playground

Sandbox, container or whatever utilities for linux.
git clone https://pi.duncano.de/git/playground.git
Log | Files | Refs | README

commit b9873e61e9d213e2e920e2454ada32ddaead0011
parent f7f442031735b860d8bdc98735c4294bf0a59acd
Author: Duncaen <mail@duncano.de>
Date:   Sun, 19 Feb 2017 07:44:02 +0100

pledge: add debug and verbose flags

Diffstat:
pledge.1 | 23+++++++++++++++++++----
pledge.c | 39++++++++++++++++++---------------------
2 files changed, 37 insertions(+), 25 deletions(-)

diff --git a/pledge.1 b/pledge.1 @@ -1,4 +1,4 @@ -.Dd July 22, 2017 +.Dd February 19, 2017 .Dt PLEDGE 1 .Os .Sh NAME @@ -6,9 +6,10 @@ .Nd execute commands with restricted syscalls .Sh SYNOPSIS .Nm +.Op Fl dv .Op Fl p Ar promises .Ar command -.Op Ar args\ ... +.Op Ar args .Sh DESCRIPTION The .Nm @@ -24,15 +25,29 @@ by a .Dv SIGSYS signal. .Pp +The +.Ar exec +and +.Ar stdio +.Ar promises +are enabled by default. +.Pp The options are as follows: .Bl -tag -width Ds +.It Fl d +Debug mode, uses +.Dv SECCOMP_RET_TRAP +instead of +.Dv SECCOMP_RET_KILL +on promise violations, see +.Xr seccomp 2 . .It Fl p Ar promises A space separated list of promises. See .Sx PROMISES for a complete list of available promises. -Default: -.Sq Li "exec stdio" . +.It Fl v +Verbose mode. .El .Sh PROMISES See diff --git a/pledge.c b/pledge.c @@ -11,6 +11,7 @@ #include "pledge.h" static char *argv0; +static char promises[256] = "exec stdio"; static void usage() @@ -19,37 +20,33 @@ usage() exit(1); } +static void +addpromises(char *s) +{ + size_t len, pos; + pos = strlen(promises); + if (pos) + promises[pos++] = ' '; + len = strlen(s); + if (pos+len >= sizeof promises - 1) + errx(1, "promises: too long"); + memcpy(promises+pos, s, len); +} + int main(int argc, char *argv[]) { - char promises[128]; - char *p, *n; - ssize_t len; int c; - - len = sizeof promises - 1; argv0 = *argv; - - memset(promises, 0, sizeof promises); - strcpy(promises, "exec stdio"); - p = promises+strlen(promises); - - while((c = getopt(argc, argv, "+p:")) != -1) + while((c = getopt(argc, argv, "+dp:v")) != -1) switch (c) { - case 'p': - n = p+strlen(optarg)+1; - if (n-promises >= len) - errx(1, "promises: too long"); - *p++ = ' '; - memcpy(p, optarg, n-p); - p = n; - break; + case 'd': addpromises("debug"); break; + case 'p': addpromises(optarg); break; + case 'v': addpromises("verbose"); break; default: usage(); } - argc -= optind; argv += optind; - if (!argc) usage();