/[path-sandbox]/trunk/src/sandbox.c
Gentoo

Contents of /trunk/src/sandbox.c

Parent Directory Parent Directory | Revision Log Revision Log


Revision 300 - (show annotations) (download) (as text)
Sat Jul 8 21:12:12 2006 UTC (8 years ago) by azarah
File MIME type: text/x-csrc
File size: 18721 byte(s)
Remove debug printf() that I missed to remove.

1 /*
2 ** Path sandbox for the gentoo linux portage package system, initially
3 ** based on the ROCK Linux Wrapper for getting a list of created files
4 **
5 ** to integrate with bash, bash should have been built like this
6 **
7 ** ./configure --prefix=<prefix> --host=<host> --without-gnu-malloc
8 **
9 ** it's very important that the --enable-static-link option is NOT specified
10 **
11 ** Copyright (C) 2001 Geert Bevin, Uwyn, http://www.uwyn.com
12 ** Distributed under the terms of the GNU General Public License, v2 or later
13 ** Author : Geert Bevin <gbevin@uwyn.com>
14 ** $Header$
15 */
16
17 /* #define _GNU_SOURCE */
18
19 #include <errno.h>
20 #include <signal.h>
21 #include <stdio.h>
22 #include <stdlib.h>
23 #include <limits.h>
24 #include <string.h>
25 #include <sys/wait.h>
26 #include <signal.h>
27 #include <unistd.h>
28 #include <fcntl.h>
29
30 #include "sandbox.h"
31 #include "rcscripts/rcutil.h"
32
33 struct sandbox_info_t {
34 char sandbox_log[SB_PATH_MAX];
35 char sandbox_debug_log[SB_PATH_MAX];
36 char sandbox_lib[SB_PATH_MAX];
37 char sandbox_rc[SB_PATH_MAX];
38 char work_dir[SB_PATH_MAX];
39 char var_tmp_dir[SB_PATH_MAX];
40 char tmp_dir[SB_PATH_MAX];
41 char *home_dir;
42 } sandbox_info_t;
43
44 static int print_debug = 0;
45
46 volatile static int stop_called = 0;
47 volatile static pid_t child_pid = 0;
48
49 static char log_domain[] = "sandbox";
50
51 extern char **environ;
52
53 int sandbox_setup(struct sandbox_info_t *sandbox_info, bool interactive)
54 {
55 if (NULL != getenv(ENV_PORTAGE_TMPDIR)) {
56 /* Portage handle setting SANDBOX_WRITE itself. */
57 sandbox_info->work_dir[0] = '\0';
58 } else {
59 if (NULL == getcwd(sandbox_info->work_dir, SB_PATH_MAX)) {
60 perror("sandbox: Failed to get current directory");
61 return -1;
62 }
63 if (interactive)
64 setenv(ENV_SANDBOX_WORKDIR, sandbox_info->work_dir, 1);
65 }
66
67 /* Do not resolve symlinks, etc .. libsandbox will handle that. */
68 if (!rc_is_dir(VAR_TMPDIR, TRUE)) {
69 perror("sandbox: Failed to get var_tmp_dir");
70 return -1;
71 }
72 snprintf(sandbox_info->var_tmp_dir, SB_PATH_MAX, "%s", VAR_TMPDIR);
73
74 if (-1 == get_tmp_dir(sandbox_info->tmp_dir)) {
75 perror("sandbox: Failed to get tmp_dir");
76 return -1;
77 }
78 setenv(ENV_TMPDIR, sandbox_info->tmp_dir, 1);
79
80 sandbox_info->home_dir = getenv("HOME");
81 if (!sandbox_info->home_dir) {
82 sandbox_info->home_dir = sandbox_info->tmp_dir;
83 setenv("HOME", sandbox_info->home_dir, 1);
84 }
85
86 /* Generate sandbox lib path */
87 get_sandbox_lib(sandbox_info->sandbox_lib);
88
89 /* Generate sandbox bashrc path */
90 get_sandbox_rc(sandbox_info->sandbox_rc);
91
92 /* Generate sandbox log full path */
93 get_sandbox_log(sandbox_info->sandbox_log);
94 if (rc_file_exists(sandbox_info->sandbox_log)) {
95 if (-1 == unlink(sandbox_info->sandbox_log)) {
96 perror("sandbox: Could not unlink old log file");
97 return -1;
98 }
99 }
100
101 /* Generate sandbox debug log full path */
102 get_sandbox_debug_log(sandbox_info->sandbox_debug_log);
103 if (rc_file_exists(sandbox_info->sandbox_debug_log)) {
104 if (-1 == unlink(sandbox_info->sandbox_debug_log)) {
105 perror("sandbox: Could not unlink old debug log file");
106 return -1;
107 }
108 }
109
110 return 0;
111 }
112
113 int print_sandbox_log(char *sandbox_log)
114 {
115 int sandbox_log_file = -1;
116 char *beep_count_env = NULL;
117 int i, color, beep_count = 0;
118 long len = 0;
119 char *buffer = NULL;
120
121 if (!rc_is_file(sandbox_log, FALSE)) {
122 perror("sandbox: Log file is not a regular file");
123 return 0;
124 }
125
126 sandbox_log_file = open(sandbox_log, O_RDONLY);
127 if (-1 == sandbox_log_file) {
128 perror("sandbox: Could not open Log file");
129 return 0;
130 }
131
132 len = file_length(sandbox_log_file);
133 buffer = (char *)xmalloc((len + 1) * sizeof(char));
134 memset(buffer, 0, len + 1);
135 read(sandbox_log_file, buffer, len);
136 close(sandbox_log_file);
137
138 color = ((is_env_on(ENV_NOCOLOR)) ? 0 : 1);
139
140 SB_EERROR(color,
141 "--------------------------- ACCESS VIOLATION SUMMARY ---------------------------",
142 "\n");
143 SB_EERROR(color, "LOG FILE = \"%s\"", "\n\n", sandbox_log);
144 fprintf(stderr, "%s", buffer);
145 if (NULL != buffer)
146 free(buffer);
147 SB_EERROR(color,
148 "--------------------------------------------------------------------------------",
149 "\n");
150
151 beep_count_env = getenv(ENV_SANDBOX_BEEP);
152 if (beep_count_env)
153 beep_count = atoi(beep_count_env);
154 else
155 beep_count = DEFAULT_BEEP_COUNT;
156
157 for (i = 0; i < beep_count; i++) {
158 fputc('\a', stderr);
159 if (i < beep_count - 1)
160 sleep(1);
161 }
162
163 return 1;
164 }
165
166 void stop(int signum)
167 {
168 if (0 == stop_called) {
169 stop_called = 1;
170 printf("sandbox: Caught signal %d in pid %d\n",
171 signum, getpid());
172 } else {
173 fprintf(stderr,
174 "sandbox: Signal already caught and busy still cleaning up!\n");
175 }
176 }
177
178 void usr1_handler(int signum, siginfo_t *siginfo, void *ucontext)
179 {
180 if (0 == stop_called) {
181 stop_called = 1;
182 printf("sandbox: Caught signal %d in pid %d\n",
183 signum, getpid());
184
185 /* FIXME: This is really bad form, as we should kill the whole process
186 * tree, but currently that is too much work and not worth the
187 * effort. Thus we only kill the calling process and our child
188 * for now.
189 */
190 if (siginfo->si_pid > 0)
191 kill(siginfo->si_pid, SIGKILL);
192 kill(child_pid, SIGKILL);
193 } else {
194 fprintf(stderr,
195 "sandbox: Signal already caught and busy still cleaning up!\n");
196 }
197 }
198
199 char *sandbox_subst_env_vars(dyn_buf_t *env_data)
200 {
201 dyn_buf_t *new_data = NULL;
202 char *tmp_ptr, *tmp_data = NULL;
203 char *var_start, *var_stop;
204
205 new_data = new_dyn_buf();
206 if (NULL == new_data)
207 return NULL;
208
209 tmp_data = read_line_dyn_buf(env_data);
210 if (NULL == tmp_data)
211 goto error;
212 tmp_ptr = tmp_data;
213
214 while (NULL != (var_start = strchr(tmp_ptr, '$'))) {
215 char *env = NULL;
216
217 var_stop = strchr(var_start, '}');
218
219 /* We only support ${} style env var names, so just skip any
220 * '$' that do not follow this syntax */
221 if (('{' != var_start[1]) || (NULL == var_stop)) {
222 tmp_ptr = var_start + 1;
223 continue;
224 }
225
226 /* Terminate part before env string so that we can copy it */
227 var_start[0] = '\0';
228 /* Move var_start past '${' */
229 var_start += 2;
230 /* Terminate the name of the env var */
231 var_stop[0] = '\0';
232
233 if (strlen(var_start) > 0)
234 env = getenv(var_start);
235 if (-1 == sprintf_dyn_buf(new_data, "%s%s",
236 tmp_ptr ? tmp_ptr : "",
237 env ? env : ""))
238 goto error;
239
240 /* Move tmp_ptr past the '}' of the env var */
241 tmp_ptr = var_stop + 1;
242 }
243
244 if (0 != strlen(tmp_ptr))
245 if (-1 == write_dyn_buf(new_data, tmp_ptr, strlen(tmp_ptr)))
246 goto error;
247
248 free(tmp_data);
249
250 tmp_data = read_line_dyn_buf(new_data);
251 if (NULL == tmp_data)
252 goto error;
253
254 free_dyn_buf(new_data);
255
256 return tmp_data;
257
258 error:
259 if (NULL != new_data)
260 free_dyn_buf(new_data);
261 if (NULL != tmp_data)
262 free(tmp_data);
263
264 return NULL;
265 }
266
267 void sandbox_set_env_var(const char *env_var)
268 {
269 char *config;
270
271 /* We check if the variable is set in the environment, and if not, we
272 * get it from sandbox.conf, and if they exist, we just add them to the
273 * environment if not already present. */
274 config = rc_get_cnf_entry(SANDBOX_CONF_FILE, env_var, NULL);
275 if (NULL != config) {
276 setenv(ENV_SANDBOX_VERBOSE, config, 0);
277 free(config);
278 }
279 }
280
281 int sandbox_set_env_access_var(const char *access_var)
282 {
283 dyn_buf_t *env_data = NULL;
284 int count = 0;
285 char *config = NULL;
286 char **confd_files = NULL;
287 bool use_confd = TRUE;
288
289 env_data = new_dyn_buf();
290 if (NULL == env_data)
291 return -1;
292
293 /* Now get the defaults for the access variable from sandbox.conf.
294 * These do not get overridden via the environment. */
295 config = rc_get_cnf_entry(SANDBOX_CONF_FILE, access_var, ":");
296 if (NULL != config) {
297 if (-1 == write_dyn_buf(env_data, config, strlen(config)))
298 goto error;
299 free(config);
300 config = NULL;
301 }
302 /* Append whatever might be already set. If anything is set, we do
303 * not process the sandbox.d/ files for this variable. */
304 if (NULL != getenv(access_var)) {
305 use_confd = FALSE;
306 if (-1 == sprintf_dyn_buf(env_data, env_data->wr_index ? ":%s" : "%s",
307 getenv(access_var)))
308 goto error;
309 }
310
311 if (!use_confd)
312 goto done;
313
314 /* Now scan the files in sandbox.d/ if the access variable was not
315 * alreay set. */
316 confd_files = rc_ls_dir(SANDBOX_CONFD_DIR, FALSE, TRUE);
317 if (NULL != confd_files) {
318 while (NULL != confd_files[count]) {
319 config = rc_get_cnf_entry(confd_files[count], access_var, ":");
320 if (NULL != config) {
321 if (-1 == sprintf_dyn_buf(env_data,
322 env_data->wr_index ? ":%s" : "%s",
323 config))
324 goto error;
325 free(config);
326 config = NULL;
327 }
328 count++;
329 }
330
331 str_list_free(confd_files);
332 }
333
334 done:
335 if (env_data->wr_index > 0) {
336 char *subst;
337
338 subst = sandbox_subst_env_vars(env_data);
339 if (NULL == subst)
340 goto error;
341
342 setenv(access_var, subst, 1);
343 free(subst);
344 }
345
346 free_dyn_buf(env_data);
347
348 return 0;
349
350 error:
351 if (NULL != env_data)
352 free_dyn_buf(env_data);
353 if (NULL != config)
354 free(config);
355 if (NULL != confd_files)
356 str_list_free(confd_files);
357
358 return -1;
359 }
360
361 int sandbox_setup_env_config(struct sandbox_info_t *sandbox_info)
362 {
363 sandbox_set_env_var(ENV_SANDBOX_VERBOSE);
364 sandbox_set_env_var(ENV_SANDBOX_DEBUG);
365 sandbox_set_env_var(ENV_SANDBOX_BEEP);
366 sandbox_set_env_var(ENV_NOCOLOR);
367
368 if (-1 == sandbox_set_env_access_var(ENV_SANDBOX_DENY))
369 return -1;
370 if (NULL == getenv(ENV_SANDBOX_DENY))
371 setenv(ENV_SANDBOX_DENY, LD_PRELOAD_FILE, 1);
372
373 if (-1 == sandbox_set_env_access_var(ENV_SANDBOX_READ))
374 return -1;
375 if (NULL == getenv(ENV_SANDBOX_READ))
376 setenv(ENV_SANDBOX_READ, "/", 1);
377
378 if (-1 == sandbox_set_env_access_var(ENV_SANDBOX_WRITE))
379 return -1;
380 if ((NULL == getenv(ENV_SANDBOX_WRITE)) &&
381 (NULL != sandbox_info->work_dir))
382 setenv(ENV_SANDBOX_WRITE, sandbox_info->work_dir, 1);
383
384 if (-1 == sandbox_set_env_access_var(ENV_SANDBOX_PREDICT))
385 return -1;
386 if ((NULL == getenv(ENV_SANDBOX_PREDICT)) &&
387 (NULL != sandbox_info->home_dir))
388 setenv(ENV_SANDBOX_PREDICT, sandbox_info->home_dir, 1);
389
390 return 0;
391 }
392
393 int sandbox_setenv(char ***envp, const char *name, const char *val) {
394 char *tmp_string = NULL;
395
396 /* strlen(name) + strlen(val) + '=' + '\0' */
397 tmp_string = xmalloc((strlen(name) + strlen(val) + 2) * sizeof(char));
398 if (NULL == tmp_string)
399 goto error;
400
401 snprintf(tmp_string, strlen(name) + strlen(val) + 2,
402 "%s=%s", name, val);
403
404 str_list_add_item((*envp), tmp_string, error);
405
406 return 0;
407
408 error:
409 perror("sandbox: Out of memory (sandbox_setenv)");
410 exit(EXIT_FAILURE);
411 }
412
413 /* We setup the environment child side only to prevent issues with
414 * setting LD_PRELOAD parent side */
415 char **sandbox_setup_environ(struct sandbox_info_t *sandbox_info, bool interactive)
416 {
417 int have_ld_preload = 0;
418
419 char **new_environ = NULL;
420 char **env_ptr;
421 char *ld_preload_envvar = NULL;
422 char *orig_ld_preload_envvar = NULL;
423 char sb_pid[64];
424
425 if (-1 == sandbox_setup_env_config(sandbox_info))
426 return NULL;
427
428 /* Unset these, as its easier than replacing when setting up our
429 * new environment below */
430 unsetenv(ENV_SANDBOX_ON);
431 unsetenv(ENV_SANDBOX_PID);
432 unsetenv(ENV_SANDBOX_LIB);
433 unsetenv(ENV_SANDBOX_BASHRC);
434 unsetenv(ENV_SANDBOX_LOG);
435 unsetenv(ENV_SANDBOX_DEBUG_LOG);
436 unsetenv(ENV_SANDBOX_WORKDIR);
437 unsetenv(ENV_SANDBOX_ACTIVE);
438 unsetenv(ENV_SANDBOX_INTRACTV);
439 unsetenv(ENV_BASH_ENV);
440
441 if (NULL != getenv(ENV_LD_PRELOAD)) {
442 have_ld_preload = 1;
443 orig_ld_preload_envvar = getenv(ENV_LD_PRELOAD);
444
445 ld_preload_envvar = xcalloc(strlen(orig_ld_preload_envvar) +
446 strlen(sandbox_info->sandbox_lib) + 2,
447 sizeof(char));
448 if (NULL == ld_preload_envvar)
449 return NULL;
450 snprintf(ld_preload_envvar, strlen(orig_ld_preload_envvar) +
451 strlen(sandbox_info->sandbox_lib) + 2, "%s %s",
452 sandbox_info->sandbox_lib, orig_ld_preload_envvar);
453 } else {
454 ld_preload_envvar = rc_strndup(sandbox_info->sandbox_lib,
455 strlen(sandbox_info->sandbox_lib));
456 if (NULL == ld_preload_envvar)
457 return NULL;
458 }
459 /* Do not unset this, as strange things might happen */
460 /* unsetenv(ENV_LD_PRELOAD); */
461
462 snprintf(sb_pid, sizeof(sb_pid), "%i", getpid());
463
464 /* First add our new variables to the beginning - this is due to some
465 * weirdness that I cannot remember */
466 sandbox_setenv(&new_environ, ENV_SANDBOX_ON, "1");
467 sandbox_setenv(&new_environ, ENV_SANDBOX_PID, sb_pid);
468 sandbox_setenv(&new_environ, ENV_SANDBOX_LIB, sandbox_info->sandbox_lib);
469 sandbox_setenv(&new_environ, ENV_SANDBOX_BASHRC, sandbox_info->sandbox_rc);
470 sandbox_setenv(&new_environ, ENV_SANDBOX_LOG, sandbox_info->sandbox_log);
471 sandbox_setenv(&new_environ, ENV_SANDBOX_DEBUG_LOG,
472 sandbox_info->sandbox_debug_log);
473 /* Is this an interactive session? */
474 if (interactive)
475 sandbox_setenv(&new_environ, ENV_SANDBOX_INTRACTV, "1");
476 /* Just set the these if not already set so that is_env_on() work */
477 if (!getenv(ENV_SANDBOX_VERBOSE))
478 sandbox_setenv(&new_environ, ENV_SANDBOX_VERBOSE, "1");
479 if (!getenv(ENV_SANDBOX_DEBUG))
480 sandbox_setenv(&new_environ, ENV_SANDBOX_DEBUG, "0");
481 if (!getenv(ENV_NOCOLOR))
482 sandbox_setenv(&new_environ, ENV_NOCOLOR, "no");
483 /* If LD_PRELOAD was not set, set it here, else do it below */
484 if (1 != have_ld_preload)
485 sandbox_setenv(&new_environ, ENV_LD_PRELOAD, ld_preload_envvar);
486
487 /* Make sure our bashrc gets preference */
488 sandbox_setenv(&new_environ, ENV_BASH_ENV, sandbox_info->sandbox_rc);
489
490 /* This one should NEVER be set in ebuilds, as it is the one
491 * private thing libsandbox.so use to test if the sandbox
492 * should be active for this pid, or not.
493 *
494 * azarah (3 Aug 2002)
495 */
496
497 sandbox_setenv(&new_environ, ENV_SANDBOX_ACTIVE, SANDBOX_ACTIVE);
498
499 /* Now add the rest */
500 env_ptr = environ;
501 while (NULL != *env_ptr) {
502 if ((1 == have_ld_preload) &&
503 (strstr(*env_ptr, LD_PRELOAD_EQ) == *env_ptr))
504 /* If LD_PRELOAD was set, and this is it in the original
505 * environment, replace it with our new copy */
506 /* XXX: The following works as it just add whatever as
507 * the last variable to nev_environ */
508 sandbox_setenv(&new_environ, ENV_LD_PRELOAD,
509 ld_preload_envvar);
510 else
511 str_list_add_item_copy(new_environ, (*env_ptr), error);
512
513 env_ptr++;
514 }
515
516 if (NULL != ld_preload_envvar)
517 free(ld_preload_envvar);
518
519 return new_environ;
520
521 error:
522 if (NULL != new_environ)
523 str_list_free(new_environ);
524 if (NULL != ld_preload_envvar)
525 free(ld_preload_envvar);
526
527 return NULL;
528 }
529
530 int spawn_shell(char *argv_bash[], char *env[], int debug)
531 {
532 int status = 0;
533 int ret = 0;
534
535 child_pid = fork();
536
537 /* Child's process */
538 if (0 == child_pid) {
539 execve(argv_bash[0], argv_bash, env);
540 _exit(EXIT_FAILURE);
541 } else if (child_pid < 0) {
542 if (debug)
543 fprintf(stderr, "Process failed to spawn!\n");
544 return 0;
545 }
546 ret = waitpid(child_pid, &status, 0);
547 if ((-1 == ret) || (status > 0)) {
548 if (debug)
549 fprintf(stderr, "Process returned with failed exit status!\n");
550 return 0;
551 }
552
553 return 1;
554 }
555
556 int main(int argc, char **argv)
557 {
558 struct sigaction act_new;
559
560 int success = 1;
561 int sandbox_log_presence = 0;
562
563 struct sandbox_info_t sandbox_info;
564
565 char **sandbox_environ;
566 char **argv_bash = NULL;
567
568 char *run_str = "-c";
569
570 rc_log_domain(log_domain);
571
572 /* Only print info if called with no arguments .... */
573 if (argc < 2)
574 print_debug = 1;
575
576 if (print_debug)
577 printf("========================== Gentoo linux path sandbox ===========================\n");
578
579 /* check if a sandbox is already running */
580 if (NULL != getenv(ENV_SANDBOX_ACTIVE)) {
581 fprintf(stderr, "Not launching a new sandbox instance\n");
582 fprintf(stderr, "Another one is already running in this process hierarchy.\n");
583 exit(EXIT_FAILURE);
584 }
585
586 /* determine the location of all the sandbox support files */
587 if (print_debug)
588 printf("Detection of the support files.\n");
589
590 if (-1 == sandbox_setup(&sandbox_info, print_debug)) {
591 fprintf(stderr, "sandbox: Failed to setup sandbox.");
592 exit(EXIT_FAILURE);
593 }
594
595 /* verify the existance of required files */
596 if (print_debug)
597 printf("Verification of the required files.\n");
598
599 #ifndef SB_HAVE_MULTILIB
600 if (!rc_file_exists(sandbox_info.sandbox_lib)) {
601 perror("sandbox: Could not open the sandbox library");
602 exit(EXIT_FAILURE);
603 }
604 #endif
605 if (!rc_file_exists(sandbox_info.sandbox_rc)) {
606 perror("sandbox: Could not open the sandbox rc file");
607 exit(EXIT_FAILURE);
608 }
609
610 /* set up the required environment variables */
611 if (print_debug)
612 printf("Setting up the required environment variables.\n");
613
614 /* If not in portage, cd into it work directory */
615 if ('\0' != sandbox_info.work_dir[0])
616 chdir(sandbox_info.work_dir);
617
618 /* Setup bash argv */
619 str_list_add_item_copy(argv_bash, "/bin/bash", oom_error);
620 str_list_add_item_copy(argv_bash, "-rcfile", oom_error);
621 str_list_add_item_copy(argv_bash, sandbox_info.sandbox_rc, oom_error);
622 if (argc >= 2) {
623 int i;
624
625 str_list_add_item_copy(argv_bash, run_str, oom_error);
626 str_list_add_item_copy(argv_bash, argv[1], oom_error);
627 for (i = 2; i < argc; i++) {
628 char *tmp_ptr;
629
630 tmp_ptr = xrealloc(argv_bash[4],
631 (strlen(argv_bash[4]) +
632 strlen(argv[i]) + 2) *
633 sizeof(char));
634 if (NULL == tmp_ptr)
635 goto oom_error;
636
637 snprintf(argv_bash[4] + strlen(argv_bash[4]),
638 strlen(argv[i]) + 2, " %s",
639 argv[i]);
640 }
641 }
642
643 /* Setup the child environment stuff */
644 sandbox_environ = sandbox_setup_environ(&sandbox_info, print_debug);
645 if (NULL == sandbox_environ)
646 goto oom_error;
647
648 /* set up the required signal handlers */
649 signal(SIGHUP, &stop);
650 signal(SIGINT, &stop);
651 signal(SIGQUIT, &stop);
652 signal(SIGTERM, &stop);
653 act_new.sa_sigaction = usr1_handler;
654 sigemptyset (&act_new.sa_mask);
655 act_new.sa_flags = SA_SIGINFO | SA_RESTART;
656 sigaction (SIGUSR1, &act_new, NULL);
657
658 /* STARTING PROTECTED ENVIRONMENT */
659 if (print_debug) {
660 printf("The protected environment has been started.\n");
661 printf("--------------------------------------------------------------------------------\n");
662 }
663
664 if (print_debug)
665 printf("Process being started in forked instance.\n");
666
667 /* Start Bash */
668 if (!spawn_shell(argv_bash, sandbox_environ, print_debug))
669 success = 0;
670
671 /* Free bash and envp stuff */
672 str_list_free(argv_bash);
673 str_list_free(sandbox_environ);
674
675 if (print_debug)
676 printf("Cleaning up sandbox process\n");
677
678 if (print_debug) {
679 printf("========================== Gentoo linux path sandbox ===========================\n");
680 printf("The protected environment has been shut down.\n");
681 }
682
683 if (rc_file_exists(sandbox_info.sandbox_log)) {
684 sandbox_log_presence = 1;
685 print_sandbox_log(sandbox_info.sandbox_log);
686 } else if (print_debug) {
687 printf("--------------------------------------------------------------------------------\n");
688 }
689
690 if ((sandbox_log_presence) || (!success))
691 return 1;
692 else
693 return 0;
694
695 oom_error:
696 if (NULL != argv_bash)
697 str_list_free(argv_bash);
698
699 perror("sandbox: Out of memory (environ)");
700 exit(EXIT_FAILURE);
701 }
702
703 // vim:noexpandtab noai:cindent ai

Properties

Name Value
svn:eol-style native
svn:keywords Author Date Id Revision

  ViewVC Help
Powered by ViewVC 1.1.20