From f4ab39bfce61aa7b61b860fab96488b7f3e8fb66 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Wed, 15 Feb 2017 19:51:50 -0500
Subject: merge #1100 from zackw: follow link support in --private-bin

---
 src/fcopy/main.c      | 16 +++++++++-------
 src/firejail/fs_bin.c |  2 +-
 2 files changed, 10 insertions(+), 8 deletions(-)

(limited to 'src')

diff --git a/src/fcopy/main.c b/src/fcopy/main.c
index 089152efc..9f19b6dd8 100644
--- a/src/fcopy/main.c
+++ b/src/fcopy/main.c
@@ -23,6 +23,8 @@
 #include <ftw.h>
 #include <errno.h>
 
+static int arg_follow_link = 0;
+
 
 #define COPY_LIMIT (500 * 1024 *1024)
 static int size_limit_reached = 0;
@@ -221,7 +223,7 @@ static void duplicate_dir(const char *src, const char *dest, struct stat *s) {
 }
 
 static void duplicate_file(const char *src, const char *dest, struct stat *s) {
-        char *rsrc = check(src); // we drop the result and use the original name
+        char *rsrc = check(src);
         char *rdest = check(dest);
         uid_t uid = s->st_uid;
         gid_t gid = s->st_gid;
@@ -229,7 +231,7 @@ static void duplicate_file(const char *src, const char *dest, struct stat *s) {
 
         // build destination file name
         char *name;
-        char *ptr = strrchr(src, '/');
+ 	char *ptr = (arg_follow_link)? strrchr(src, '/'): strrchr(rsrc, '/');
         ptr++;
         if (asprintf(&name, "%s/%s", rdest, ptr) == -1)
                 errExit("asprintf");
@@ -251,7 +253,7 @@ static void duplicate_link(const char *src, const char *dest, struct stat *s) {
 
         // build destination file name
         char *name;
-//	char *ptr = strrchr(rsrc, '/');
+//     char *ptr = strrchr(rsrc, '/');
         char *ptr = strrchr(src, '/');
         ptr++;
         if (asprintf(&name, "%s/%s", rdest, ptr) == -1)
@@ -287,19 +289,19 @@ printf("\n");
 #endif	
         char *src;
         char *dest;
-        int follow_link;
 
         if (argc == 3) {
                 src = argv[1];
                 dest = argv[2];
-                follow_link = 0;
+                arg_follow_link = 0;
         }
         else if (argc == 4 && !strcmp(argv[1], "--follow-link")) {
                 src = argv[2];
                 dest = argv[3];
-                follow_link = 1;
+                arg_follow_link = 1;
         }
         else {
+        	    fprintf(stderr, "Error: arguments missing\n");
                 usage();
                 exit(1);
         }
@@ -334,7 +336,7 @@ printf("\n");
         }
 
         // copy files
-        if ((follow_link ? stat : lstat)(src, &s) == -1) {
+        if ((arg_follow_link ? stat : lstat)(src, &s) == -1) {
                 fprintf(stderr, "Error fcopy: src %s: %s\n", src, strerror(errno));
                 exit(1);
         }
diff --git a/src/firejail/fs_bin.c b/src/firejail/fs_bin.c
index 547978b47..3473fca4c 100644
--- a/src/firejail/fs_bin.c
+++ b/src/firejail/fs_bin.c
@@ -111,7 +111,7 @@ static void duplicate(char *fname) {
 		errExit("asprintf");
 	
 	// copy the file
-	sbox_run(SBOX_ROOT| SBOX_SECCOMP, 3, PATH_FCOPY, full_path, RUN_BIN_DIR);
+	sbox_run(SBOX_ROOT| SBOX_SECCOMP, 4, PATH_FCOPY, "--follow-link", full_path, RUN_BIN_DIR);
 	fs_logger2("clone", fname);
 	free(full_path);
 }
-- 
cgit v1.2.3-70-g09d2