mirror of
https://github.com/google/sandboxed-api.git
synced 2024-03-22 13:11:30 +08:00
Fix command-line handling in sandbox2tool
This addresses #164. PiperOrigin-RevId: 483675926 Change-Id: I1461c9bb2c3865d86cd99f9285e51ce20ac460b8
This commit is contained in:
parent
6222ffe04f
commit
c3889ce379
|
@ -36,6 +36,7 @@ cc_binary(
|
||||||
"//sandboxed_api/util:fileops",
|
"//sandboxed_api/util:fileops",
|
||||||
"@com_google_absl//absl/flags:flag",
|
"@com_google_absl//absl/flags:flag",
|
||||||
"@com_google_absl//absl/flags:parse",
|
"@com_google_absl//absl/flags:parse",
|
||||||
|
"@com_google_absl//absl/flags:usage",
|
||||||
"@com_google_absl//absl/log",
|
"@com_google_absl//absl/log",
|
||||||
"@com_google_absl//absl/log:globals",
|
"@com_google_absl//absl/log:globals",
|
||||||
"@com_google_absl//absl/log:initialize",
|
"@com_google_absl//absl/log:initialize",
|
||||||
|
|
|
@ -21,6 +21,7 @@ add_executable(sandbox2::sandbox2tool ALIAS sandbox2_sandbox2tool)
|
||||||
target_link_libraries(sandbox2_sandbox2tool PRIVATE
|
target_link_libraries(sandbox2_sandbox2tool PRIVATE
|
||||||
absl::flags
|
absl::flags
|
||||||
absl::flags_parse
|
absl::flags_parse
|
||||||
|
absl::flags_usage
|
||||||
absl::log
|
absl::log
|
||||||
absl::log_globals
|
absl::log_globals
|
||||||
absl::log_initialize
|
absl::log_initialize
|
||||||
|
|
|
@ -36,6 +36,7 @@
|
||||||
|
|
||||||
#include "absl/flags/flag.h"
|
#include "absl/flags/flag.h"
|
||||||
#include "absl/flags/parse.h"
|
#include "absl/flags/parse.h"
|
||||||
|
#include "absl/flags/usage.h"
|
||||||
#include "absl/log/globals.h"
|
#include "absl/log/globals.h"
|
||||||
#include "absl/log/initialize.h"
|
#include "absl/log/initialize.h"
|
||||||
#include "absl/log/log.h"
|
#include "absl/log/log.h"
|
||||||
|
@ -105,25 +106,33 @@ void OutputFD(int fd) {
|
||||||
} // namespace
|
} // namespace
|
||||||
|
|
||||||
int main(int argc, char* argv[]) {
|
int main(int argc, char* argv[]) {
|
||||||
|
const std::string program_name = sapi::file_util::fileops::Basename(argv[0]);
|
||||||
|
absl::SetProgramUsageMessage(
|
||||||
|
absl::StrFormat("A sandbox testing tool.\n"
|
||||||
|
"Usage: %1$s [OPTION] -- CMD [ARGS]...",
|
||||||
|
program_name));
|
||||||
|
|
||||||
|
std::vector<std::string> args;
|
||||||
|
{
|
||||||
|
const std::vector<char*> parsed_argv = absl::ParseCommandLine(argc, argv);
|
||||||
|
args.assign(parsed_argv.begin() + 1, parsed_argv.end());
|
||||||
|
}
|
||||||
absl::SetStderrThreshold(absl::LogSeverityAtLeast::kInfo);
|
absl::SetStderrThreshold(absl::LogSeverityAtLeast::kInfo);
|
||||||
absl::ParseCommandLine(argc, argv);
|
|
||||||
absl::InitializeLog();
|
absl::InitializeLog();
|
||||||
|
|
||||||
if (argc < 2) {
|
if (args.empty()) {
|
||||||
absl::FPrintF(stderr, "Usage: %s [flags] -- cmd args...", argv[0]);
|
absl::FPrintF(stderr, "Missing command to execute\n");
|
||||||
return EXIT_FAILURE;
|
return EXIT_FAILURE;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Pass everything after '--' to the sandbox.
|
const std::string& sandboxee = args[0];
|
||||||
std::vector<std::string> args =
|
|
||||||
sandbox2::util::CharPtrArray(&argv[1]).ToStringVector();
|
|
||||||
|
|
||||||
// Pass the current environ pointer, depending on the flag.
|
// Pass the current environ pointer, depending on the flag.
|
||||||
std::vector<std::string> envp;
|
std::vector<std::string> envp;
|
||||||
if (absl::GetFlag(FLAGS_sandbox2tool_keep_env)) {
|
if (absl::GetFlag(FLAGS_sandbox2tool_keep_env)) {
|
||||||
envp = sandbox2::util::CharPtrArray(environ).ToStringVector();
|
envp = sandbox2::util::CharPtrArray(environ).ToStringVector();
|
||||||
}
|
}
|
||||||
auto executor = std::make_unique<sandbox2::Executor>(argv[1], args, envp);
|
auto executor = std::make_unique<sandbox2::Executor>(sandboxee, args, envp);
|
||||||
|
|
||||||
sapi::file_util::fileops::FDCloser recv_fd1;
|
sapi::file_util::fileops::FDCloser recv_fd1;
|
||||||
if (absl::GetFlag(FLAGS_sandbox2tool_redirect_fd1)) {
|
if (absl::GetFlag(FLAGS_sandbox2tool_redirect_fd1)) {
|
||||||
|
@ -184,7 +193,7 @@ int main(int argc, char* argv[]) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if (absl::GetFlag(FLAGS_sandbox2tool_resolve_and_add_libraries)) {
|
if (absl::GetFlag(FLAGS_sandbox2tool_resolve_and_add_libraries)) {
|
||||||
builder.AddLibrariesForBinary(argv[1]);
|
builder.AddLibrariesForBinary(sandboxee);
|
||||||
}
|
}
|
||||||
|
|
||||||
auto policy = builder.BuildOrDie();
|
auto policy = builder.BuildOrDie();
|
||||||
|
|
|
@ -23,7 +23,10 @@ die() {
|
||||||
|
|
||||||
BIN=$TEST_SRCDIR/com_google_sandboxed_api/sandboxed_api/sandbox2/examples/tool/sandbox2tool
|
BIN=$TEST_SRCDIR/com_google_sandboxed_api/sandboxed_api/sandbox2/examples/tool/sandbox2tool
|
||||||
|
|
||||||
out=$("$BIN" -sandbox2tool_resolve_and_add_libraries -sandbox2tool_walltime_timeout=1 /bin/sleep 60 2>&1)
|
out=$("$BIN" \
|
||||||
|
--sandbox2tool_resolve_and_add_libraries \
|
||||||
|
--sandbox2tool_walltime_timeout=1 \
|
||||||
|
-- /bin/sleep 60 2>&1)
|
||||||
result=$?
|
result=$?
|
||||||
if [[ $result -ne 2 ]]; then
|
if [[ $result -ne 2 ]]; then
|
||||||
echo "$out" >&2
|
echo "$out" >&2
|
||||||
|
@ -59,7 +62,7 @@ fi
|
||||||
out=$("$BIN" \
|
out=$("$BIN" \
|
||||||
--sandbox2tool_resolve_and_add_libraries \
|
--sandbox2tool_resolve_and_add_libraries \
|
||||||
--sandbox2tool_additional_bind_mounts '/etc,/proc' \
|
--sandbox2tool_additional_bind_mounts '/etc,/proc' \
|
||||||
-sandbox2tool_mount_tmp \
|
--sandbox2tool_mount_tmp \
|
||||||
-- /bin/ls /proc/1/fd/ 2>&1)
|
-- /bin/ls /proc/1/fd/ 2>&1)
|
||||||
result=$?
|
result=$?
|
||||||
if [[ $result -ne 0 ]]; then
|
if [[ $result -ne 0 ]]; then
|
||||||
|
|
Loading…
Reference in New Issue
Block a user