fix and document firemon --nowrap

netblue30 · Mar 4, 2017 · d9c217d · d9c217d
1 parent 791aa95
commit d9c217d
Show file tree

Hide file tree

Showing 15 changed files with 31 additions and 36 deletions.
diff --git a/src/firemon/arp.c b/src/firemon/arp.c
@@ -80,7 +80,7 @@ void arp(pid_t pid, int print_procs) {
  for (i = 0; i < max_pids; i++) {
  if (pids[i].level == 1) {
  if (print_procs || pid == 0)
- pid_print_list(i, 0);
+ pid_print_list(i, arg_nowrap);
  int child = find_child(i);
  if (child != -1) {
  char *fname;

diff --git a/src/firemon/caps.c b/src/firemon/caps.c
@@ -38,9 +38,7 @@ static void print_caps(int pid) {
  if (strncmp(buf, "CapBnd:", 7) == 0) {
  printf(" %s", buf);
  fflush(0);
- free(file);
- fclose(fp);
- return;
+ break;
  }
  }
  fclose(fp);
@@ -55,7 +53,7 @@ void caps(pid_t pid, int print_procs) {
  for (i = 0; i < max_pids; i++) {
  if (pids[i].level == 1) {
  if (print_procs || pid == 0)
- pid_print_list(i, 0);
+ pid_print_list(i, arg_nowrap);
  int child = find_child(i);
  if (child != -1)
  print_caps(child);

diff --git a/src/firemon/cgroup.c b/src/firemon/cgroup.c
@@ -52,7 +52,7 @@ void cgroup(pid_t pid, int print_procs) {
  for (i = 0; i < max_pids; i++) {
  if (pids[i].level == 1) {
  if (print_procs || pid == 0)
- pid_print_list(i, 0);
+ pid_print_list(i, arg_nowrap);
  int child = find_child(i);
  if (child != -1)
  print_cgroup(child);

diff --git a/src/firemon/cpu.c b/src/firemon/cpu.c
@@ -39,9 +39,7 @@ static void print_cpu(int pid) {
  if (strncmp(buf, "Cpus_allowed_list:", 18) == 0) {
  printf(" %s", buf);
  fflush(0);
- free(file);
- fclose(fp);
- return;
+ break;
  }
  }
  fclose(fp);
@@ -56,7 +54,7 @@ void cpu(pid_t pid, int print_procs) {
  for (i = 0; i < max_pids; i++) {
  if (pids[i].level == 1) {
  if (print_procs || pid == 0)
- pid_print_list(i, 0);
+ pid_print_list(i, arg_nowrap);
  int child = find_child(i);
  if (child != -1)
  print_cpu(child);

diff --git a/src/firemon/interface.c b/src/firemon/interface.c
@@ -163,7 +163,7 @@ void interface(pid_t pid, int print_procs) {
  for (i = 0; i < max_pids; i++) {
  if (pids[i].level == 1) {
  if (print_procs || pid == 0)
- pid_print_list(i, 0);
+ pid_print_list(i, arg_nowrap);
  int child = find_child(i);
  if (child != -1) {
  print_sandbox(child);

diff --git a/src/firemon/list.c b/src/firemon/list.c
@@ -26,7 +26,7 @@ void list(void) {
  int i;
  for (i = 0; i < max_pids; i++) {
  if (pids[i].level == 1)
- pid_print_list(i, 0);
+ pid_print_list(i, arg_nowrap);
  }
 }
 
diff --git a/src/firemon/procevent.c b/src/firemon/procevent.c
@@ -150,21 +150,17 @@ printf("start=#%s#, ptr=#%s#, flip rv %d\n", start, ptr, rv);
 static int procevent_netlink_setup(void) {
  // open socket for process event connector
  int sock;
- if ((sock = socket(PF_NETLINK, SOCK_DGRAM, NETLINK_CONNECTOR)) < 0) {
- fprintf(stderr, "Error: cannot open netlink socket\n");
- exit(1);
- }
+ if ((sock = socket(PF_NETLINK, SOCK_DGRAM, NETLINK_CONNECTOR)) < 0)
+ goto errexit;
 
  // bind socket
  struct sockaddr_nl addr;
  memset(&addr, 0, sizeof(addr));
  addr.nl_pid = getpid();
  addr.nl_family = AF_NETLINK;
  addr.nl_groups = CN_IDX_PROC;
- if (bind(sock, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
- fprintf(stderr, "Error: cannot bind to netlink socket\n");
- exit(1);
- }
+ if (bind(sock, (struct sockaddr *)&addr, sizeof(addr)) < 0)
+ goto errexit;
 
  // send monitoring message
  struct nlmsghdr nlmsghdr;
@@ -189,12 +185,13 @@ static int procevent_netlink_setup(void) {
  iov[2].iov_base = &op;
  iov[2].iov_len = sizeof(op);
 
- if (writev(sock, iov, 3) == -1) {
- fprintf(stderr, "Error: cannot write to netlink socket\n");
- exit(1);
- }
+ if (writev(sock, iov, 3) == -1)
+ goto errexit;
 
  return sock;
+errexit:
+ fprintf(stderr, "Error: netlink socket problem\n");
+ exit(1);
 }
 
 

diff --git a/src/firemon/route.c b/src/firemon/route.c
@@ -189,7 +189,7 @@ void route(pid_t pid, int print_procs) {
  for (i = 0; i < max_pids; i++) {
  if (pids[i].level == 1) {
  if (print_procs || pid == 0)
- pid_print_list(i, 0);
+ pid_print_list(i, arg_nowrap);
  int child = find_child(i);
  if (child != -1) {
  char *fname;

diff --git a/src/firemon/seccomp.c b/src/firemon/seccomp.c
@@ -37,9 +37,7 @@ static void print_seccomp(int pid) {
  if (strncmp(buf, "Seccomp:", 8) == 0) {
  printf(" %s", buf);
  fflush(0);
- fclose(fp);
- free(file);
- return;
+ break;
  }
  }
  fclose(fp);
@@ -54,7 +52,7 @@ void seccomp(pid_t pid, int print_procs) {
  for (i = 0; i < max_pids; i++) {
  if (pids[i].level == 1) {
  if (print_procs || pid == 0)
- pid_print_list(i, 0);
+ pid_print_list(i, arg_nowrap);
  int child = find_child(i);
  if (child != -1)
  print_seccomp(child);

diff --git a/src/firemon/usage.c b/src/firemon/usage.c
@@ -37,6 +37,7 @@ void usage(void) {
  printf("\t--name=name - print information only about named sandbox.\n\n");
  printf("\t--netstats - monitor network statistics for sandboxes creating a new\n");
  printf("\t\tnetwork namespace.\n\n");
+ printf("\t--nowrap - enable line wrapping in terminals.\n\n");
  printf("\t--route - print route table for each sandbox.\n\n");
  printf("\t--seccomp - print seccomp configuration for each sandbox.\n\n");
  printf("\t--tree - print a tree of all sandboxed processes.\n\n");

diff --git a/src/firemon/x11.c b/src/firemon/x11.c
@@ -30,7 +30,7 @@ void x11(pid_t pid, int print_procs) {
  for (i = 0; i < max_pids; i++) {
  if (pids[i].level == 1) {
  if (print_procs || pid == 0)
- pid_print_list(i, 0);
+ pid_print_list(i, arg_nowrap);
 
  char *x11file;
  // todo: use macro from src/firejail/firejail.h for /run/firejail/x11 directory

diff --git a/src/man/firemon.txt b/src/man/firemon.txt
@@ -37,6 +37,9 @@ Print information only about named sandbox.
 \fB\-\-netstats
 Monitor network statistics for sandboxes creating a new network namespace.
 .TP
+\fB\-\-nowrap
+Enable line wrapping in terminals. By default the lines are trimmed.
+.TP
 \fB\-\-route
 Print route table for each sandbox.
 .TP

diff --git a/test/apps-x11-xorg/firefox.exp b/test/apps-x11-xorg/firefox.exp
@@ -41,7 +41,7 @@ expect {
 sleep 2
 
 spawn $env(SHELL)
-send -- "firemon --seccomp\r"
+send -- "firemon --seccomp --nowrap\r"
 expect {
  timeout {puts "TESTING ERROR 5\n";exit}
  "need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
@@ -61,7 +61,7 @@ expect {
  "name=blablabla"
 }
 sleep 1
-send -- "firemon --caps\r"
+send -- "firemon --caps --nowrap\r"
 expect {
  timeout {puts "TESTING ERROR 6\n";exit}
  " firefox" {puts "firefox detected\n";}

diff --git a/test/apps-x11-xorg/icedove.exp b/test/apps-x11-xorg/icedove.exp
@@ -38,7 +38,7 @@ expect {
 sleep 2
 
 spawn $env(SHELL)
-send -- "firemon --seccomp\r"
+send -- "firemon --seccomp --nowrap\r"
 expect {
  timeout {puts "TESTING ERROR 5\n";exit}
  "need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
@@ -57,7 +57,7 @@ expect {
  "name=blablabla"
 }
 sleep 2
-send -- "firemon --caps\r"
+send -- "firemon --caps --nowrap\r"
 expect {
  timeout {puts "TESTING ERROR 6\n";exit}
  ":firejail"

diff --git a/test/apps-x11-xorg/transmission-gtk.exp b/test/apps-x11-xorg/transmission-gtk.exp
@@ -38,7 +38,7 @@ expect {
 sleep 2
 
 spawn $env(SHELL)
-send -- "firemon --seccomp\r"
+send -- "firemon --seccomp --nowrap\r"
 expect {
  timeout {puts "TESTING ERROR 5\n";exit}
  "need to be root" {puts "/proc mounted as hidepid, exiting...\n"; exit}
@@ -57,7 +57,7 @@ expect {
  "name=blablabla"
 }
 sleep 1
-send -- "firemon --caps\r"
+send -- "firemon --caps --nowrap\r"
 expect {
  timeout {puts "TESTING ERROR 6\n";exit}
  ":firejail"