From 1e3891ed00c99a913f98fc1f42805fafe38f7ff5 Mon Sep 17 00:00:00 2001 From: smitsohu Date: Wed, 6 Jan 2021 13:14:22 +0100 Subject: fix broken tests and regression on 45304621a6c600d8e30e98bfbef05149caaf56c5 --- src/firejail/fs_lib.c | 13 ++++++------- src/firejail/fs_lib2.c | 7 ++++++- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/src/firejail/fs_lib.c b/src/firejail/fs_lib.c index 5cfd33b42..941d6ad82 100644 --- a/src/firejail/fs_lib.c +++ b/src/firejail/fs_lib.c @@ -336,6 +336,12 @@ void fs_private_lib(void) { // start timetrace timetrace_start(); + // bring in firejail executable libraries in case we are redirected here by a firejail symlink from /usr/local/bin/firejail + fslib_install_list(PATH_FIREJAIL); + + // bring in firejail directory + fslib_install_list("firejail"); + // copy the libs in the new lib directory for the main exe if (cfg.original_program_index > 0) { if (arg_debug || arg_debug_private_lib) @@ -374,13 +380,6 @@ void fs_private_lib(void) { printf("Installing system libraries\n"); fslib_install_system(); - // bring in firejail directory for --trace and seccomp post exec - // bring in firejail executable libraries in case we are redirected here by a firejail symlink from /usr/local/bin/firejail - fslib_install_list("/usr/bin/firejail,firejail"); // todo: use the installed path for the executable - - // install libraries needed by fcopy - fslib_install_list(PATH_FCOPY); - fmessage("Installed %d %s and %d %s\n", lib_cnt, (lib_cnt == 1)? "library": "libraries", dir_cnt, (dir_cnt == 1)? "directory": "directories"); diff --git a/src/firejail/fs_lib2.c b/src/firejail/fs_lib2.c index b2ae07f3e..758e079a4 100644 --- a/src/firejail/fs_lib2.c +++ b/src/firejail/fs_lib2.c @@ -30,6 +30,7 @@ extern void fslib_copy_dir(const char *full_path); //*************************************************************** // standard libc libraries based on Debian's libc6 package // selinux seems to be linked in most command line utilities +// libpcre2 is a dependency of selinux // locale (/usr/lib/locale) - without it, the program will default to "C" locale typedef struct liblist_t { const char *name; @@ -38,6 +39,7 @@ typedef struct liblist_t { static LibList libc_list[] = { { "libselinux.so.", 0 }, + { "libpcre2-8.so.", 0 }, { "libapparmor.so.", 0}, { "ld-linux-x86-64.so.", 0 }, { "libanl.so.", 0 }, @@ -104,16 +106,19 @@ static void stdc(const char *dirname) { void fslib_install_stdc(void) { // install standard C libraries + timetrace_start(); struct stat s; char *stdclib = "/lib64"; // CentOS, Fedora, Arch if (stat("/lib/x86_64-linux-gnu", &s) == 0) { // Debian & friends + // PT_INTERP + fslib_duplicate("/lib64/ld-linux-x86-64.so.2"); + mkdir_attr(RUN_LIB_DIR "/x86_64-linux-gnu", 0755, 0, 0); selinux_relabel_path(RUN_LIB_DIR "/x86_64-linux-gnu", "/lib/x86_64-linux-gnu"); stdclib = "/lib/x86_64-linux-gnu"; } - timetrace_start(); stdc(stdclib); // install locale -- cgit v1.2.3-70-g09d2