Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm using firejail to run some apps like Chromium for example.
What I want to do now is to write a script that in a specific interval of time will check for example if all chromium processes are running through firejail. If this is not the case then it will inform me with a notify-send command.
So I'm wondering how can I achieve something like this and any idea will be thankful.
What I want to do now is to write a script that in a specific interval of time will check for example if all chromium processes are running through firejail. If this is not the case then it will inform me with a notify-send command.
So I'm wondering how can I achieve something like this and any idea will be thankful.
Not that I have ever used firejail, but yes, this should be doable.
If you want your script to run at certain times, I would personally use either cron or an eternal loop with a sleep statement in the script, cron would be my first choice.
Using notify-send in a script is no problem as long as you don't run the script as root. The latter can be done (I actually do that in one of my scripts on my Arch box) but it requires a bit of extra work. As a normal user, you just:
Thank you very much for your answer but i was wondering on the part of the script that will check if the chromium's process runs through firejail.
For example i tried to implement that part of the script by checking if the parent pid of the chromium belongs to firejail process but for some reason that didn't work.
Thank you very much for your answer but i was wondering on the part of the script that will check if the chromium's process runs through firejail.
For example i tried to implement that part of the script by checking if the parent pid of the chromium belongs to firejail process but for some reason that didn't work.
I've never used firejail, but why don't you share the part of your script that doesn't work?
Finally i fixed the problem with the script and now it can print out if the chromium is firejailed or not.
Here is the code :
Code:
#!/bin/bash
# Get chromium's first pid
pid=$(ps -A | grep -m1 chromium | awk '{ print $1 }')
# Get its parent pid
ppid=$(ps -o ppid= -p $pid)
# Get its parent process name
pname=$(ps -p $ppid -o comm=)
if [ "$pname" = "firejail" ]; then
notify-send -u low "firejail-check" "Chromium is firejailed"
else
notify-send -u critival "firejail-check" "Chromium isn't firejailed"
fi
I'm wondering now, if there is any way to run this script only when a chromium process is starting.
Saves a couple of pipes, but your version works just as well.
Also, there is a slight error in your 2nd notify, you wrote "critival" instead or critical, so it might not work as expected.
As far as only running this when chromium starts you could use cron, I would!
I also make some changes to the script and now ps returns a sorted list of chromium processes because i had a little problem with the previous version.
Here is the update :
Code:
#!/bin/bash
# Get chromium's first pid
pid=$(ps -A --sort=start_time | grep -m1 chromium | awk '{ print $1 }')
if [ -n "$pid" ]; then
# Get its parent pid
ppid=$(ps -o ppid= -p $pid)
# Get its parent process name
pname=$(ps -p $ppid -o comm=)
if [ "$pname" = "firejail" ]; then
echo '<span foreground="#4285f4"></span>'
else
notify-send -u critical "firejail-check" "Chromium isn't firejailed"
echo '<span foreground="#FF0000"> Chromium warning</span>'
fi
fi
Actually I'm using i3 wm and i run it through i3blocks bar
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
