docker-exec-sigproxy fix

guest/Dockerfile

@@ -130,10 +130,15 @@ RUN	apt-get update -y \
 		rust-all \
 		ruby \
 		x11-apps \
-	&& /pkg-install.sh LARGE pip install ipython \
 	&& /pkg-install.sh LARGE pip install --pre scapy[basic] \
-	&& /pkg-install.sh LARGE pip install git-dumper \
-	&& /pkg-install.sh LARGE pip install shodan \
+	&& /pkg-install.sh LARGE pip install \
+		git-dumper \
+		ipyton \
+		shodan \
+	&& /pkg-install.sh HACK pip install sqlmap \
+	&& /pkg-install.sh DEVEL pip install \
+		cryptocode \
+		colorama \
 	&& /pkg-install.sh LARGE curl -fsSL https://github.com/Peltoche/lsd/releases/download/0.21.0/lsd_0.21.0_amd64.deb -o /tmp/lsd.deb \
 	&& /pkg-install.sh LARGE dpkg -i /tmp/lsd.deb \
 	&& /pkg-install.sh LARGE curl -fsSL https://gitlab.com/api/v4/projects/32089582/packages/generic/geonet-rs/0.4.0/geonet_0.4.0_amd64.deb -o /tmp/geonet.deb \

guest/fs-root/etc/shellrc

@@ -37,7 +37,7 @@ alias lt='ls -Alhrt'
 _sf_info_non_perm()
 {
 	# On success show this...
-	echo -e "${CDB}[${CDY}SF${CDB}] ${CR}Your changes will get lost."
+	echo -e "${CDB}[${CDY}SF${CDB}] ${CR}Your changes will be lost."
 	echo -e "${CDB}[${CDY}SF${CDB}] ${CB}${CUL}https://www.thc.org/segfault/faq/#lost${CN}"
 }
 

host/docker-exec-sigproxy.c

@@ -228,11 +228,13 @@ cb_signal(int sig)
 			if (WIFEXITED(wstatus))
 				exit(WEXITSTATUS(wstatus));
 
+			// Disable signal handler for this signal.
 			signal(WTERMSIG(wstatus), SIG_DFL);
 			// Kill myself with the same signal.
 			kill(getpid(), WTERMSIG(wstatus));
+			return; // On return the above signal will be delivered.
 		}
-		exit(255); // SHOULD NOT HAPPEN
+		exit(252); // SHOULD NOT HAPPEN
 	}
 
 	// Forward signal to exec'ed pid.
@@ -242,9 +244,12 @@ cb_signal(int sig)
 	// NOTE: This docker-cli is inside a docker already. Thus we need to break out:
 	snprintf(cmd, sizeof cmd, "docker run --rm --pid=host -v "DFL_CONTAINER_DIR"/%s/%s.pid:/pid alpine sh -c 'kill -%d $(cat /pid)'", container_id, exec_id, sig);
 #else
-	snprintf(cmd, sizeof cmd, "kill -%d $(cat "DFL_CONTAINER_DIR"/%s/%s.pid:)", container_id, exec_id, sig);
+	snprintf(cmd, sizeof cmd, "kill -%d $(cat "DFL_CONTAINER_DIR"/%s/%s.pid)", sig, container_id, exec_id);
 #endif
+	DEBUGF("cmd=%s\n", cmd);
+	signal(SIGCHLD, SIG_IGN);
 	system(cmd);
+	signal(SIGCHLD, cb_signal);
 
 	// Forward signal to child.
 	if (pid > 0)
@@ -275,10 +280,14 @@ main(int argc, char *argv[])
 
 	tios_error = tcgetattr(STDIN_FILENO, &tios);
 
-	// Catch _all_ signals...
-	int n;
-	for (n = 1; n < 64; n++)
-		signal(n, cb_signal);
+	signal(SIGHUP, cb_signal);
+	signal(SIGINT, cb_signal);
+	signal(SIGQUIT, cb_signal);
+	signal(SIGUSR1, cb_signal);
+	signal(SIGUSR2, cb_signal);
+	signal(SIGPIPE, cb_signal);
+	signal(SIGTERM, cb_signal);
+	signal(SIGURG, cb_signal);
 
 	atexit(do_exit);
 	// Create listening socket

host/fs-root/bin/segfaultsh

@@ -274,7 +274,8 @@ print_goodbye()
 		str="shell or background process is"
 		[[ "$n" -gt 4 ]] && str="shells or background processes are"
 		echo -e "${CY}WARNING: ${CR}$((n-3))${CY} ${str} still running:${CN}"
-		exec_errnull docker exec "lg-${LID}" pgrep -v '^\[SF' -al | tail -n+3 | while read x; do echo -e "${CDY}--> ${CDG}$x${CN}"; done
+		# exec_errnull docker exec "lg-${LID}" pgrep -v '^\[SF' -al | tail -n+3 | while read x; do echo -e "${CDY}--> ${CDG}${x:0:75}${CN}"; done
+		exec_errnull docker exec "lg-${LID}" pgrep -v '^\[SF' -al | tail -n+3 | while read x; do p="${x%% *}      "; n="${x#* }"; echo -e "${CDY}--> ${CDR}${p:0:8}${CDG}${n:0:68}${CN}"; done
 		echo -e "\
 -------> The encrypted filesystem in /sec will remain accessible until
 -------> the last shell exits or all background processes terminate.