Added more tests

.gitignore

@@ -2,7 +2,13 @@ build/*
 .clang-tidy
 .cache
 test/protected/*
-test/.pt.db
-compile_commands.json
 test/perf*
 test/callgraph*
+test/openers
+test/opener/opener
+test/opener/opener.o
+test/.*
+*compile_commands.json
+src/gui/ui/*
+src/gui/*.o
+src/gui/icfs_dialogue

Makefile

@@ -2,9 +2,17 @@ SHELL=/bin/bash
 
 # configurable options
 
-SOURCES_DIR := ./src
+ifndef ($(SOURCES_DIR))
-TESTS_DIR := ./tests
+	SOURCES_DIR := ./src
-BUILD_DIR := ./build
+endif
+
+ifndef ($(TESTS_DIR))
+	TESTS_DIR := ./tests
+endif
+
+ifndef ($(BUILD_DIR))
+	BUILD_DIR := ./build
+endif
 
 CC := gcc
 CXX := g++
@@ -49,14 +57,20 @@ ifeq ($(TEST), 1)
 	TARGETS += icfs_test
 endif
 
+ifneq ($(DIALOGUE), 0)
+	TARGETS += $(BUILD_DIR)/icfs_dialogue
+endif
 
 # build!
 
 default: $(TARGETS)
 
-.PHONY: clean
+.PHONY: clean icfs_test clean-icfs clean-icfs_dialogue
 
-$(BUILD_DIR)/icfs: $(BUILD_DIR)/main.o $(BUILD_DIR)/fuse_operations.o $(BUILD_DIR)/sourcefs.o $(BUILD_DIR)/ui-socket.o $(BUILD_DIR)/temp_permissions_table.o $(BUILD_DIR)/perm_permissions_table.o
+$(BUILD_DIR)/icfs_dialogue:
+	make -C $(SOURCES_DIR)/gui TEST=$(TEST) DEBUG=$(shell realpath $(DEBUG)) SOURCES_DIR=$(shell realpath $(SOURCES_DIR)/gui) BUILD_DIR=$(shell realpath $(BUILD_DIR)) TESTS_DIR=$(shell realpath $(TESTS_DIR))
+
+$(BUILD_DIR)/icfs: $(BUILD_DIR)/main.o $(BUILD_DIR)/fuse_operations.o $(BUILD_DIR)/sourcefs.o $(BUILD_DIR)/ui-socket.o $(BUILD_DIR)/temp_permissions_table.o $(BUILD_DIR)/perm_permissions_table.o $(BUILD_DIR)/proc_operations.o
 	$(CC) $(CFLAGS) $^ $(LDFLAGS) -o $(BUILD_DIR)/icfs
 
 icfs_test: $(BUILD_DIR)/icfs
@@ -83,6 +97,19 @@ $(BUILD_DIR)/temp_permissions_table.o: $(SOURCES_DIR)/temp_permissions_table.c $
 $(BUILD_DIR)/perm_permissions_table.o: $(SOURCES_DIR)/perm_permissions_table.c $(SOURCES_DIR)/perm_permissions_table.h
 	$(CC) $(CFLAGS) -c $< $(LDFLAGS) -o $@
 
+$(BUILD_DIR)/proc_operations.o: $(SOURCES_DIR)/proc_operations.c $(SOURCES_DIR)/proc_operations.h
+	$(CC) $(CFLAGS) -c $< $(LDFLAGS) -o $@
 
-clean:
+CLEAN_TARGETS=clean-icfs
-	rm $(BUILD_DIR)/*.o $(BUILD_DIR)/icfs*
+
+ifneq ($(DIALOGUE), 0)
+	CLEAN_TARGETS += clean-icfs_dialogue
+endif
+
+clean: $(CLEAN_TARGETS)
+
+clean-icfs:
+	rm $(BUILD_DIR)/*.o $(BUILD_DIR)/icfs
+
+clean-icfs_dialogue:
+		make -C $(SOURCES_DIR)/gui clean SOURCES_DIR=$(shell realpath $(SOURCES_DIR)/gui) BUILD_DIR=$(shell realpath $(BUILD_DIR)) TESTS_DIR=$(shell realpath $(TESTS_DIR))

src/access_t.h

@@ -1,6 +1,6 @@
 #ifndef ACCESS_T_H
 #define ACCESS_T_H
 
-typedef enum { DENY, ALLOW, ALLOW_TEMP, NDEF } access_t;
+typedef enum { DENY, ALLOW, ALLOW_TEMP, DENY_TEMP, NDEF } access_t;
 
 #endif // !ACCESS_T_H

src/fuse_operations.c

@@ -39,63 +39,10 @@
 #include <sys/file.h> /* flock(2) */
 
 #include "fuse_operations.h"
+#include "proc_operations.h"
 #include "sourcefs.h"
 #include "ui-socket.h"
 
-const char *get_process_name_by_pid(const int pid) {
-  char path[1024];
-  sprintf(path, "/proc/%d/exe", pid);
-
-  char *name = realpath(path, NULL);
-  if (name == NULL) {
-    fprintf(stderr, "Could not get process name by pid %d", pid);
-    perror("");
-  }
-
-  /*
-  size_t namelen = 32;
-  ssize_t readret = 0;
-  char *name = NULL;
-  while (namelen >= (size_t)readret && readret > 0) {
-    namelen *= 2;
-    name = calloc(namelen, sizeof(char));
-    if (name == NULL) {
-      free(path);
-      fprintf(stderr, "Could not get get process name by pid %d", pid);
-      perror("");
-      return NULL;
-    }
-    readret = readlink(path, name, namelen);
-    if (readret < 0) {
-      free(name);
-      free(path);
-      fprintf(stderr, "Couldn't get process name by pid %d", pid);
-      perror("");
-      return NULL;
-    }
-    if (namelen >= (size_t)readret) {
-      free(name);
-    }
-  }
-  */
-
-  return name;
-
-  /*
-  FILE *file = fopen(path, "r");
-  if (file) {
-    size_t size = 0;
-    size = fread(path, sizeof(char), 1024, file);
-    if (size > 0) {
-      if ('\n' == path[size - 1]) {
-        path[size - 1] = '\0';
-      }
-    }
-    fclose(file);
-  }
-  */
-}
-
 static void *xmp_init(struct fuse_conn_info *conn, struct fuse_config *cfg) {
   (void)conn;
   cfg->use_ino = 1;

src/gui/Makefile

@@ -2,9 +2,17 @@ SHELL=/bin/bash
 
 # configurable options
 
-SOURCES_DIR := .
+ifndef ($(SOURCES_DIR))
-TESTS_DIR := .
+	SOURCES_DIR := .
-BUILD_DIR := .
+endif
+
+ifndef ($(TESTS_DIR))
+	TESTS_DIR := .
+endif
+
+ifndef ($(BUILD_DIR))
+	BUILD_DIR := .
+endif
 
 CC := gcc
 CXX := g++
@@ -43,10 +51,10 @@ endif
 
 # set up targets 
 
-TARGETS := $(BUILD_DIR)/zenity
+TARGETS := $(BUILD_DIR)/icfs_dialogue
 
 ifeq ($(TEST), 1)
-	TARGETS += zenity_test
+	TARGETS += icfs_dialogue_test
 endif
 
 
@@ -54,16 +62,16 @@ endif
 
 default: $(TARGETS)
 
-.PHONY: clean zenity_test
+.PHONY: clean icfs_dialogue_test
 
-zenity_test: $(BUILD_DIR)/zenity
+icfs_dialogue_test: $(BUILD_DIR)/icfs_dialogue
-	./zenity 666 cat /home/fedir Downloads
+	$(BUILD_DIR)/icfs_dialogue 666 cat /home/fedir /Downloads
 
-$(BUILD_DIR)/zenity: $(BUILD_DIR)/zenity.o
+$(BUILD_DIR)/icfs_dialogue: $(BUILD_DIR)/icfs_dialogue.o
-	$(CC) $(CFLAGS) $^ $(LDFLAGS) -o $(BUILD_DIR)/zenity
+	$(CC) $(CFLAGS) $^ $(LDFLAGS) -o $(BUILD_DIR)/icfs_dialogue
 
-$(BUILD_DIR)/zenity.o: $(SOURCES_DIR)/zenity-clone.c
+$(BUILD_DIR)/icfs_dialogue.o: $(SOURCES_DIR)/icfs_dialogue.c
-	$(CC) $(CFLAGS) -c $< $(LDFLAGS) -o $(BUILD_DIR)/zenity.o
+	$(CC) $(CFLAGS) -c $< $(LDFLAGS) -o $(BUILD_DIR)/icfs_dialogue.o
 
 clean:
-	rm $(BUILD_DIR)/*.o $(BUILD_DIR)/zenity
+	rm $(BUILD_DIR)/*.o $(BUILD_DIR)/icfs_dialogue

src/gui/icfs_dialogue.c

@@ -16,7 +16,7 @@ gboolean is_permanent = false;
 GtkEntryBuffer *entry_buffer = NULL;
 GtkWidget *checkbox = NULL;
 
-static void negative_response(GtkWindow *window) {
+static void positive_response(GtkWindow *window) {
   fprintf(stdout, "%s", gtk_entry_buffer_get_text(entry_buffer));
   exit_code = (gtk_check_button_get_active(GTK_CHECK_BUTTON(checkbox)))
                   ? YES | PERM
@@ -24,7 +24,7 @@ static void negative_response(GtkWindow *window) {
   gtk_window_close(window);
 }
 
-static void positive_response(GtkWindow *window) {
+static void negative_response(GtkWindow *window) {
   fprintf(stdout, "%s", gtk_entry_buffer_get_text(entry_buffer));
   exit_code = (gtk_check_button_get_active(GTK_CHECK_BUTTON(checkbox)))
                   ? NO | PERM
@@ -138,8 +138,13 @@ static int on_command_line(GApplication *app, GApplicationCommandLine *cmdline,
 }
 
 int main(int argc, char **argv) {
+
+  if (argc == 2 && strcmp(argv[1], "--version") == 0) {
+    fprintf(stdout, "icfs_dialogue 1.0.0");
+  }
+
   // Create a new application
-  AdwApplication *app = adw_application_new("com.example.zenityclone",
+  AdwApplication *app = adw_application_new("de.umbrasolis.icfs_dialogue",
                                             G_APPLICATION_HANDLES_COMMAND_LINE);
 
   g_signal_connect(app, "command-line", G_CALLBACK(on_command_line), NULL);

src/perm_permissions_table.c

@@ -8,7 +8,9 @@
 
 #include "perm_permissions_table.h"
 #include "access_t.h"
+#include "proc_operations.h"
 #include "process_info.h"
+#include "set_mode_t.h"
 #include <fcntl.h>
 #include <pthread.h>
 #include <sqlite3.h>
@@ -83,10 +85,21 @@ static int check_table_col_schema(void *notused, int argc, char **argv,
 }
 
 static int set_flag(void *flag, int argc, char **argv, char **colname) {
-  (void)argc;
-  (void)argv;
   (void)colname;
-  *(int *)flag = 1;
+
+  if (argc < 3) {
+    fprintf(stderr,
+            "Unexpected amount of arguments given to the callback: %d.\n",
+            argc);
+    return 1;
+  }
+
+  if (atoi(argv[2])) {
+    fprintf(stderr, "Third column was: %s\n", argv[2]);
+    *(int *)flag = 1;
+  } else {
+    *(int *)flag = -1;
+  }
   return 0;
 }
 
@@ -182,7 +195,7 @@ int init_perm_permissions_table(const char *db_filename) {
 /**
  * Destroys the permanent permissions table.
  */
-void destroy_perm_permissions_table() { sqlite3_close(perm_database); }
+void destroy_perm_permissions_table(void) { sqlite3_close(perm_database); }
 
 /**
  * Checks if the process has a permanent access to the file.
@@ -192,13 +205,16 @@ void destroy_perm_permissions_table() { sqlite3_close(perm_database); }
  * @return: access status - ALLOW, DENY or NDEF in case if no information was
  * found
  */
-access_t check_perm_access(const char *filename, struct process_info pi) {
+access_t check_perm_access_noparent(const char *filename,
+                                    struct process_info pi) {
 
   char *query = NULL;
   int ret = asprintf(&query,
                      "SELECT * FROM %s WHERE executable = \'%s\' "
-                     "AND filename = \'%s\' AND mode = TRUE;",
+                     "AND ((\'%s\' LIKE CONCAT(filename, \'%%\') AND filename "
-                     table_name, pi.name, filename);
+                     "GLOB \'*/\') OR filename = \'%s\');",
+                     table_name, pi.name, filename, filename);
+  fprintf(stderr, "query: %s\n", query);
 
   if (ret < 0) {
     // If asprintf fails, the contents of query are undefined (see man
@@ -220,9 +236,51 @@ access_t check_perm_access(const char *filename, struct process_info pi) {
     return NDEF;
   }
 
-  if (flag) {
+  if (flag == 1) {
     return ALLOW;
   }
+  if (flag == -1) {
+    return DENY;
+  }
+  return NDEF;
+}
+
+/**
+ * Checks if the process or any of it's parents have permanent access to the
+ * file.
+ *
+ * @param filename: The file that the process is trying to access
+ * @pram pi: The process information
+ * @return: access status - ALLOW, DENY or NDEF in case if no information was
+ * found. Does not return ALLOW_TEMP or DENY_TEMP.
+ * @note: In case one of the parent processes is killed while this function
+ * execution the result is not guranteed to be correct. It should only lead to
+ * false negatives, though.
+ */
+access_t check_perm_access(const char *filename, struct process_info pi) {
+  if (pi.PID == 0) {
+    return NDEF;
+  }
+
+  struct process_info current_pi = pi;
+  current_pi.name = strdup(current_pi.name);
+  while (current_pi.PID != 0) {
+    access_t access = check_perm_access_noparent(filename, current_pi);
+    free(current_pi.name);
+    if (access != NDEF) {
+      return access;
+    }
+    current_pi.name = NULL;
+    while (current_pi.name == NULL) {
+      current_pi.PID = get_parent_pid(current_pi.PID);
+      if (current_pi.PID != 0) {
+        current_pi.name = get_process_name_by_pid(current_pi.PID);
+      } else {
+        break;
+      }
+    }
+  }
+
   return NDEF;
 }
 
@@ -233,10 +291,19 @@ access_t check_perm_access(const char *filename, struct process_info pi) {
  * @param pi: The process information
  * @return: 0 on success, 1 on failure
  */
-int give_perm_access(const char *filename, struct process_info pi) {
+int set_perm_access(const char *filename, struct process_info pi,
+                    set_mode_t mode) {
   char *query = NULL;
-  int ret = asprintf(&query, "INSERT INTO %s VALUES (\'%s\', \'%s\', TRUE);",
+  int ret = -1;
-                     table_name, pi.name, filename);
+  if (mode == SET_ALLOW) {
+    ret = asprintf(&query, "INSERT INTO %s VALUES (\'%s\', \'%s\', TRUE);",
+                   table_name, pi.name, filename);
+  } else if (mode == SET_DENY) {
+    ret = asprintf(&query, "INSERT INTO %s VALUES (\'%s\', \'%s\', FALSE);",
+                   table_name, pi.name, filename);
+  } else {
+    return 1;
+  }
 
   if (ret < 0) {
     // If asprintf fails, the contents of query are undefined (see man

src/perm_permissions_table.h

@@ -11,6 +11,7 @@
 
 #include "access_t.h"
 #include "process_info.h"
+#include "set_mode_t.h"
 
 /**
  * Initializes the permanent permissions table.
@@ -40,8 +41,11 @@ access_t check_perm_access(const char *filename, struct process_info pi);
  *
  * @param filename: The file that the process is trying to access
  * @param pi: The process information
+ * @param mode: Kind of access rule to be set - SET_DENY to deny access, and
+ * SET_ALLOW to allow access.
  * @return: 0 on success, -1 on failure
  */
-int give_perm_access(const char *filename, struct process_info pi);
+int set_perm_access(const char *filename, struct process_info pi,
+                    set_mode_t mode);
 
 #endif // #ifdef PERM_PERMISSION_TABLE_H

src/proc_operations.c

@@ -0,0 +1,45 @@
+#include "proc_operations.h"
+#include <stdio.h>
+#include <stdlib.h>
+
+char *get_process_name_by_pid(const int pid) {
+  char path[1024];
+  sprintf(path, "/proc/%d/exe", pid);
+
+  char *name = realpath(path, NULL);
+  if (name == NULL) {
+    fprintf(stderr, "Could not get process name by pid %d", pid);
+    perror("");
+  }
+  return name;
+}
+
+/**
+ * Finds the parent process ID of a given process.
+ *
+ * @param pid: The process ID of the process to find the parent of
+ * @return: The parent process ID, or 0 if the parent process ID could not be
+ * found
+ */
+pid_t get_parent_pid(pid_t pid) {
+  pid_t ppid = 0;
+  char path[256];
+  snprintf(path, sizeof(path), "/proc/%u/status", pid);
+
+  FILE *file = fopen(path, "r");
+  if (file == NULL) {
+    perror("Failed to open /proc/<pid>/status");
+    return 0;
+  }
+
+  char line[256];
+  while (fgets(line, sizeof(line), file)) {
+    if (sscanf(line, "PPid:\t%d", &ppid) == 1) {
+      fclose(file);
+      return ppid;
+    }
+  }
+
+  fclose(file);
+  return 0; // Parent PID not found
+}

src/proc_operations.h

@@ -0,0 +1,17 @@
+#ifndef PROC_OPERATIONS
+#define PROC_OPERATIONS
+
+#include <time.h>
+
+char *get_process_name_by_pid(const int pid);
+
+/**
+ * Finds the parent process ID of a given process.
+ *
+ * @param pid: The process ID of the process to find the parent of
+ * @return: The parent process ID, or 0 if the parent process ID could not be
+ * found
+ */
+pid_t get_parent_pid(pid_t pid);
+
+#endif // !PROC_OPERATIONS

src/process_info.h

@@ -12,7 +12,7 @@
 #include <sys/types.h>
 struct process_info {
   pid_t PID;
-  const char *name;
+  char *name;
 };
 
 #endif // PROCESS_INFO_H

src/set_mode_t.h

@@ -0,0 +1,5 @@
+
+#ifndef SET_MODE_T_H
+#define SET_MODE_T_H
+typedef enum { SET_DENY, SET_ALLOW } set_mode_t;
+#endif // !SET_MODE_T_H

src/temp_permissions_table.c

@@ -9,9 +9,12 @@
 #include "temp_permissions_table.h"
 #include "access_t.h"
 #include "cc.h"
+#include "proc_operations.h"
 #include "process_info.h"
 #include <pthread.h>
+#include <stddef.h>
 #include <stdio.h>
+#include <string.h>
 #include <sys/types.h>
 
 struct temp_process_permissions {
@@ -126,14 +129,23 @@ access_t check_temp_access_noparent(const char *filename, pid_t pid) {
     if (process_creation_time == permission_entry->creation_time) {
       // the process is the same as the one that was granted temporary access
       // to the file
+      size_t filename_len = strlen(filename);
       for_each(&permission_entry->denied_files, denied_file) {
-        if (strncmp(*denied_file, filename, strlen(filename)) == 0) {
+        size_t denied_file_len = strlen(*denied_file);
+        if (strncmp(*denied_file, filename, denied_file_len) == 0 &&
+            ((denied_file_len < filename_len &&
+              (*denied_file)[denied_file_len - 1] == '/') ||
+             (denied_file_len == filename_len))) {
           pthread_mutex_unlock(&temp_permissions_table_lock);
           return DENY;
         }
       }
       for_each(&permission_entry->allowed_files, allowed_file) {
-        if (strncmp(*allowed_file, filename, strlen(filename)) == 0) {
+        size_t allowed_file_len = strlen(*allowed_file);
+        if (strncmp(*allowed_file, filename, allowed_file_len) == 0 &&
+            ((allowed_file_len < filename_len &&
+              (*allowed_file)[allowed_file_len - 1] == '/') ||
+             (allowed_file_len == filename_len))) {
           pthread_mutex_unlock(&temp_permissions_table_lock);
           return ALLOW;
         }
@@ -144,36 +156,6 @@ access_t check_temp_access_noparent(const char *filename, pid_t pid) {
   return NDEF;
 }
 
-/**
- * Finds the parent process ID of a given process.
- *
- * @param pid: The process ID of the process to find the parent of
- * @return: The parent process ID, or 0 if the parent process ID could not be
- * found
- */
-pid_t get_parent_pid(pid_t pid) {
-  pid_t ppid = 0;
-  char path[256];
-  snprintf(path, sizeof(path), "/proc/%u/status", pid);
-
-  FILE *file = fopen(path, "r");
-  if (file == NULL) {
-    perror("Failed to open /proc/<pid>/status");
-    return 0;
-  }
-
-  char line[256];
-  while (fgets(line, sizeof(line), file)) {
-    if (sscanf(line, "PPid:\t%d", &ppid) == 1) {
-      fclose(file);
-      return ppid;
-    }
-  }
-
-  fclose(file);
-  return 0; // Parent PID not found
-}
-
 /**
  * Checks if the process or any of it's parents have temporary access to the
  * file.

src/temp_permissions_table.h

@@ -4,6 +4,7 @@
 
 #include "access_t.h"
 #include "process_info.h"
+#include "set_mode_t.h"
 
 /**
  * Initializes the temporary permissions table.
@@ -35,8 +36,6 @@ void destroy_temp_permissions_table(void);
  */
 access_t check_temp_access(const char *filename, struct process_info pi);
 
-typedef enum { SET_DENY, SET_ALLOW } set_mode_t;
-
 /**
  * Sets temporary access mode of the process to the file.
  *

src/ui-socket.c

@@ -11,10 +11,13 @@
 #include <sys/types.h>
 #include <time.h>
 #define _GNU_SOURCE
+#include "cc.h"
 #include "perm_permissions_table.h"
 #include "real_filename.h"
+#include "sourcefs.h"
 #include "temp_permissions_table.h"
 #include "ui-socket.h"
+#include <assert.h>
 #include <pthread.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -23,7 +26,14 @@
 #include <sys/un.h>
 #include <unistd.h>
 
-#define ZENITY_TEMP_ALLOW_MESSAGE "Allow this time\n"
+#define DIALOGUE_YES 0
+#define DIALOGUE_NO 1
+#define DIALOGUE_PERM 2
+
+struct dialogue_response {
+  access_t decision;
+  char *filename;
+};
 
 int init_ui_socket(const char *perm_permissions_db_filename) {
   FILE *fp = NULL;
@@ -38,8 +48,8 @@ int init_ui_socket(const char *perm_permissions_db_filename) {
     return 1;
   }
 
-  // Test if Zenity is installed (get version)
+  // Test if dialogue is installed (get version)
-  fp = popen("zenity --version", "r");
+  fp = popen("icfs_dialogue --version", "r");
   if (fp == NULL) {
     perror("Pipe returned an error");
     return 1;
@@ -63,15 +73,16 @@ void destroy_ui_socket(void) {
  * @return: access status - ALLOW, DENY or ALLOW_TEMP
  * allowed for the runtime of the process
  */
-access_t ask_access(const char *filename, struct process_info proc_info) {
+struct dialogue_response ask_access(const char *filename,
+                                    struct process_info proc_info) {
   FILE *fp = NULL;
   char *command = NULL;
-  int ret =
+  int ret = asprintf(&command, "icfs_dialogue \"%d\" \"%s\" \"%s\" \"%s\"",
-      asprintf(&command,
+                     proc_info.PID, proc_info.name, get_mountpoint(), filename);
-               "zenity --question --extra-button \"Allow this time\" --title "
+
-               "\"Allow Access?\" --text \"Allow process "
+  struct dialogue_response response;
-               "<tt>%s</tt> with PID <tt>%d</tt> to access <tt>%s</tt>\"",
+  response.decision = DENY;
-               proc_info.name, proc_info.PID, filename, get_mountpoint());
+  response.filename = NULL;
 
   if (ret < 0) {
     // If asprintf fails, the contents of command are undefined (see man
@@ -80,38 +91,64 @@ access_t ask_access(const char *filename, struct process_info proc_info) {
     // justify preparing for this.
     fprintf(stderr, "Could not create query on rule insertion");
     perror("");
-    return 1;
+    response.decision = DENY;
+    response.filename = malloc(2);
+    response.filename[0] = '/';
+    response.filename[1] = 0;
+    return response;
   }
 
-  // Zenity Question Message Popup
+  // dialogue Question Message Popup
   fp = popen(command, "r");
   free(command);
 
   if (fp == NULL) {
     perror("Pipe returned a error");
-    return DENY;
+    response.decision = DENY;
+    response.filename = malloc(2);
+    response.filename[0] = '/';
+    response.filename[1] = 0;
+    return response;
   }
 
-  // if the user clicks the "Allow this time" button, `zenity` will only
+  str(char) dialogue_output;
-  // write it to `stdout`, but the exit code will still be `1`. So, we need
+  init(&dialogue_output);
-  // to manually check the output.
+
-  char buffer[sizeof(ZENITY_TEMP_ALLOW_MESSAGE) + 1];
+  char line[1024]; // Buffer to read individual lines
-  while (fgets(buffer, sizeof(buffer), fp)) {
+
-    printf("%s", buffer);
+  // Read the command output line by line
-    if (strcmp(buffer, ZENITY_TEMP_ALLOW_MESSAGE) == 0) {
+  while (fgets(line, sizeof(line), fp)) {
-      pclose(fp);
+    push_fmt(&dialogue_output, line);
-      return ALLOW_TEMP;
-    }
   }
 
-  int zenity_exit_code = WEXITSTATUS(pclose(fp));
+  int dialogue_exit_code = WEXITSTATUS(pclose(fp));
-  fprintf(stderr, "zenity returned %d\n", zenity_exit_code);
+  fprintf(stderr, "dialogue wrote out %s\n", first(&dialogue_output));
-  // zenity returns 1 on "No" >:(
+  fprintf(stderr, "dialogue returned %d\n", dialogue_exit_code);
-  if (zenity_exit_code == 0) {
+
-    return ALLOW;
+  if (size(&dialogue_output) == 0) {
+    push(&dialogue_output, '/');
   }
 
-  return DENY;
+  assert(strlen(first(&dialogue_output)) == size(&dialogue_output));
+
+  response.filename = malloc(size(&dialogue_output) + 1);
+  strcpy(response.filename, first(&dialogue_output));
+  // response.filename[size(&dialogue_output)] = 0;
+
+  // assert(0 == strcmp(response.filename, first(&dialogue_output)));
+  cleanup(&dialogue_output);
+
+  if (dialogue_exit_code == (DIALOGUE_YES | DIALOGUE_PERM)) {
+    response.decision = ALLOW;
+  } else if (dialogue_exit_code == DIALOGUE_YES) {
+    response.decision = ALLOW_TEMP;
+  } else if (dialogue_exit_code == (DIALOGUE_NO | DIALOGUE_PERM)) {
+    response.decision = DENY;
+  } else {
+    response.decision = DENY_TEMP;
+  }
+
+  return response;
 }
 
 /**
@@ -131,20 +168,36 @@ int interactive_access(const char *filename, struct process_info proc_info,
 
   access_t access = check_temp_access(real_path, proc_info);
   if (access == ALLOW) {
+    fprintf(stderr,
+            "Permission allowed to %s based on a rule present in the temp "
+            "permission table.\n",
+            proc_info.name);
     free(real_path);
     return 1;
   }
   if (access == DENY) {
+    fprintf(stderr,
+            "Permission denied to %s based on a rule present in the temp "
+            "permission table.\n",
+            proc_info.name);
     free(real_path);
     return 0;
   }
 
   access = check_perm_access(real_path, proc_info);
   if (access == ALLOW) {
+    fprintf(stderr,
+            "Permission allowed to %s based on a rule present in the perm "
+            "permission table.\n",
+            proc_info.name);
     free(real_path);
     return 1;
   }
   if (access == DENY) {
+    fprintf(stderr,
+            "Permission denied to %s based on a rule present in the perm "
+            "permission table.\n",
+            proc_info.name);
     free(real_path);
     return 0;
   }
@@ -153,35 +206,74 @@ int interactive_access(const char *filename, struct process_info proc_info,
   // permissions are granted
 
   if (opts & GRANT_PERM) {
-    give_perm_access(real_path, proc_info);
+    fprintf(stderr, "Permission granted permanently to %s.\n", proc_info.name);
+    set_perm_access(real_path, proc_info, SET_ALLOW);
     free(real_path);
     return 1;
   }
   if (opts & GRANT_TEMP) {
+    fprintf(stderr, "Permission granted temporarily to %s.\n", proc_info.name);
     set_temp_access(real_path, proc_info, SET_ALLOW);
     free(real_path);
     return 1;
   }
 
-  access_t user_response = ask_access(real_path, proc_info);
+  struct dialogue_response response = ask_access(filename, proc_info);
-  if (user_response == ALLOW) {
+  // fprintf(stderr, "%s", response.filename);
-    give_perm_access(real_path, proc_info);
+  // assert(0 != strlen(response.filename));
+
+  // the user might specify a different file in the dialogue, so we need to
+  // check if it is valid
+
+  while (source_access(response.filename, F_OK)) {
+    // if it is invalid, just ask again.
+    fprintf(stderr, "Filename returned by zenty wasn't correct: %s\n",
+            response.filename);
+    free(response.filename);
+    response = ask_access(filename, proc_info);
+  }
+
+  free(real_path);
+
+  real_path = real_filename(response.filename);
+  free(response.filename);
+
+  if (response.decision == ALLOW) {
+    fprintf(stderr,
+            "Permission granted permanently to %s based on zenty response.\n",
+            proc_info.name);
+    set_perm_access(real_path, proc_info, SET_ALLOW);
     free(real_path);
     return 1;
   }
 
-  if (user_response == ALLOW_TEMP) {
+  if (response.decision == ALLOW_TEMP) {
+    fprintf(stderr,
+            "Permission granted temporarily to %s based on zenty response.\n",
+            proc_info.name);
     set_temp_access(real_path, proc_info, SET_ALLOW);
     free(real_path);
     return 1;
   }
 
-  if (user_response == DENY) {
+  if (response.decision == DENY_TEMP) {
+    fprintf(stderr,
+            "Permission denied temporarily to %s based on zenty response.\n",
+            proc_info.name);
     set_temp_access(real_path, proc_info, SET_DENY);
     free(real_path);
     return 0;
   }
 
+  if (response.decision == DENY) {
+    fprintf(stderr,
+            "Permission denied permanently to %s based on zenty response.\n",
+            proc_info.name);
+    set_perm_access(real_path, proc_info, SET_DENY);
+    free(real_path);
+    return 0;
+  }
+
   free(real_path);
   // deny on unknown options.
   return 0;

test/mock/icfs_dialogue

@@ -0,0 +1,41 @@
+#!/bin/bash
+
+# fake-icfs_dialogue: script that mocks the behavior of icfs_dialogue based on the ./.fake-icfs_dialogue-response file
+
+ICFS_DIALOGUE_YES=0
+ICFS_DIALOGUE_NO=1
+ICFS_DIALOGUE_PERM=2
+
+if [[ $1 == "--set-fake-response" ]]; then
+  #someone knows we are fake :)
+  echo "$2" >~/.fake_icfs_dialogue_response
+elif [[ $1 == "--set-fake-response-filename" ]]; then
+  echo "$2" >~/.fake_icfs_dialogue_response_filename
+elif [[ $1 == "--reset-fake-response" ]]; then
+  rm ~/.fake_icfs_dialogue_response ~/.fake_icfs_dialogue_response_filename
+else
+  if [ -f ~/.fake_icfs_dialogue_response ]; then
+    FAKE_ICFS_DIALOGUE_RESPONSE=$(cat ~/.fake_icfs_dialogue_response)
+
+    if [[ -f ~/.fake_icfs_dialogue_response_filename ]]; then
+      FAKE_ICFS_DIALOGUE_RESPONSE_FILENAME=$(cat ~/.fake_icfs_dialogue_response_filename)
+      if [[ $FAKE_ICFS_DIALOGUE_RESPONSE_FILENAME == "" ]]; then
+        printf "%s" "$4"
+      else
+        printf "%s" "$(cat ~/.fake_icfs_dialogue_response_filename)"
+      fi
+    fi
+
+    if [[ $FAKE_ICFS_DIALOGUE_RESPONSE == "yes" ]]; then
+      exit "$ICFS_DIALOGUE_YES"
+    elif [[ $FAKE_ICFS_DIALOGUE_RESPONSE == "no" ]]; then
+      exit "$ICFS_DIALOGUE_NO"
+    elif [[ $FAKE_ICFS_DIALOGUE_RESPONSE == "yes_perm" ]]; then
+      exit "$((ICFS_DIALOGUE_YES | ICFS_DIALOGUE_PERM))"
+    elif [[ $FAKE_ICFS_DIALOGUE_RESPONSE == "no_perm" ]]; then
+      exit "$((ICFS_DIALOGUE_NO | ICFS_DIALOGUE_PERM))"
+    fi
+  fi
+fi
+
+exit 255 # TODO: call actual icfs_dialogue here

test/mock/zenity

@@ -1,23 +0,0 @@
-#!/bin/bash
-
-# fake-zenity: script that mocks the behavior of zenity based on the ./.fake-zenity-response file
-
-if [[ $1 == "--set-fake-response" ]]; then
-  #someone knows we are fake :)
-  echo $2 >~/.fake_zenity_response
-else
-  if [ -f ~/.fake_zenity_response ]; then
-    FAKE_ZENITY_RESPONSE=$(cat ~/.fake_zenity_response)
-
-    if [[ $FAKE_ZENITY_RESPONSE == "yes_tmp" ]]; then
-      printf "Allow this time\n"
-      exit 1
-    elif [[ $FAKE_ZENITY_RESPONSE == "no" ]]; then
-      exit 1
-    elif [[ $FAKE_ZENITY_RESPONSE == "yes" ]]; then
-      exit 0
-    fi
-  fi
-fi
-
-exit 255 # TODO: call actual zenity here

test/opener/Makefile

@@ -0,0 +1,81 @@
+SHELL=/bin/bash
+
+# configurable options
+
+ifndef ($(SOURCES_DIR))
+	SOURCES_DIR := .
+endif
+
+ifndef ($(TESTS_DIR))
+	TESTS_DIR := .
+endif
+
+ifndef ($(BUILD_DIR))
+	BUILD_DIR := .
+endif
+
+CC := gcc
+CXX := g++
+
+NAME := opener
+
+# dependencies
+
+PACKAGE_NAMES :=
+
+ifeq ($(TEST), 1)
+	#	PACKAGE_NAMES += check # TODO: use check?
+endif
+
+
+# set up cflags and libs
+
+CFLAGS :=
+LDFLAGS :=
+
+ifneq ($(PACKAGE_NAMES),)
+	CFLAGS += $(shell pkg-config --cflags $(PACKAGE_NAMES))
+	LDFLAGS += $(shell pkg-config --libs $(PACKAGE_NAMES))
+endif
+
+ifeq ($(DEBUG),1)
+	CFLAGS += -O0 -pedantic -g -Wall -Wextra -Wcast-align \
+						-Wcast-qual -Wdisabled-optimization -Wformat=2 \
+						-Winit-self -Wlogical-op -Wmissing-declarations \
+						-Wmissing-include-dirs -Wredundant-decls -Wshadow \
+						-Wsign-conversion -Wstrict-overflow=5 \
+						-Wswitch-default -Wundef -Wno-unused
+	LDFLAGS += 
+else
+	CFLAGS += -O3
+	LDFLAGS +=
+endif
+
+
+# set up targets 
+
+TARGETS := $(BUILD_DIR)/$(NAME)
+
+ifeq ($(TEST), 1)
+	TARGETS += $(NAME)_test
+endif
+
+
+# build!
+
+default: $(TARGETS)
+
+.PHONY: clean $(NAME)_test
+
+$(NAME)_test: $(BUILD_DIR)/$(NAME)
+	echo "No tests defined."
+	#$(BUILD_DIR)/$(NAME)
+
+$(BUILD_DIR)/$(NAME): $(BUILD_DIR)/$(NAME).o
+	$(CC) $(CFLAGS) $^ $(LDFLAGS) -o $(BUILD_DIR)/$(NAME)
+
+$(BUILD_DIR)/$(NAME).o: $(SOURCES_DIR)/$(NAME).c
+	$(CC) $(CFLAGS) -c $< $(LDFLAGS) -o $(BUILD_DIR)/$(NAME).o
+
+clean:
+	rm $(BUILD_DIR)/*.o $(BUILD_DIR)/$(NAME)

test/opener/opener.c

@@ -0,0 +1,86 @@
+#include <dirent.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+#define PATH_MAX 4096
+
+int main(int argc, char *argv[]) {
+  // Check for correct usage
+  if (argc != 2) {
+    fprintf(stderr, "Usage: %s <pathname>\n", argv[0]);
+    return 1;
+  }
+
+  const char *path = argv[1];
+  struct stat statbuf;
+
+  // Stat the given path to determine if it's a directory
+  if (lstat(path, &statbuf) == -1) {
+    perror("lstat");
+    return 1;
+  }
+
+  // Case 1: The path is not a directory
+  if (!S_ISDIR(statbuf.st_mode)) {
+    int fd = open(path, O_RDONLY);
+    if (fd == -1) {
+      perror("open");
+      return 1;
+    }
+    close(fd);
+    return 0;
+  }
+
+  // Case 2: The path is a directory
+  DIR *dirp = opendir(path);
+  if (dirp == NULL) {
+    perror("opendir");
+    return 1;
+  }
+
+  struct dirent *entry;
+  int success = 1;
+
+  while ((entry = readdir(dirp)) != NULL) {
+    // Skip . and ..
+    if (strcmp(entry->d_name, ".") == 0 || strcmp(entry->d_name, "..") == 0) {
+      continue;
+    }
+
+    // Construct the full path
+    char fullpath[PATH_MAX];
+    snprintf(fullpath, PATH_MAX, "%s/%s", path, entry->d_name);
+
+    // Stat the entry to check if it's a regular file
+    struct stat entry_stat;
+    if (lstat(fullpath, &entry_stat) == -1) {
+      perror("lstat");
+      success = 0;
+      break;
+    }
+
+    // Only process regular files
+    if (!S_ISREG(entry_stat.st_mode)) {
+      continue;
+    }
+
+    // Try to open and immediately close the file
+    int fd = open(fullpath, O_RDONLY);
+    if (fd == -1) {
+      perror("open");
+      success = 0;
+      break;
+    }
+    close(fd);
+  }
+
+  closedir(dirp);
+
+  return (success ? 0 : 1);
+}

test/test.bash

@@ -9,6 +9,24 @@ touch ./protected/do-not-remove ./protected/should-be-removed ./protected/truth
 chmod 777 ./protected/perm777 ./protected/perm000
 echo "Free code, free world." >./protected/motto
 
+mkdir protected/haystack
+for i in {1..10}; do
+  touch "./protected/haystack/hay$i"
+done
+touch ./protected/haystack/needle
+echo "Liberty in every line." >./protected/haystack/needle
+
+rm -rf ./openers
+mkdir openers
+make -C ./opener || (
+  echo "Could not make the opener program."
+  exit 1
+)
+for i in {1..10}; do
+  cp ./opener/opener "./openers/opener$i"
+  ln --symbolic "$(realpath "./openers/opener$i")" "./openers/symlinked_opener$i"
+done
+
 # set up the fake-zenity
 
 PATH="$(realpath ./mock/):$PATH"
@@ -28,7 +46,8 @@ if [[ $1 == "--setuid" ]]; then
 else
   echo "Database protection will not be tested due to the lack of setuid capabilites."
   echo "To test it, run this script with '--setuid'."
-  valgrind -s ../build/icfs -o default_permissions ./protected ./.pt.db &
+  #valgrind --leak-check=full -s ../build/icfs -o default_permissions -o debug ./protected ./.pt.db 2>&1 | grep "==\|zenity\|Permission\|column\|callback" &
+  valgrind --leak-check=full -s ../build/icfs -o default_permissions ./protected ./.pt.db &
   sleep 5
 fi
 
@@ -39,96 +58,156 @@ fi
 
 # create files
 
-zenity --set-fake-response no
+icfs_dialogue --set-fake-response no
 truncate -s 0 ./protected/should-exist-anyway 2>/dev/null &&
   echo "[ICFS-TEST]: OK" ||
   echo "[ICFS-TEST]: truncate cannot create protected/should-exist despite access being permitted!" # OK
 
-zenity --set-fake-response yes_tmp
+icfs_dialogue --set-fake-response yes
 truncate -s 0 ./protected/should-exist 2>/dev/null &&
   echo "[ICFS-TEST]: OK" ||
   echo "[ICFS-TEST]: truncate cannot create protected/should-exist despite access being permitted!" # OK
 
 # write to files
 
-zenity --set-fake-response no
+icfs_dialogue --set-fake-response no
 sed -e 'a\'"Linux is a cancer that attaches itself in an intellectual property sense to everything it touches." "./protected/truth" 2>/dev/null &&
   echo "[ICFS-TEST]: echo can write to protected/lie despite access being denied!" ||
   echo "[ICFS-TEST]: OK" # EACCESS
 
-zenity --set-fake-response yes_tmp
+icfs_dialogue --set-fake-response yes
 sed -e 'a\'"Sharing knowledge is the most fundamental act of friendship. Because it is a way you can give something without loosing something." "./protected/truth" 2>/dev/null &&
   echo "[ICFS-TEST]: OK" ||
   echo "[ICFS-TEST]: echo cannot write to protected/truth despite access being permitted!" # OK
 
 # Read files
 
-zenity --set-fake-response no
+icfs_dialogue --set-fake-response no
 cat ./protected/motto >/dev/null 2>/dev/null &&
   echo "[ICFS-TEST]: cat can read protected/this-only despite access being denied!" ||
   echo "[ICFS-TEST]: OK" # EACCESS
 
-zenity --set-fake-response yes_tmp
+icfs_dialogue --set-fake-response yes
 cat ./protected/motto >/dev/null 2>/dev/null &&
   echo "[ICFS-TEST]: OK" ||
   echo "[ICFS-TEST]: echo cannot create protected/this-only despite access being permitted!" # "Free code, free world."
 
 # remove files
 
-zenity --set-fake-response no
+icfs_dialogue --set-fake-response no
 rm ./protected/do-not-remove >/dev/null 2>/dev/null &&
   echo "[ICFS-TEST]: rm can unlink protected/do-not-remove despite access being denied!" ||
   echo "[ICFS-TEST]: OK" # EACCESS
 
-zenity --set-fake-response yes_tmp
+icfs_dialogue --set-fake-response yes
 rm ./protected/should-be-removed >/dev/null 2>/dev/null &&
   echo "[ICFS-TEST]: OK" ||
   echo "[ICFS-TEST]: rm cannot unlink protected/should-be-removed despite access being permitted!" # OK
 
 # rename files
 
-zenity --set-fake-response no
+icfs_dialogue --set-fake-response no
 mv ./protected/do-not-rename ./protected/terrible-name 2>/dev/null &&
   echo "[ICFS-TEST]: mv can rename protected/truth despite access being denied!" ||
   echo "[ICFS-TEST]: OK" # EACCESS
-zenity --set-fake-response yes_tmp
+icfs_dialogue --set-fake-response yes
 mv ./protected/should-be-renamed ./protected/great-name 2>/dev/null &&
   echo "[ICFS-TEST]: OK" ||
   echo "[ICFS-TEST]: mv cannot rename should-be-removed to renamed-file despite access being permitted!" # OK
 
 # change permissions
 
-zenity --set-fake-response no
+icfs_dialogue --set-fake-response no
 chmod 000 ./protected/perm777 2>/dev/null &&
   echo "[ICFS-TEST]: chmod can change permissions of protected/perm777 despite access being denied!" ||
   echo "[ICFS-TEST]: OK" # EACCESS
-zenity --set-fake-response yes_tmp
+icfs_dialogue --set-fake-response yes
 chmod 000 ./protected/perm000 2>/dev/null &&
   echo "[ICFS-TEST]: OK" ||
   echo "[ICFS-TEST]: chmod cannot change permissions of protected/perm000 despite access being permitted!" # OK
 
 # test permanent permissions
 
-zenity --set-fake-response yes
+icfs_dialogue --set-fake-response yes_perm
-cat ./protected/motto >/dev/null 2>/dev/null &&
+openers/opener1 ./protected/motto >/dev/null 2>/dev/null &&
   echo "[ICFS-TEST]: OK" ||
-  echo "[ICFS-TEST]: echo cannot read protected/motto despite access being permitted!" # OK
+  echo "[ICFS-TEST]: openers/opener1 cannot read protected/motto despite access being permitted!" # OK
 
-zenity --set-fake-response no # this should be ignored
+icfs_dialogue --set-fake-response no # this should be ignored
-cat ./protected/motto >/dev/null 2>/dev/null &&
+openers/opener1 ./protected/motto >/dev/null 2>/dev/null &&
   echo "[ICFS-TEST]: OK" ||
-  echo "[ICFS-TEST]: echo cannot read protected/motto despite access being permitted!" # OK
+  echo "[ICFS-TEST]: openers/opener1 cannot read protected/motto despite access being permitted!" # OK
+
+icfs_dialogue --set-fake-response no # this should be ignored
+openers/symlinked_opener1 ./protected/motto >/dev/null 2>/dev/null &&
+  echo "[ICFS-TEST]: OK" ||
+  echo "[ICFS-TEST]: openers/symlinked_opener1 cannot read protected/motto despite access being permitted!" # OK
+
+icfs_dialogue --set-fake-response no_perm
+openers/opener2 ./protected/motto >/dev/null 2>/dev/null &&
+  echo "[ICFS-TEST]: openers/opener2 can read protected/motto despite access being denied!" ||
+  echo "[ICFS-TEST]: OK" # EACCESS
+
+icfs_dialogue --set-fake-response yes # this should be ignored
+openers/opener2 ./protected/motto >/dev/null 2>/dev/null &&
+  echo "[ICFS-TEST]: openers/opener2 can read protected/motto despite access being denied!" ||
+  echo "[ICFS-TEST]: OK" # EACCESS
+
+icfs_dialogue --set-fake-response yes # this should be ignored
+openers/symlinked_opener2 ./protected/motto >/dev/null 2>/dev/null &&
+  echo "[ICFS-TEST]: openers/symlinked_opener2 can read protected/motto despite access being denied!" ||
+  echo "[ICFS-TEST]: OK" # EACCESS
+
+# test permission globbing
+
+icfs_dialogue --set-fake-response yes
+icfs_dialogue --set-fake-response-filename "/"
+openers/opener3 ./protected/haystack >/dev/null 2>/dev/null &&
+  echo "[ICFS-TEST]: OK" ||
+  echo "[ICFS-TEST]: openers/opener3 cannot read protected/haystack/needle despite access being permitted!" # OK
+
+icfs_dialogue --set-fake-response no
+icfs_dialogue --set-fake-response-filename "/"
+openers/opener4 ./protected/haystack >/dev/null 2>/dev/null &&
+  echo "[ICFS-TEST]: openers/opener4 can read files in protected/haystack despite access being denied!" ||
+  echo "[ICFS-TEST]: OK" # EACCESS
+
+icfs_dialogue --set-fake-response yes_perm
+icfs_dialogue --set-fake-response-filename "/"
+openers/opener5 ./protected/haystack/needle >/dev/null 2>/dev/null &&
+  echo "[ICFS-TEST]: OK" ||
+  echo "[ICFS-TEST]: openers/opener5 cannot read protected/haystack/needle despite access being permitted!" # OK
+
+icfs_dialogue --set-fake-response no # this should be ignored
+openers/opener5 ./protected/haystack >/dev/null 2>/dev/null &&
+  echo "[ICFS-TEST]: OK" ||
+  echo "[ICFS-TEST]: openers/opener5 cannot read files in protected/haystack despite access being permitted!" # OK
+
+icfs_dialogue --set-fake-response no_perm
+icfs_dialogue --set-fake-response-filename "/"
+openers/opener6 ./protected/haystack/needle >/dev/null 2>/dev/null &&
+  echo "[ICFS-TEST]: openers/opener6 can read protected/haystack/needle despite access being denied!" ||
+  echo "[ICFS-TEST]: OK" # EACCESS
+
+icfs_dialogue --set-fake-response yes # this should be ignored
+openers/opener6 ./protected/haystack >/dev/null 2>/dev/null &&
+  echo "[ICFS-TEST]: openers/opener6 can read files in protected/haystack despite access being denied!" ||
+  echo "[ICFS-TEST]: OK" # EACCESS
 
 # test database access
-if [[ -r "./.pt.db" || -w "./.pt.db" ]]; then
+if [[ $1 == '--setuid' ]]; then
-  echo "[ICFS-TEST]: permanent permissions is accessible!"
+  if [[ -r "./.pt.db" || -w "./.pt.db" ]]; then
+    echo "[ICFS-TEST]: permanent permissions database is accessible!"
+  else
+    echo "[ICFS-TEST]: OK"
+  fi
 else
-  echo "[ICFS-TEST]: OK"
+  echo "[ICFS-TEST]: permanent permissions database access was not tested due to the lack of seuid bit setting capabilites. To test this, run the script with '--setuid' flag"
 fi
 
 # unmount
 
 sleep 0.5
 #lsof +f -- $(realpath ./protected)
-umount $(realpath ./protected)
+umount "$(realpath ./protected)"
 sleep 0.5