From 24d38a4a23dc0beb66fe03dd042aefae47b03d50 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Thu, 17 Dec 2015 10:31:39 -0500
Subject: add support for sandbox name in profile files

---
 README.md                    |  2 ++
 RELNOTES                     |  1 +
 src/firejail/sandbox.c       |  2 +-
 src/lib/common.c             | 28 +++++++++++++++++++++++++++-
 src/man/firejail-profile.txt |  7 +++++++
 test/features/2.2.exp        | 12 ------------
 test/seccomp-bad-empty.exp   |  6 +++---
 7 files changed, 41 insertions(+), 17 deletions(-)

diff --git a/README.md b/README.md
index 2fc91a0f2..33b0bfe72 100644
--- a/README.md
+++ b/README.md
@@ -137,3 +137,5 @@ $ firejail --profile-path=~/myprofiles
 `````
 
 ### Debian reproductible build
+
+### Added "name" and "hostname" command support in profile files
diff --git a/RELNOTES b/RELNOTES
index 2383b3a71..655f3309e 100644
--- a/RELNOTES
+++ b/RELNOTES
@@ -20,6 +20,7 @@ firejail (0.9.36-rc1) baseline; urgency=low
   * filesystem log
   * libtrace enhancements, tracing opendir call
   * added --tracelog option
+  * added "name" command to profile files
   * added "hostname" command to profile files
   * added automated feature testing framework
   * Debian reproductible build
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c
index 4a1990382..356807acf 100644
--- a/src/firejail/sandbox.c
+++ b/src/firejail/sandbox.c
@@ -276,9 +276,9 @@ int sandbox(void* sandbox_arg) {
 	//****************************
 	// log sandbox data
 	//****************************
-	fs_logger2int("sandbox pid:", (int) sandbox_pid);
 	if (cfg.name)
 		fs_logger2("sandbox name:", cfg.name);
+	fs_logger2int("sandbox pid:", (int) sandbox_pid);
 	if (cfg.chrootdir)
 		fs_logger("sandbox filesystem: chroot");
 	else if (arg_overlay)	
diff --git a/src/lib/common.c b/src/lib/common.c
index 7d2ee5362..90cee3e10 100644
--- a/src/lib/common.c
+++ b/src/lib/common.c
@@ -31,6 +31,7 @@
 #include <dirent.h>
 #include <string.h>
 #include "../include/common.h"
+#define BUFLEN 4096
 
 int join_namespace(pid_t pid, char *type) {
 	char *path;
@@ -100,6 +101,32 @@ int name2pid(const char *name, pid_t *pid) {
 			char *start = ptr;
 			if (!ptr) {
 				free(cmd);
+				
+				// extract name for /run/mnt/firejail/fslogger file
+				char *fname;
+				if (asprintf(&fname, "/proc/%d/root/run/firejail/mnt/fslogger", newpid) == -1)
+					errExit("asprintf");
+
+				struct stat s;
+				if (stat(fname, &s) == 0) {
+					FILE *fp = fopen(fname, "r");
+					if (fp) {
+						char buf[BUFLEN];
+						if (fgets(buf, BUFLEN, fp)) {
+							if (strncmp(buf, "sandbox name: ", 14) == 0) {
+								char *ptr2 = buf + 14;
+								if (strncmp(name, ptr2, strlen(name)) == 0) {
+									fclose(fp);
+									*pid = newpid;
+									closedir(dir);
+									return 0;
+								}
+							}
+						}
+						fclose(fp);
+					}
+				}	
+				
 				continue;
 			}
 			while (*ptr != ' ' && *ptr != '\t' && *ptr != '\0')
@@ -119,7 +146,6 @@ int name2pid(const char *name, pid_t *pid) {
 	return 1;
 }
 
-#define BUFLEN 4096
 char *pid_proc_comm(const pid_t pid) {
 	// open /proc/pid/cmdline file
 	char *fname;
diff --git a/src/man/firejail-profile.txt b/src/man/firejail-profile.txt
index e9cb1aa49..59d4a81ae 100644
--- a/src/man/firejail-profile.txt
+++ b/src/man/firejail-profile.txt
@@ -233,6 +233,13 @@ cgroup /sys/fs/cgroup/g1/tasks
 The sandbox is placed in g1 control group.
 
 .SH User Environment
+.TP
+\fBname sandboxname
+Set sandbox name. Example:
+.br
+
+.br
+name browser
 
 .TP
 \fBenv name=value
diff --git a/test/features/2.2.exp b/test/features/2.2.exp
index 7dc1e6a7d..c562328fd 100755
--- a/test/features/2.2.exp
+++ b/test/features/2.2.exp
@@ -26,10 +26,6 @@ expect {
 	timeout {puts "TESTING ERROR 1.1\n";exit}
 	"google.com"
 }
-expect {
-	timeout {puts "TESTING ERROR 1.2\n";exit}
-	"google.com"
-}
 expect {
 	timeout {puts "TESTING ERROR 1.3\n";exit}
 	"SERVER: 4.2.2.1"
@@ -58,10 +54,6 @@ expect {
 	timeout {puts "TESTING ERROR 3.1\n";exit}
 	"google.com"
 }
-expect {
-	timeout {puts "TESTING ERROR 3.2\n";exit}
-	"google.com"
-}
 expect {
 	timeout {puts "TESTING ERROR 3.3\n";exit}
 	"SERVER: 4.2.2.1"
@@ -89,10 +81,6 @@ expect {
 	timeout {puts "TESTING ERROR 5.1\n";exit}
 	"google.com"
 }
-expect {
-	timeout {puts "TESTING ERROR 5.2\n";exit}
-	"google.com"
-}
 expect {
 	timeout {puts "TESTING ERROR 5.3\n";exit}
 	"SERVER: 4.2.2.1"
diff --git a/test/seccomp-bad-empty.exp b/test/seccomp-bad-empty.exp
index 53b5c2e21..631d67743 100755
--- a/test/seccomp-bad-empty.exp
+++ b/test/seccomp-bad-empty.exp
@@ -25,14 +25,14 @@ expect {
 send --  "firejail --profile=seccomp-bad-empty.profile\r"
 expect {
 	timeout {puts "TESTING ERROR 6\n";exit}
-	"Error: line 1 in the custom profile is invalid"
+	"Error: line 1 in seccomp-bad-empty.profile is invalid"
 }
 
 send --  "firejail --profile=seccomp-bad-empty2.profile\r"
 expect {
 	timeout {puts "TESTING ERROR 7\n";exit}
-	"Error: line 1 in the custom profile is invalid"
+	"Error: line 1 in seccomp-bad-empty2.profile is invalid"
 }
 sleep 1
-puts "\n"
+puts "\nall done\n"
 
-- 
cgit v1.2.3-54-g00ecf