Network scan:\n"); | 195 | fmessage(" Network scan:\n"); |
196 | header_printed = 1; | 196 | header_printed = 1; |
197 | } | 197 | } |
198 | printf(" %02x:%02x:%02x:%02x:%02x:%02x\t%d.%d.%d.%d\n", | 198 | fmessage(" %02x:%02x:%02x:%02x:%02x:%02x\t%d.%d.%d.%d\n", |
199 | PRINT_MAC(hdr.sender_mac), PRINT_IP(ip)); | 199 | PRINT_MAC(hdr.sender_mac), PRINT_IP(ip)); |
200 | } | 200 | } |
201 | } | 201 | } |
diff --git a/src/fnet/fnet.h b/src/fnet/fnet.h index b4b7e6a37..78d6eb1c6 100644 --- a/src/fnet/fnet.h +++ b/src/fnet/fnet.h | |||
@@ -24,10 +24,12 @@ | |||
24 | #include <stdlib.h> | 24 | #include <stdlib.h> |
25 | #include <string.h> | 25 | #include <string.h> |
26 | #include <assert.h> | 26 | #include <assert.h> |
27 | #include <stdarg.h> | ||
27 | #include "../include/common.h" | 28 | #include "../include/common.h" |
28 | 29 | ||
29 | // main.c | 30 | // main.c |
30 | extern int arg_quiet; | 31 | extern int arg_quiet; |
32 | extern void fmessage(char* fmt, ...); // TODO: this function is duplicated in src/firejail/util.c | ||
31 | 33 | ||
32 | // veth.c | 34 | // veth.c |
33 | int net_create_veth(const char *dev, const char *nsdev, unsigned pid); | 35 | int net_create_veth(const char *dev, const char *nsdev, unsigned pid); |
diff --git a/src/fnet/interface.c b/src/fnet/interface.c index 8c1fd6ca4..d05c0d50d 100644 --- a/src/fnet/interface.c +++ b/src/fnet/interface.c | |||
@@ -172,7 +172,7 @@ void net_ifprint(int scan) { | |||
172 | if (getifaddrs(&ifaddr) == -1) | 172 | if (getifaddrs(&ifaddr) == -1) |
173 | errExit("getifaddrs"); | 173 | errExit("getifaddrs"); |
174 | 174 | ||
175 | printf("%-17.17s%-19.19s%-17.17s%-17.17s%-6.6s\n", | 175 | fmessage("%-17.17s%-19.19s%-17.17s%-17.17s%-6.6s\n", |
176 | "Interface", "MAC", "IP", "Mask", "Status"); | 176 | "Interface", "MAC", "IP", "Mask", "Status"); |
177 | // walk through the linked list | 177 | // walk through the linked list |
178 | for (ifa = ifaddr; ifa != NULL; ifa = ifa->ifa_next) { | 178 | for (ifa = ifaddr; ifa != NULL; ifa = ifa->ifa_next) { |
@@ -208,7 +208,7 @@ void net_ifprint(int scan) { | |||
208 | sprintf(macstr, "%02x:%02x:%02x:%02x:%02x:%02x", PRINT_MAC(mac)); | 208 | sprintf(macstr, "%02x:%02x:%02x:%02x:%02x:%02x", PRINT_MAC(mac)); |
209 | 209 | ||
210 | 210 | ||
211 | printf("%-17.17s%-19.19s%-17.17s%-17.17s%-6.6s\n", | 211 | fmessage("%-17.17s%-19.19s%-17.17s%-17.17s%-6.6s\n", |
212 | ifa->ifa_name, macstr, ipstr, maskstr, status); | 212 | ifa->ifa_name, macstr, ipstr, maskstr, status); |
213 | 213 | ||
214 | // network scanning | 214 | // network scanning |
diff --git a/src/fnet/main.c b/src/fnet/main.c index f44760b5c..f746f9c7d 100644 --- a/src/fnet/main.c +++ b/src/fnet/main.c | |||
@@ -20,6 +20,18 @@ | |||
20 | #include "fnet.h" | 20 | #include "fnet.h" |
21 | int arg_quiet = 0; | 21 | int arg_quiet = 0; |
22 | 22 | ||
23 | void fmessage(char* fmt, ...) { // TODO: this function is duplicated in src/firejail/util.c | ||
24 | if (arg_quiet) | ||
25 | return; | ||
26 | |||
27 | va_list args; | ||
28 | va_start(args,fmt); | ||
29 | vfprintf(stderr, fmt, args); | ||
30 | va_end(args); | ||
31 | fflush(0); | ||
32 | } | ||
33 | |||
34 | |||
23 | static void usage(void) { | 35 | static void usage(void) { |
24 | printf("Usage:\n"); | 36 | printf("Usage:\n"); |
25 | printf("\tfnet create veth dev1 dev2 bridge child\n"); | 37 | printf("\tfnet create veth dev1 dev2 bridge child\n"); |