From 5e09cfb4f901d944c0418fcb041d4e96448028a2 Mon Sep 17 00:00:00 2001
From: Glenn Washburn <development@efficientek.com>
Date: Tue, 9 Jul 2019 16:41:34 -0500
Subject: Add gdb-firejail.sh to contrib for easy debugging of firejail with
 gdb.

---
 contrib/gdb-firejail.sh | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100755 contrib/gdb-firejail.sh

(limited to 'contrib/gdb-firejail.sh')

diff --git a/contrib/gdb-firejail.sh b/contrib/gdb-firejail.sh
new file mode 100755
index 000000000..3ee3fffb3
--- /dev/null
+++ b/contrib/gdb-firejail.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+set -x
+
+# gdb setuid helper script.
+# This script forks a background process as the current user which will
+# immediately send itself a `STOP` signal.  Then gdb running as root will
+# attach to that process, which will send it the `CONT` signal to continue
+# execution.  Then the backgrounded process will exec the program with the
+# given arguments.  This will allow the root gdb to trace the unprivileged
+# setuid firejail process from the absolute beginning.
+
+if [ -z "${1##*/firejail}" ]; then
+    FIREJAIL=$1
+else
+    # First argument is not named firejail, then add default unless environment
+    # variable already set.
+    set -- ${FIREJAIL:=$(which firejail)} "$@"
+fi
+
+bash -c "kill -STOP \$\$; exec \"\$0\" \"\$@\"" "$@" &
+sudo gdb -e  "$FIREJAIL" -p "$!"
\ No newline at end of file
-- 
cgit v1.2.3-54-g00ecf