github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-22 06:05:38 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions
7892 commits 10 branches 71 tags 33 MiB
Commit graph

2874 commits

Author SHA1 Message Date
netblue30
a63643a5b6 fix: allow tilde (home directory) in --netfilter file name 2021-11-29 17:11:25 -05:00
netblue30
1ad4d8f618 disable shell tab completion for --whitelist and --private commands 2021-11-29 15:42:14 -05:00
smitsohu
6acd0d3d9f
Merge pull request #4632 from kmk3/consider-nosound-novideo-groups 
Consider nosound and novideo when keeping groups & misc refactors
 2021-11-20 15:06:27 +01:00
Kelvin M. Klann
9abb0a89ae
build: Stop linking pthread (#4695) 
Added on commit 137985136 ("Baseline firejail 0.9.28", 2015-08-08).  See
also commit ad6bb83fa ("consolidate makefiles", 2018-03-31).

It is not used anywhere.  And it looks like it has never been used
anywhere:

    $ git log --oneline -Gpthread.h 137985136..master
    $

Issue mentioned by @rusty-snake:
https://github.com/netblue30/firejail/issues/4642#issuecomment-955795463
 2021-11-17 18:24:32 +01:00
Kelvin M. Klann
11f3c39970 zsh-comp: update description of machine-id to match --help 
This amends commit b5de1d0f9 ("Fix inconsistent descriptions of
machine-id option").

Relates to #4689.
 2021-11-15 17:25:16 -03:00
Kelvin M. Klann
b5de1d0f91 Fix inconsistent descriptions of machine-id option 
Some places say that it "preserves" the file and other places say that
it "spoofs" the file.  Based on the fs_machineid function on
src/firejail/fs_etc.c, the latter one is correct.

This amends commit d0cc960c9 ("spoof machine-id", 2016-12-05).

Fixes #4689.

Reported-by: @svc88
 2021-11-15 01:19:32 -03:00
netblue30
1f6767c906 --ids-check/--ids-init documentation 2021-11-13 09:01:18 -05:00
netblue30
02b9b93edb
Merge pull request #4635 from smitsohu/noorphans 
deterministic-shutdown option
 2021-11-13 12:34:29 +00:00
netblue30
92307735bd
Merge pull request #4681 from jmetrius/openstego-profile 
Add OpenStego profile
 2021-11-13 12:19:09 +00:00
netblue30
bd49232be8 telnet and ftp 2021-11-12 16:55:18 -05:00
Jan Sonntag
b645afec54 Add OpenStego profile 2021-11-12 16:14:25 +01:00
netblue30
98b8172946
Merge pull request #4676 from hlein/firejail_envchecks 
Make env/arg sanity check failure messages more useful
 2021-11-11 02:39:41 +00:00
netblue30
3c68903c68
Merge pull request #4652 from kmk3/fix-toctou-easy 
Fix TOCTOU/CodeQL CWE-367 warnings (easy ones + fs.c)
 2021-11-11 02:38:21 +00:00
Hank Leininger
0d06369a80
Make env/arg sanity check failure messages more useful 
This change doesn't alter any checks, but it gives more specific
errors when a sanity check of env vars or argv does not pass, which
can point to limits to raise or at least give us better detailed bug
reports.

Signed-off-by: Hank Leininger <hlein@korelogic.com>
Bug: https://github.com/netblue30/firejail/issues/3678
Bug: https://github.com/netblue30/firejail/issues/3851
Bug: https://github.com/netblue30/firejail/issues/4633
 2021-11-10 15:58:29 -07:00
Hank Leininger
cbbe9ab40f
Relocate firecfg.config to /etc/firejail/ 
This should make it easier for users, and distributions, to customize
which programs they want firejail to wrap. Also fixed some
firecfg.cfg -> firecfg.config references.

Signed-off-by: Hank Leininger <hlein@korelogic.com>
Closes: https://github.com/netblue30/firejail/issues/408
Bug: https://github.com/netblue30/firejail/issues/2097
Bug: https://github.com/netblue30/firejail/issues/2829
Bug: https://github.com/netblue30/firejail/issues/3665
 2021-11-05 23:46:21 -06:00
smitsohu
74de63bde5 improve detection of firejail login shell 2021-11-01 16:41:21 +01:00
Kelvin M. Klann
ddb828be07 fs.c: Fix TOCTOU/CodeQL CWE-367 warning 
Relates to #4503.
 2021-10-30 16:41:26 -03:00
Kelvin M. Klann
908f8ad914 Fix TOCTOU/CodeQL CWE-367 warnings (easy ones) 
This should fix all such warnings on the following files:

* src/fids/main.c
* src/firejail/seccomp.c

Misc: Besides the above reason, these are some of the more
straightforward TOCTOU warning fixes and they are done without any
additional refactor commits, so that's the reason for "easy ones".

List of TOCTOU warnings:
https://github.com/netblue30/firejail/security/code-scanning?query=id%3Acpp%2Ftoctou-race-condition

See https://cwe.mitre.org/data/definitions/367.html

Relates to #4503.
 2021-10-30 16:28:57 -03:00
Kelvin M. Klann
21898db146
Merge pull request #4643 from rusty-snake/profile-checks 
Profile Checks
 2021-10-29 19:15:23 +00:00
smitsohu
0f06da6d5c private-bin fixup (#4646) 
cannot create fslogger file as user,
so raise privs and create it as root
 2021-10-28 15:23:57 +02:00
smitsohu
e1d230828c more cleanup 
possible because selinux_relabel_path
now raises privs itself where necessary
 2021-10-28 15:19:15 +02:00
smitsohu
e20960ab45 deterministic-shutdown option 2021-10-28 13:41:52 +02:00
rusty-snake
ac0f95aabb Sort src/firecfg/firecfg.config 2021-10-27 11:00:43 +02:00
smitsohu
98df98e998 cleanup 2021-10-22 23:41:14 +02:00
smitsohu
ee1d5d7c8c private-bin: switch effective uid 2021-10-22 23:10:07 +02:00
smitsohu
7f0b5ddd88 private-bin: fix #4626, refactor symlink detection 2021-10-22 23:09:35 +02:00
Kelvin M. Klann
ea564eb74a Consider nosound and novideo when keeping groups 
Even when `nogroups` is not used, avoid keeping the audio and video
groups when `nosound` and `novideo` are used, respectively.

Based on @rusty-snake's suggestion:
https://github.com/netblue30/firejail/issues/4603#issuecomment-944046299

Relates to #4603.
 2021-10-22 15:53:34 -03:00
Kelvin M. Klann
615ce15623 util.c: check array size on copy_group_ifcont 
Check if new_groups already is full before trying to add to it.
 2021-10-22 15:53:34 -03:00
Kelvin M. Klann
25f7c7e0b7 util.c: [ref] move group find/copy into new functions 
Move the logic from clean_supplementary_groups into the following new
functions:

* find_group
* copy_group_ifcont

These will be reused later.

Misc: The latter function's signature is based on getgrouplist(2), which
is used on clean_supplementary_groups.
 2021-10-22 15:53:34 -03:00
Kelvin M. Klann
cc0a113e98 main.c: [ref] fix indentation and whitespace around group handling 2021-10-22 15:02:18 -03:00
netblue30
4bb55a3b30
Merge pull request #4600 from crocket/master 
Add profiles for imv, retroarch, and torbrowser
 2021-10-21 11:51:37 +00:00
netblue30
d9403dcdc8 small fix 2021-10-20 20:07:17 -04:00
netblue30
bd15e763ea --noprinter option 2021-10-20 20:05:58 -04:00
smitsohu
316a1cd622 mountinfo: improve readability 
Removes the inconsistency that some blacklisted
paths could be remounted (files specified explicitly)
and some could not. Now all blacklisted paths can
be mounted nosuid, nodev, noexec if users
specify this.
Also fixes the bug that mount id can indeed be 0.

Other than that no functional or algorithmic changes,
only readability improvements.
 2021-10-18 18:09:38 +02:00
smitsohu
aadd5c92cd readability 2021-10-18 17:36:49 +02:00
smitsohu
5e36f33344 cleanup 2021-10-18 17:29:07 +02:00
smitsohu
f7e9fa48ce man pages 2021-10-18 17:28:28 +02:00
crocket
b6c1230e3b Add profiles for imv, retroarch, and torbrowser 
imv, retroarch, and torbrowser are also added to
firecfg.config
 2021-10-17 22:09:24 +09:00
smitsohu
57b9ff0717
Merge pull request #4610 from kmk3/fix-misc-get-group-id 
Fix misc in get_group_id
 2021-10-17 12:06:16 +02:00
smitsohu
7adbe5f717
Merge pull request #4606 from kmk3/rm-limits-h-libtrace 
libtrace.c: use realpath instead of readlink to avoid PATH_MAX
 2021-10-17 12:05:33 +02:00
Kelvin M. Klann
8954cb2a1f libtrace.c: use realpath instead of readlink to avoid PATH_MAX 
PATH_MAX is not guaranteed to be defined and it may be defined to -1.
Avoid depending on it by getting the result directly from realpath.  See
commit 579f856c5 ("firejail.h: add missing linux/limits.h include") /
PR #4583 for details.

Note: This replaces the static char array currently used with a dynamic
one returned from realpath.

Misc: This is a continuation of #4583.
 2021-10-16 17:19:36 -03:00
Kelvin M. Klann
d1cfa2bfd8 util.c: rename "group" arg to "groupname" in get_group_id 
To make things clearer, since there is already a `struct group` in the
same function.
 2021-10-16 17:08:29 -03:00
Kelvin M. Klann
f3001185bb util.c: fix return type of get_group_id 
gr_gid is of type gid_t (not uid_t).  From grp.h(0p) of POSIX.1-2017:

> DESCRIPTION
>
> The <grp.h> header shall declare the group structure, which shall
> include the following members:
>
>    char   *gr_name The name of the group.
>    gid_t   gr_gid  Numerical group ID.
>    char  **gr_mem  Pointer to a null-terminated array of character
>                    pointers to member names.
>
> The <grp.h> header shall define the gid_t and size_t types as
> described in <sys/types.h>.

Note: The callers already store the result in gid_t variables.

First caused by commit dc3564b18 ("fixes", 2016-03-09).
 2021-10-16 17:08:29 -03:00
Kelvin M. Klann
73d7ccc210 util.c: remove tty comment from get_group_id 
This amends commit 40ed53c20 ("nvidia fix", 2016-10-08) and commit
74149d248 ("fixes", 2016-03-20).
 2021-10-16 17:08:29 -03:00
smitsohu
a99dca8464 cgroup: minor refactor, add v2 support, bugfixes 
Adds minimal cgroupv2 support, and fixes
an effective user id assertion in --join
(instead of asserting effective user id
of the user, drop privileges completely
in a child process).
 2021-10-16 12:19:10 +02:00
smitsohu
ec38ea1abb cleanup: move overlayfs code in separate module 2021-10-13 19:44:03 +02:00
netblue30
4937f73ca5
Merge branch 'master' into replace-iwrite-iwuser 2021-10-09 14:02:29 +00:00
netblue30
44c15b67d4
Merge branch 'master' into fix-include-limits-h 2021-10-09 13:16:31 +00:00
netblue30
c57199a32c
Merge pull request #4579 from dm9pZCAq/master 
fix compilation on musl (#4578)
 2021-10-09 13:02:32 +00:00
netblue30
2828b64e21
Merge pull request #4593 from kmk3/revert-allow-deny-fbuilder 
Revert "allow/deny fbuilder"
 2021-10-09 12:53:14 +00:00