diff --git a/cmd/fsu/main.go b/cmd/fsu/main.go index 2d3ad8b..76343e2 100644 --- a/cmd/fsu/main.go +++ b/cmd/fsu/main.go @@ -8,16 +8,17 @@ import ( "strconv" "strings" "syscall" - - "git.ophivana.moe/security/fortify/internal" ) const ( + compPoison = "INVALIDINVALIDINVALIDINVALIDINVALID" fsuConfFile = "/etc/fsurc" envShim = "FORTIFY_SHIM" envAID = "FORTIFY_APP_ID" ) +var Fmain = compPoison + func main() { log.SetFlags(0) log.SetPrefix("fsu: ") @@ -33,7 +34,7 @@ func main() { } var fmain string - if p, ok := internal.Path(internal.Fmain); !ok { + if p, ok := checkPath(Fmain); !ok { log.Fatal("invalid fortify path, this copy of fsu is not compiled correctly") } else { fmain = p @@ -137,3 +138,7 @@ func parseConfig(p string, puid int) (fid int, ok bool) { return -1, false } } + +func checkPath(p string) (string, bool) { + return p, p != compPoison && p != "" && path.IsAbs(p) +} diff --git a/internal/path.go b/internal/path.go index 1332276..3bc2821 100644 --- a/internal/path.go +++ b/internal/path.go @@ -3,7 +3,6 @@ package internal import "path" var ( - Fmain = compPoison Fsu = compPoison Fshim = compPoison Finit = compPoison diff --git a/package.nix b/package.nix index 39dcff9..fe1f1e3 100644 --- a/package.nix +++ b/package.nix @@ -28,10 +28,11 @@ buildGoModule rec { [ "-s" "-w" + "-X" + "main.Fmain=${placeholder "out"}/bin/.fortify-wrapped" ] { Version = "v${version}"; - Fmain = "${placeholder "out"}/bin/.fortify-wrapped"; Fsu = "/run/wrappers/bin/fsu"; Fshim = "${placeholder "out"}/bin/.fshim"; Finit = "${placeholder "out"}/bin/.finit";