/[path-sandbox]/trunk/src/sandbox.c
Gentoo

Diff of /trunk/src/sandbox.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 2 Revision 30
36int preload_adaptable = 1; 36int preload_adaptable = 1;
37int cleaned_up = 0; 37int cleaned_up = 0;
38int print_debug = 0; 38int print_debug = 0;
39int stop_called = 0; 39int stop_called = 0;
40 40
41/* Read pids file, and load active pids into an array. Return number of pids in array */ 41/* Read pids file, and load active pids into an array. Return number of pids in array */
42int
43load_active_pids(int fd, int **pids) 42int load_active_pids(int fd, int **pids)
44{ 43{
45 char *data = NULL; 44 char *data = NULL;
46 char *ptr = NULL, *ptr2 = NULL; 45 char *ptr = NULL, *ptr2 = NULL;
47 int my_pid; 46 int my_pid;
48 int num_pids = 0; 47 int num_pids = 0;
51 pids[0] = NULL; 50 pids[0] = NULL;
52 51
53 len = file_length(fd); 52 len = file_length(fd);
54 53
55 /* Allocate and zero datablock to read pids file */ 54 /* Allocate and zero datablock to read pids file */
56 data = (char *) malloc((len + 1) * sizeof (char)); 55 data = (char *)malloc((len + 1) * sizeof(char));
57 memset(data, 0, len + 1); 56 memset(data, 0, len + 1);
58 57
59 /* Start at beginning of file */ 58 /* Start at beginning of file */
60 lseek(fd, 0L, SEEK_SET); 59 lseek(fd, 0L, SEEK_SET);
61 60
67 /* Loop and read all pids */ 66 /* Loop and read all pids */
68 while (1) { 67 while (1) {
69 /* Find new line */ 68 /* Find new line */
70 ptr2 = strchr(ptr, '\n'); 69 ptr2 = strchr(ptr, '\n');
71 if (ptr2 == NULL) 70 if (ptr2 == NULL)
72 break; /* No more PIDs */ 71 break; /* No more PIDs */
73 72
74 /* Clear the \n. And ptr should have a null-terminated decimal string */ 73 /* Clear the \n. And ptr should have a null-terminated decimal string */
75 ptr2[0] = 0; 74 ptr2[0] = 0;
76 75
77 my_pid = atoi(ptr); 76 my_pid = atoi(ptr);
78 77
79 /* If the PID is still alive, add it to our array */ 78 /* If the PID is still alive, add it to our array */
80 if ((0 != my_pid) && (0 == kill(my_pid, 0))) { 79 if ((0 != my_pid) && (0 == kill(my_pid, 0))) {
81 pids[0] = (int *) realloc(pids[0], (num_pids + 1) * sizeof (int)); 80 pids[0] = (int *)realloc(pids[0], (num_pids + 1) * sizeof(int));
82 pids[0][num_pids] = my_pid; 81 pids[0][num_pids] = my_pid;
83 num_pids++; 82 num_pids++;
84 } 83 }
85 84
86 /* Put ptr past the NULL we just wrote */ 85 /* Put ptr past the NULL we just wrote */
93 92
94 return num_pids; 93 return num_pids;
95} 94}
96 95
97/* Read ld.so.preload file, and loads dirs into an array. Return number of entries in array */ 96/* Read ld.so.preload file, and loads dirs into an array. Return number of entries in array */
98int
99load_preload_libs(int fd, char ***preloads) 97int load_preload_libs(int fd, char ***preloads)
100{ 98{
101 char *data = NULL; 99 char *data = NULL;
102 char *ptr = NULL, *ptr2 = NULL; 100 char *ptr = NULL, *ptr2 = NULL;
103 int num_entries = 0; 101 int num_entries = 0;
104 long len; 102 long len;
106 preloads[0] = NULL; 104 preloads[0] = NULL;
107 105
108 len = file_length(fd); 106 len = file_length(fd);
109 107
110 /* Allocate and zero datablock to read pids file */ 108 /* Allocate and zero datablock to read pids file */
111 data = (char *) malloc((len + 1) * sizeof (char)); 109 data = (char *)malloc((len + 1) * sizeof(char));
112 memset(data, 0, len + 1); 110 memset(data, 0, len + 1);
113 111
114 /* Start at beginning of file */ 112 /* Start at beginning of file */
115 lseek(fd, 0L, SEEK_SET); 113 lseek(fd, 0L, SEEK_SET);
116 114
131 if (NULL != ptr2) 129 if (NULL != ptr2)
132 ptr2[0] = 0; 130 ptr2[0] = 0;
133 131
134 /* If listing does not match our libname, add it to the array */ 132 /* If listing does not match our libname, add it to the array */
135 if ((strlen(ptr)) && (NULL == strstr(ptr, LIB_NAME))) { 133 if ((strlen(ptr)) && (NULL == strstr(ptr, LIB_NAME))) {
136 preloads[0] =
137 (char **) realloc(preloads[0], (num_entries + 1) * sizeof (char **)); 134 preloads[0] = (char **)realloc(preloads[0], (num_entries + 1) * sizeof(char **));
138 preloads[0][num_entries] = strdup(ptr); 135 preloads[0][num_entries] = strdup(ptr);
139 num_entries++; 136 num_entries++;
140 } 137 }
141 138
142 if (NULL == ptr2) 139 if (NULL == ptr2)
143 break; /* No more PIDs */ 140 break; /* No more PIDs */
144 141
145 /* Put ptr past the NULL we just wrote */ 142 /* Put ptr past the NULL we just wrote */
146 ptr = ptr2 + 1; 143 ptr = ptr2 + 1;
147 } 144 }
148 145
151 data = NULL; 148 data = NULL;
152 149
153 return num_entries; 150 return num_entries;
154} 151}
155 152
156void
157cleanup() 153void cleanup()
158{ 154{
159 int i = 0; 155 int i = 0;
160 int success = 1; 156 int success = 1;
161 int pids_file = -1, num_of_pids = 0; 157 int pids_file = -1, num_of_pids = 0;
162 int *pids_array = NULL; 158 int *pids_array = NULL;
219 215
220 /* store the other preload libraries back into the /etc/ld.so.preload file */ 216 /* store the other preload libraries back into the /etc/ld.so.preload file */
221 if (num_of_preloads > 0) { 217 if (num_of_preloads > 0) {
222 for (i = 0; i < num_of_preloads; i++) { 218 for (i = 0; i < num_of_preloads; i++) {
223 sprintf(preload_entry, "%s\n", preload_array[i]); 219 sprintf(preload_entry, "%s\n", preload_array[i]);
224 if (write 220 if (write(preload_file, preload_entry, strlen(preload_entry)) != strlen(preload_entry)) {
225 (preload_file,
226 preload_entry,
227 strlen(preload_entry)) != strlen(preload_entry)) {
228 perror(">>> /etc/ld.so.preload file write"); 221 perror(">>> /etc/ld.so.preload file write");
229 success = 0; 222 success = 0;
230 break; 223 break;
231 } 224 }
232 } 225 }
254 if (num_of_pids > 1) { 247 if (num_of_pids > 1) {
255 for (i = 0; i < num_of_pids; i++) { 248 for (i = 0; i < num_of_pids; i++) {
256 if (pids_array[i] != getpid()) { 249 if (pids_array[i] != getpid()) {
257 sprintf(pid_string, "%d\n", pids_array[i]); 250 sprintf(pid_string, "%d\n", pids_array[i]);
258 251
259 if (write(pids_file, pid_string, strlen(pid_string)) != 252 if (write(pids_file, pid_string, strlen(pid_string)) != strlen(pid_string)) {
260 strlen(pid_string)) {
261 perror(">>> pids file write"); 253 perror(">>> pids file write");
262 success = 0; 254 success = 0;
263 break; 255 break;
264 } 256 }
265 } 257 }
284 free(sandbox_pids_file); 276 free(sandbox_pids_file);
285 if (0 == success) 277 if (0 == success)
286 return; 278 return;
287} 279}
288 280
289void
290stop(int signum) 281void stop(int signum)
291{ 282{
292 if (stop_called == 0) { 283 if (stop_called == 0) {
293 stop_called = 1; 284 stop_called = 1;
294 printf("Caught signal %d in pid %d\r\n", signum, getpid()); 285 printf("Caught signal %d in pid %d\r\n", signum, getpid());
295 cleanup(); 286 cleanup();
296 } else { 287 } else {
297 fprintf(stderr, "Pid %d alreadly caught signal and is still cleaning up\n", getpid()); 288 fprintf(stderr, "Pid %d alreadly caught signal and is still cleaning up\n", getpid());
298 } 289 }
299} 290}
300 291
301void
302setenv_sandbox_write(char *home_dir, char *portage_tmp_dir, char *var_tmp_dir, 292void setenv_sandbox_write(char *home_dir, char *portage_tmp_dir, char *var_tmp_dir, char *tmp_dir)
303 char *tmp_dir)
304{ 293{
305 char buf[1024]; 294 char buf[1024];
306 295
307 /* bzero out entire buffer then append trailing 0 */ 296 /* bzero out entire buffer then append trailing 0 */
308 memset(buf, 0, sizeof(buf)); 297 memset(buf, 0, sizeof(buf));
309 298
310 if (!getenv(ENV_SANDBOX_WRITE)) { 299 if (!getenv(ENV_SANDBOX_WRITE)) {
311 /* these could go into make.globals later on */ 300 /* these could go into make.globals later on */
312 snprintf(buf, sizeof(buf), 301 snprintf(buf, sizeof(buf),
313 "%s:%s/.gconfd/lock:%s/.bash_history:", \ 302 "%s:%s/.gconfd/lock:%s/.bash_history:",
314 "/dev/zero:/dev/fd/:/dev/null:/dev/pts/:" \ 303 "/dev/zero:/dev/fd/:/dev/null:/dev/pts/:"
315 "/dev/vc/:/dev/tty:/tmp/:" \ 304 "/dev/vc/:/dev/tty:/tmp/:"
316 "/dev/shm/ngpt:/var/log/scrollkeeper.log:" \ 305 "/dev/shm/ngpt:/var/log/scrollkeeper.log:"
317 "/usr/tmp/conftest:/usr/lib/conftest:" \ 306 "/usr/tmp/conftest:/usr/lib/conftest:"
318 "/usr/lib32/conftest:/usr/lib64/conftest:" \ 307 "/usr/lib32/conftest:/usr/lib64/conftest:"
319 "/usr/tmp/cf:/usr/lib/cf:/usr/lib32/cf:/usr/lib64/cf", 308 "/usr/tmp/cf:/usr/lib/cf:/usr/lib32/cf:/usr/lib64/cf",
320 home_dir, home_dir); 309 home_dir, home_dir);
321 310
322 if (NULL == portage_tmp_dir) { 311 if (NULL == portage_tmp_dir) {
323 strncat(buf, tmp_dir, sizeof(buf)); 312 strncat(buf, tmp_dir, sizeof(buf));
324 strncat(buf, ":", sizeof(buf)); 313 strncat(buf, ":", sizeof(buf));
325 strncat(buf, var_tmp_dir, sizeof(buf)); 314 strncat(buf, var_tmp_dir, sizeof(buf));
335 buf[sizeof(buf) - 1] = '\0'; 324 buf[sizeof(buf) - 1] = '\0';
336 setenv(ENV_SANDBOX_WRITE, buf, 1); 325 setenv(ENV_SANDBOX_WRITE, buf, 1);
337 } 326 }
338} 327}
339 328
340void
341setenv_sandbox_predict(char *home_dir) 329void setenv_sandbox_predict(char *home_dir)
342{ 330{
343 char buf[1024]; 331 char buf[1024];
344 332
345 memset(buf, 0, sizeof(buf)); 333 memset(buf, 0, sizeof(buf));
346 334
347 if (!getenv(ENV_SANDBOX_PREDICT)) { 335 if (!getenv(ENV_SANDBOX_PREDICT)) {
348 /* these should go into make.globals later on */ 336 /* these should go into make.globals later on */
349 snprintf(buf, sizeof(buf), "%s/.:" \ 337 snprintf(buf, sizeof(buf), "%s/.:"
350 "/usr/lib/python2.0/:" \ 338 "/usr/lib/python2.0/:"
351 "/usr/lib/python2.1/:" \ 339 "/usr/lib/python2.1/:"
352 "/usr/lib/python2.2/:" \ 340 "/usr/lib/python2.2/:"
353 "/usr/lib/python2.3/:" \ 341 "/usr/lib/python2.3/:"
354 "/usr/lib/python2.4/:" \ 342 "/usr/lib/python2.4/:"
355 "/usr/lib/python2.5/:" \ 343 "/usr/lib/python2.5/:"
356 "/usr/lib/python3.0/:", 344 "/usr/lib/python3.0/:",
357 home_dir); 345 home_dir);
358 346
359 buf[sizeof(buf) - 1] = '\0'; 347 buf[sizeof(buf) - 1] = '\0';
360 setenv(ENV_SANDBOX_PREDICT, buf, 1); 348 setenv(ENV_SANDBOX_PREDICT, buf, 1);
361 } 349 }
362} 350}
363 351
364int
365print_sandbox_log(char *sandbox_log) 352int print_sandbox_log(char *sandbox_log)
366{ 353{
367 int sandbox_log_file = -1; 354 int sandbox_log_file = -1;
368 char *beep_count_env = NULL; 355 char *beep_count_env = NULL;
369 int i, color, beep_count = 0; 356 int i, color, beep_count = 0;
370 long len = 0; 357 long len = 0;
373 sandbox_log_file = file_open(sandbox_log, "r", 1, 0664, "portage"); 360 sandbox_log_file = file_open(sandbox_log, "r", 1, 0664, "portage");
374 if (-1 == sandbox_log_file) 361 if (-1 == sandbox_log_file)
375 return 0; 362 return 0;
376 363
377 len = file_length(sandbox_log_file); 364 len = file_length(sandbox_log_file);
378 buffer = (char *) malloc((len + 1) * sizeof (char)); 365 buffer = (char *)malloc((len + 1) * sizeof(char));
379 memset(buffer, 0, len + 1); 366 memset(buffer, 0, len + 1);
380 read(sandbox_log_file, buffer, len); 367 read(sandbox_log_file, buffer, len);
381 file_close(sandbox_log_file); 368 file_close(sandbox_log_file);
382 369
383 color = ( (getenv("NOCOLOR") != NULL) ? 0 : 1); 370 color = ((getenv("NOCOLOR") != NULL) ? 0 : 1);
384 371
372 if (color)
385 if (color) printf("\e[31;01m"); 373 printf("\e[31;01m");
386 printf("--------------------------- ACCESS VIOLATION SUMMARY ---------------------------"); 374 printf("--------------------------- ACCESS VIOLATION SUMMARY ---------------------------");
375 if (color)
387 if (color) printf("\033[0m"); 376 printf("\033[0m");
377 if (color)
388 if (color) printf("\e[31;01m"); 378 printf("\e[31;01m");
389 printf("\nLOG FILE = \"%s\"", sandbox_log); 379 printf("\nLOG FILE = \"%s\"", sandbox_log);
380 if (color)
390 if (color) printf("\033[0m"); 381 printf("\033[0m");
391 printf("\n\n"); 382 printf("\n\n");
392 printf("%s", buffer); 383 printf("%s", buffer);
393 if (buffer) 384 if (buffer)
394 free(buffer); 385 free(buffer);
395 buffer = NULL; 386 buffer = NULL;
396 printf
397 ("\e[31;01m--------------------------------------------------------------------------------\033[0m\n"); 387 printf("\e[31;01m--------------------------------------------------------------------------------\033[0m\n");
398 388
399 beep_count_env = getenv(ENV_SANDBOX_BEEP); 389 beep_count_env = getenv(ENV_SANDBOX_BEEP);
400 if (beep_count_env) 390 if (beep_count_env)
401 beep_count = atoi(beep_count_env); 391 beep_count = atoi(beep_count_env);
402 else 392 else
408 sleep(1); 398 sleep(1);
409 } 399 }
410 return 1; 400 return 1;
411} 401}
412 402
413int
414spawn_shell(char *argv_bash[]) 403int spawn_shell(char *argv_bash[])
415{ 404{
416#ifdef USE_SYSTEM_SHELL 405#ifdef USE_SYSTEM_SHELL
417 int i = 0; 406 int i = 0;
418 char *sh = NULL; 407 char *sh = NULL;
419 int first = 1; 408 int first = 1;
423 while (1) { 412 while (1) {
424 if (NULL == argv_bash[i]) 413 if (NULL == argv_bash[i])
425 break; 414 break;
426 if (NULL != sh) 415 if (NULL != sh)
427 len = strlen(sh); 416 len = strlen(sh);
428 sh = (char *) realloc(sh, len + strlen(argv_bash[i]) + 5); 417 sh = (char *)realloc(sh, len + strlen(argv_bash[i]) + 5);
429 if (first) { 418 if (first) {
430 sh[0] = 0; 419 sh[0] = 0;
431 first = 0; 420 first = 0;
432 } 421 }
433 strcat(sh, "\""); 422 strcat(sh, "\"");
470# endif 459# endif
471 return 1; 460 return 1;
472#endif 461#endif
473} 462}
474 463
475int
476main(int argc, char **argv) 464int main(int argc, char **argv)
477{ 465{
478 int i = 0, success = 1; 466 int i = 0, success = 1;
479#ifdef USE_LD_SO_PRELOAD 467#ifdef USE_LD_SO_PRELOAD
480 int preload_file = -1; 468 int preload_file = -1;
481#endif 469#endif
511 /* Only print info if called with no arguments .... */ 499 /* Only print info if called with no arguments .... */
512 if (argc < 2) 500 if (argc < 2)
513 print_debug = 1; 501 print_debug = 1;
514 502
515 if (print_debug) 503 if (print_debug)
516 printf
517 ("========================== Gentoo linux path sandbox ===========================\n"); 504 printf("========================== Gentoo linux path sandbox ===========================\n");
518 505
519 /* check if a sandbox is already running */ 506 /* check if a sandbox is already running */
520 if (NULL != getenv(ENV_SANDBOX_ON)) { 507 if (NULL != getenv(ENV_SANDBOX_ON)) {
521 fprintf(stderr, 508 fprintf(stderr, "Not launching a new sandbox instance\n");
522 "Not launching a new sandbox instance\nAnother one is already running in this process hierarchy.\n"); 509 fprintf(stderr, "Another one is already running in this process hierarchy.\n");
523 exit(1); 510 exit(1);
524 } else { 511 } else {
525 512
526 /* determine the location of all the sandbox support files */ 513 /* determine the location of all the sandbox support files */
527 if (print_debug) 514 if (print_debug)
556 if (print_debug) 543 if (print_debug)
557 printf("Verification of the required files.\n"); 544 printf("Verification of the required files.\n");
558 545
559#ifndef SB_HAVE_64BIT_ARCH 546#ifndef SB_HAVE_64BIT_ARCH
560 if (file_exist(sandbox_lib, 0) <= 0) { 547 if (file_exist(sandbox_lib, 0) <= 0) {
561 fprintf(stderr, "Could not open the sandbox library at '%s'.\n", 548 fprintf(stderr, "Could not open the sandbox library at '%s'.\n", sandbox_lib);
562 sandbox_lib);
563 return -1; 549 return -1;
564 } 550 }
565#endif 551#endif
566 if (file_exist(sandbox_rc, 0) <= 0) { 552 if (file_exist(sandbox_rc, 0) <= 0) {
567 fprintf(stderr, "Could not open the sandbox rc file at '%s'.\n", 553 fprintf(stderr, "Could not open the sandbox rc file at '%s'.\n", sandbox_rc);
568 sandbox_rc);
569 return -1; 554 return -1;
570 } 555 }
571#ifdef USE_LD_SO_PRELOAD 556#ifdef USE_LD_SO_PRELOAD
572 /* ensure that the /etc/ld.so.preload file contains an entry for the sandbox lib */ 557 /* ensure that the /etc/ld.so.preload file contains an entry for the sandbox lib */
573 if (print_debug) 558 if (print_debug)
582 if (getuid() == 0) { 567 if (getuid() == 0) {
583 /* Our r+ also will create the file if it doesn't exist */ 568 /* Our r+ also will create the file if it doesn't exist */
584 preload_file = file_open("/etc/ld.so.preload", "r+", 1, 0644); 569 preload_file = file_open("/etc/ld.so.preload", "r+", 1, 0644);
585 if (-1 == preload_file) { 570 if (-1 == preload_file) {
586 preload_adaptable = 0; 571 preload_adaptable = 0;
587/* exit(1);*/ 572/* exit(1);*/
588 } 573 }
589 } else { 574 } else {
590 /* Avoid permissions warnings if we're not root */ 575 /* Avoid permissions warnings if we're not root */
591 preload_adaptable = 0; 576 preload_adaptable = 0;
592 } 577 }
601 586
602 /* Write contents of preload file */ 587 /* Write contents of preload file */
603 for (i = 0; i < num_of_preloads + 1; i++) { 588 for (i = 0; i < num_of_preloads + 1; i++) {
604 /* First entry should be our sandbox library */ 589 /* First entry should be our sandbox library */
605 if (0 == i) { 590 if (0 == i) {
606 if (write 591 if (write(preload_file, sandbox_lib, strlen(sandbox_lib)) != strlen(sandbox_lib)) {
607 (preload_file, sandbox_lib,
608 strlen(sandbox_lib)) != strlen(sandbox_lib)) {
609 perror(">>> /etc/ld.so.preload file write"); 592 perror(">>> /etc/ld.so.preload file write");
610 success = 0; 593 success = 0;
611 break; 594 break;
612 } 595 }
613 } else { 596 } else {
614 /* Output all other preload entries */ 597 /* Output all other preload entries */
615 if (write
616 (preload_file, preload_array[i - 1], 598 if (write(preload_file, preload_array[i - 1],
617 strlen(preload_array[i - 1])) != strlen(preload_array[i - 1])) { 599 strlen(preload_array[i - 1])) != strlen(preload_array[i - 1])) {
618 perror(">>> /etc/ld.so.preload file write"); 600 perror(">>> /etc/ld.so.preload file write");
619 success = 0; 601 success = 0;
620 break; 602 break;
621 } 603 }
622 } 604 }
657 tmp_string = NULL; 639 tmp_string = NULL;
658 640
659 setenv(ENV_SANDBOX_LOG, sandbox_log, 1); 641 setenv(ENV_SANDBOX_LOG, sandbox_log, 1);
660 642
661 snprintf(sandbox_debug_log, sizeof(sandbox_debug_log), "%s%s%s", 643 snprintf(sandbox_debug_log, sizeof(sandbox_debug_log), "%s%s%s",
662 DEBUG_LOG_FILE_PREFIX, pid_string, LOG_FILE_EXT); 644 DEBUG_LOG_FILE_PREFIX, pid_string, LOG_FILE_EXT);
663 setenv(ENV_SANDBOX_DEBUG_LOG, sandbox_debug_log, 1); 645 setenv(ENV_SANDBOX_DEBUG_LOG, sandbox_debug_log, 1);
664 646
665 home_dir = getenv("HOME"); 647 home_dir = getenv("HOME");
666 if (!home_dir) { 648 if (!home_dir) {
667 home_dir = "/tmp"; 649 home_dir = "/tmp";
671 /* drobbins: we need to expand these paths using realpath() so that PORTAGE_TMPDIR 653 /* drobbins: we need to expand these paths using realpath() so that PORTAGE_TMPDIR
672 * can contain symlinks (example, /var is a symlink, /var/tmp is a symlink.) Without 654 * can contain symlinks (example, /var is a symlink, /var/tmp is a symlink.) Without
673 * this, access is denied to /var/tmp, hurtin' ebuilds. 655 * this, access is denied to /var/tmp, hurtin' ebuilds.
674 */ 656 */
675 657
658 {
676 { char *e; 659 char *e;
677 e = getenv("PORTAGE_TMPDIR"); 660 e = getenv("PORTAGE_TMPDIR");
678 if ( e && ( strlen(e) < sizeof(portage_tmp_dir)-1 ) && (strlen(e) > 1) ) 661 if (e && (strlen(e) < sizeof(portage_tmp_dir) - 1) && (strlen(e) > 1))
679 realpath(e, portage_tmp_dir); 662 realpath(e, portage_tmp_dir);
680 663
681 } 664 }
682 realpath("/var/tmp", var_tmp_dir); 665 realpath("/var/tmp", var_tmp_dir);
683 realpath("/tmp", tmp_dir); 666 realpath("/tmp", tmp_dir);
700 683
701 /* if the portage temp dir was present, cd into it */ 684 /* if the portage temp dir was present, cd into it */
702 if (NULL != portage_tmp_dir) 685 if (NULL != portage_tmp_dir)
703 chdir(portage_tmp_dir); 686 chdir(portage_tmp_dir);
704 687
705 argv_bash = (char **) malloc(6 * sizeof (char *)); 688 argv_bash = (char **)malloc(6 * sizeof(char *));
706 argv_bash[0] = strdup("/bin/bash"); 689 argv_bash[0] = strdup("/bin/bash");
707 argv_bash[1] = strdup("-rcfile"); 690 argv_bash[1] = strdup("-rcfile");
708 argv_bash[2] = strdup(sandbox_rc); 691 argv_bash[2] = strdup(sandbox_rc);
709 692
710 if (argc < 2) 693 if (argc < 2)
711 argv_bash[3] = NULL; 694 argv_bash[3] = NULL;
712 else 695 else
713 argv_bash[3] = strdup(run_str); /* "-c" */ 696 argv_bash[3] = strdup(run_str); /* "-c" */
714 697
715 argv_bash[4] = NULL; /* strdup(run_arg); */ 698 argv_bash[4] = NULL; /* strdup(run_arg); */
716 argv_bash[5] = NULL; 699 argv_bash[5] = NULL;
717 700
718 if (argc >= 2) { 701 if (argc >= 2) {
719 for (i = 1; i < argc; i++) { 702 for (i = 1; i < argc; i++) {
720 if (NULL == argv_bash[4]) 703 if (NULL == argv_bash[4])
721 len = 0; 704 len = 0;
722 else 705 else
723 len = strlen(argv_bash[4]); 706 len = strlen(argv_bash[4]);
724 707
725 argv_bash[4] = 708 argv_bash[4] = (char *)realloc(argv_bash[4], (len + strlen(argv[i]) + 2) * sizeof(char));
726 (char *) realloc(argv_bash[4],
727 (len + strlen(argv[i]) + 2) * sizeof (char));
728 709
729 if (0 == len) 710 if (0 == len)
730 argv_bash[4][0] = 0; 711 argv_bash[4][0] = 0;
731 if (1 != i) 712 if (1 != i)
732 strcat(argv_bash[4], " "); 713 strcat(argv_bash[4], " ");
773 if (i == num_of_pids) 754 if (i == num_of_pids)
774 sprintf(pid_string, "%d\n", getpid()); 755 sprintf(pid_string, "%d\n", getpid());
775 else 756 else
776 sprintf(pid_string, "%d\n", pids_array[i]); 757 sprintf(pid_string, "%d\n", pids_array[i]);
777 758
778 if (write(pids_file, pid_string, strlen(pid_string)) != 759 if (write(pids_file, pid_string, strlen(pid_string)) != strlen(pid_string)) {
779 strlen(pid_string)) {
780 perror(">>> pids file write"); 760 perror(">>> pids file write");
781 success = 0; 761 success = 0;
782 break; 762 break;
783 } 763 }
784 } 764 }
799 } 779 }
800 780
801 /* STARTING PROTECTED ENVIRONMENT */ 781 /* STARTING PROTECTED ENVIRONMENT */
802 if (print_debug) { 782 if (print_debug) {
803 printf("The protected environment has been started.\n"); 783 printf("The protected environment has been started.\n");
804 printf
805 ("--------------------------------------------------------------------------------\n"); 784 printf("--------------------------------------------------------------------------------\n");
806 } 785 }
807 786
808 if (print_debug) 787 if (print_debug)
809 printf("Shell being started in forked process.\n"); 788 printf("Shell being started in forked process.\n");
810 789
829 printf("Cleaning up sandbox process\n"); 808 printf("Cleaning up sandbox process\n");
830 809
831 cleanup(); 810 cleanup();
832 811
833 if (print_debug) { 812 if (print_debug) {
834 printf
835 ("========================== Gentoo linux path sandbox ===========================\n"); 813 printf("========================== Gentoo linux path sandbox ===========================\n");
836 printf("The protected environment has been shut down.\n"); 814 printf("The protected environment has been shut down.\n");
837 } 815 }
838 816
839 if (file_exist(sandbox_log, 0)) { 817 if (file_exist(sandbox_log, 0)) {
840 sandbox_log_presence = 1; 818 sandbox_log_presence = 1;
847 exit(1); 825 exit(1);
848#endif 826#endif
849 827
850 sandbox_log_file = -1; 828 sandbox_log_file = -1;
851 } else if (print_debug) { 829 } else if (print_debug) {
852 printf
853 ("--------------------------------------------------------------------------------\n"); 830 printf("--------------------------------------------------------------------------------\n");
854 } 831 }
855 832
856 if ((sandbox_log_presence) || (!success)) 833 if ((sandbox_log_presence) || (!success))
857 return 1; 834 return 1;
858 else 835 else
859 return 0; 836 return 0;
860 } 837 }
861} 838}
862 839
863// vim:expandtab noai:cindent ai 840// vim:noexpandtab noai:cindent ai

Legend:
Removed from v.2  
changed lines
  Added in v.30

  ViewVC Help
Powered by ViewVC 1.1.20