From 334c79edd83377a09c138800c0a2fefaf9c7981f Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Thu, 10 Nov 2016 07:18:24 -0500
Subject: testing

---
 src/firejail/main.c | 6 ++++--
 src/fnet/veth.c     | 6 ++++++
 2 files changed, 10 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/firejail/main.c b/src/firejail/main.c
index f01094af9..4759e6a5f 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -517,9 +517,11 @@ static void run_cmd_and_exit(int i, int argc, char **argv) {
 			struct stat s;
 			int rv;
 			if (stat("/proc/sys/kernel/grsecurity", &s) == 0)
-				rv = sbox_run(SBOX_ROOT | SBOX_CAPS_NONE | SBOX_SECCOMP, 2, PATH_FIREMON, "--netstats");
+				rv = sbox_run(SBOX_ROOT | SBOX_CAPS_NONE | SBOX_SECCOMP | SBOX_ALLOW_STDIN,
+					2, PATH_FIREMON, "--netstats");
 			else
-				rv = sbox_run(SBOX_USER | SBOX_CAPS_NONE | SBOX_SECCOMP, 2, PATH_FIREMON, "--netstats");
+				rv = sbox_run(SBOX_USER | SBOX_CAPS_NONE | SBOX_SECCOMP | SBOX_ALLOW_STDIN,
+					2, PATH_FIREMON, "--netstats");
 			exit(rv);
 		}
 		else {
diff --git a/src/fnet/veth.c b/src/fnet/veth.c
index d06bc9256..546fafcec 100644
--- a/src/fnet/veth.c
+++ b/src/fnet/veth.c
@@ -111,6 +111,8 @@ int net_create_veth(const char *dev, const char *nsdev, unsigned pid) {
 	if (rtnl_talk(&rth, &req.n, 0, 0, NULL) < 0)
 		exit(2);
 
+	rtnl_close(&rth);
+	
 	return 0;
 }
 
@@ -173,6 +175,8 @@ int net_create_macvlan(const char *dev, const char *parent, unsigned pid) {
 	if (rtnl_talk(&rth, &req.n, 0, 0, NULL) < 0)
 		exit(2);
 
+	rtnl_close(&rth);
+	
 	return 0;
 }
 
@@ -209,6 +213,8 @@ int net_move_interface(const char *dev, unsigned pid) {
 	if (rtnl_talk(&rth, &req.n, 0, 0, NULL) < 0)
 		exit(2);
 
+	rtnl_close(&rth);
+	
 	return 0;
 }
 
-- 
cgit v1.2.3-70-g09d2