diff --git a/sandboxed_api/sandbox2/examples/tool/BUILD.bazel b/sandboxed_api/sandbox2/examples/tool/BUILD.bazel index 6b3c940..22bbb95 100644 --- a/sandboxed_api/sandbox2/examples/tool/BUILD.bazel +++ b/sandboxed_api/sandbox2/examples/tool/BUILD.bazel @@ -36,6 +36,7 @@ cc_binary( "//sandboxed_api/util:fileops", "@com_google_absl//absl/flags:flag", "@com_google_absl//absl/flags:parse", + "@com_google_absl//absl/flags:usage", "@com_google_absl//absl/log", "@com_google_absl//absl/log:globals", "@com_google_absl//absl/log:initialize", diff --git a/sandboxed_api/sandbox2/examples/tool/CMakeLists.txt b/sandboxed_api/sandbox2/examples/tool/CMakeLists.txt index d4f42bf..0c86daf 100644 --- a/sandboxed_api/sandbox2/examples/tool/CMakeLists.txt +++ b/sandboxed_api/sandbox2/examples/tool/CMakeLists.txt @@ -21,6 +21,7 @@ add_executable(sandbox2::sandbox2tool ALIAS sandbox2_sandbox2tool) target_link_libraries(sandbox2_sandbox2tool PRIVATE absl::flags absl::flags_parse + absl::flags_usage absl::log absl::log_globals absl::log_initialize diff --git a/sandboxed_api/sandbox2/examples/tool/sandbox2tool.cc b/sandboxed_api/sandbox2/examples/tool/sandbox2tool.cc index ac9208f..63459ce 100644 --- a/sandboxed_api/sandbox2/examples/tool/sandbox2tool.cc +++ b/sandboxed_api/sandbox2/examples/tool/sandbox2tool.cc @@ -36,6 +36,7 @@ #include "absl/flags/flag.h" #include "absl/flags/parse.h" +#include "absl/flags/usage.h" #include "absl/log/globals.h" #include "absl/log/initialize.h" #include "absl/log/log.h" @@ -105,25 +106,33 @@ void OutputFD(int fd) { } // namespace int main(int argc, char* argv[]) { + const std::string program_name = sapi::file_util::fileops::Basename(argv[0]); + absl::SetProgramUsageMessage( + absl::StrFormat("A sandbox testing tool.\n" + "Usage: %1$s [OPTION] -- CMD [ARGS]...", + program_name)); + + std::vector args; + { + const std::vector parsed_argv = absl::ParseCommandLine(argc, argv); + args.assign(parsed_argv.begin() + 1, parsed_argv.end()); + } absl::SetStderrThreshold(absl::LogSeverityAtLeast::kInfo); - absl::ParseCommandLine(argc, argv); absl::InitializeLog(); - if (argc < 2) { - absl::FPrintF(stderr, "Usage: %s [flags] -- cmd args...", argv[0]); + if (args.empty()) { + absl::FPrintF(stderr, "Missing command to execute\n"); return EXIT_FAILURE; } - // Pass everything after '--' to the sandbox. - std::vector args = - sandbox2::util::CharPtrArray(&argv[1]).ToStringVector(); + const std::string& sandboxee = args[0]; // Pass the current environ pointer, depending on the flag. std::vector envp; if (absl::GetFlag(FLAGS_sandbox2tool_keep_env)) { envp = sandbox2::util::CharPtrArray(environ).ToStringVector(); } - auto executor = std::make_unique(argv[1], args, envp); + auto executor = std::make_unique(sandboxee, args, envp); sapi::file_util::fileops::FDCloser recv_fd1; if (absl::GetFlag(FLAGS_sandbox2tool_redirect_fd1)) { @@ -184,7 +193,7 @@ int main(int argc, char* argv[]) { } if (absl::GetFlag(FLAGS_sandbox2tool_resolve_and_add_libraries)) { - builder.AddLibrariesForBinary(argv[1]); + builder.AddLibrariesForBinary(sandboxee); } auto policy = builder.BuildOrDie(); diff --git a/sandboxed_api/sandbox2/examples/tool/sandbox2tool_test.sh b/sandboxed_api/sandbox2/examples/tool/sandbox2tool_test.sh index fe85987..7f64e12 100755 --- a/sandboxed_api/sandbox2/examples/tool/sandbox2tool_test.sh +++ b/sandboxed_api/sandbox2/examples/tool/sandbox2tool_test.sh @@ -23,7 +23,10 @@ die() { BIN=$TEST_SRCDIR/com_google_sandboxed_api/sandboxed_api/sandbox2/examples/tool/sandbox2tool -out=$("$BIN" -sandbox2tool_resolve_and_add_libraries -sandbox2tool_walltime_timeout=1 /bin/sleep 60 2>&1) +out=$("$BIN" \ + --sandbox2tool_resolve_and_add_libraries \ + --sandbox2tool_walltime_timeout=1 \ + -- /bin/sleep 60 2>&1) result=$? if [[ $result -ne 2 ]]; then echo "$out" >&2 @@ -59,7 +62,7 @@ fi out=$("$BIN" \ --sandbox2tool_resolve_and_add_libraries \ --sandbox2tool_additional_bind_mounts '/etc,/proc' \ - -sandbox2tool_mount_tmp \ + --sandbox2tool_mount_tmp \ -- /bin/ls /proc/1/fd/ 2>&1) result=$? if [[ $result -ne 0 ]]; then