Lookup xauth in PATH.

Don't use hardcoded `/usr/bin/xauth`,
iterate over directories inside PATH instead.

RELNOTES

@@ -717,7 +717,7 @@ firejail (0.9.46) baseline; urgency=low
 
 firejail (0.9.44.10) baseline; urgency=low
   * security: when using --x11=xorg and --net, incorrect processing of
-    the return code of /usr/bin/xauth could end up in starting the
+    the return code of xauth could end up in starting the
     sandbox without X11 security extension installed. Problem found/fixed
     by Zack Weinberg
   * bugfix: ~/.pki directory whitelisted and later blacklisted. This affects

src/firejail/fs_lib2.c

@@ -167,7 +167,7 @@ void fslib_install_firejail(void) {
 
 	// bring in xauth libraries
 	if (arg_x11_xorg)
-		fslib_mount_libs("/usr/bin/xauth", 1); // parse as user
+		fslib_mount_libs(lookup_executable("xauth"), 1); // parse as user
 
 	fmessage("Firejail libraries installed in %0.2f ms\n", timetrace_end());
 }

src/firejail/x11.c

@@ -1164,7 +1164,6 @@ void x11_start(int argc, char **argv) {
 }
 #endif
 
-
 void x11_xorg(void) {
 #ifdef HAVE_X11
 
@@ -1175,32 +1174,41 @@ void x11_xorg(void) {
 		exit(1);
 	}
 
+	char *xauth_bin = lookup_executable("xauth");
+
 	// check xauth utility is present in the system
-	struct stat s;
-	if (stat("/usr/bin/xauth", &s) == -1) {
-		fprintf(stderr, "Error: xauth utility not found in /usr/bin. Please install it:\n");
+	if (!xauth_bin) {
+		fprintf(stderr, "Error: xauth utility not found in PATH. Please install it:\n");
 		fprintf(stderr, "   Debian/Ubuntu/Mint: sudo apt-get install xauth\n");
 		fprintf(stderr, "   Arch: sudo pacman -S xorg-xauth\n");
 		fprintf(stderr, "   Fedora: sudo dnf install xorg-x11-xauth\n");
 		exit(1);
 	}
+
+	struct stat s;
+	if (stat(xauth_bin, &s) == -1) {
+		fprintf(stderr, "Error: %s: %s\n", xauth_bin, strerror(errno));
+		exit(1);
+	}
 	if ((s.st_uid != 0 && s.st_gid != 0) || (s.st_mode & S_IWOTH)) {
-		fprintf(stderr, "Error: invalid /usr/bin/xauth executable\n");
+		fprintf(stderr, "Error: invalid %s executable\n", xauth_bin);
 		exit(1);
 	}
 	if (s.st_size > 1024 * 1024) {
-		fprintf(stderr, "Error: /usr/bin/xauth executable is too large\n");
+		fprintf(stderr, "Error: %s executable is too large\n", xauth_bin);
 		exit(1);
 	}
-	// copy /usr/bin/xauth in the sandbox and set mode to 0711
+	// copy xauth in the sandbox and set mode to 0711
 	// users are not able to trace the running xauth this way
 	if (arg_debug)
-		printf("Copying /usr/bin/xauth to %s\n", RUN_XAUTH_FILE);
-	if (copy_file("/usr/bin/xauth", RUN_XAUTH_FILE, 0, 0, 0711)) {
-		fprintf(stderr, "Error: cannot copy /usr/bin/xauth executable\n");
+		printf("Copying %s to %s\n", xauth_bin, RUN_XAUTH_FILE);
+	if (copy_file(xauth_bin, RUN_XAUTH_FILE, 0, 0, 0711)) {
+		fprintf(stderr, "Error: cannot copy %s executable\n", xauth_bin);
 		exit(1);
 	}
 
+	free(xauth_bin);
+
 	fmessage("Generating a new .Xauthority file\n");
 	mkdir_attr(RUN_XAUTHORITY_SEC_DIR, 0700, getuid(), getgid());
 	// create new Xauthority file in RUN_XAUTHORITY_SEC_DIR

src/include/common.h

@@ -159,4 +159,5 @@ void reject_meta_chars(const char *fname, int globbing);
 void warn_dumpable(void);
 const char *gnu_basename(const char *path);
 int *str_to_int_array(const char *str, size_t *sz);
+char *lookup_executable(const char *exe_name);
 #endif

src/lib/common.c

@@ -591,3 +591,25 @@ float timetrace_end(void) {
 	free(t);
 	return rv;
 }
+
+char *lookup_executable(const char *exe_name) {
+	char *path_dir;
+	char *exe_bin_path;
+
+	char *path = getenv("PATH");
+	if (path == NULL)
+		return NULL;
+
+	path_dir = strtok(path, ":");
+	while (path_dir != NULL) {
+		if (asprintf(&exe_bin_path, "%s/%s", path_dir, exe_name) == -1)
+			errExit("asprintf");
+
+		if (access(exe_bin_path, X_OK) == 0)
+			return exe_bin_path;
+
+		free(exe_bin_path);
+		path_dir = strtok(NULL, ":");
+	}
+	return NULL;
+}