aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLibravatar netblue30 <netblue30@yahoo.com>2020-10-13 08:55:35 -0400
committerLibravatar netblue30 <netblue30@yahoo.com>2020-10-13 08:55:35 -0400
commit8efb4d3a7e1a99794eb27d6ec4c093a46f9d34b3 (patch)
tree2edffffaaf37e1004fce886b827000f212e192a9
parentMerge pull request #3664 from dpellegr/master (diff)
downloadfirejail-8efb4d3a7e1a99794eb27d6ec4c093a46f9d34b3.tar.gz
firejail-8efb4d3a7e1a99794eb27d6ec4c093a46f9d34b3.tar.zst
firejail-8efb4d3a7e1a99794eb27d6ec4c093a46f9d34b3.zip
merges, fix for #3662 etc.
Diffstat
-rw-r--r--README2
-rw-r--r--etc/profile-a-l/fdns.profile8
-rw-r--r--src/firejail/main.c14
3 files changed, 18 insertions, 6 deletions
diff --git a/README b/README
index f6e384d4a..e394fe524 100644
--- a/README
+++ b/README
@@ -249,6 +249,8 @@ Danil Semelenov (https://github.com/sgtpep)
249Dara Adib (https://github.com/daradib) 249Dara Adib (https://github.com/daradib)
250 - ssh profile fix 250 - ssh profile fix
251 - evince profile fix 251 - evince profile fix
252Dario Pellegrini (https://github.com/dpellegr)
253 - allowing links in netns
252David Thole (https://github.com/TheDarkTrumpet) 254David Thole (https://github.com/TheDarkTrumpet)
253 - added profile for teams-for-linux 255 - added profile for teams-for-linux
254Davide Beatrici (https://github.com/davidebeatrici) 256Davide Beatrici (https://github.com/davidebeatrici)
diff --git a/etc/profile-a-l/fdns.profile b/etc/profile-a-l/fdns.profile
index 179540806..31cb1776c 100644
--- a/etc/profile-a-l/fdns.profile
+++ b/etc/profile-a-l/fdns.profile
@@ -29,20 +29,20 @@ no3d
29nodvd 29nodvd
30nogroups 30nogroups
31nonewprivs 31nonewprivs
32# noroot 32noroot
33nosound 33nosound
34notv 34notv
35nou2f 35nou2f
36novideo 36novideo
37protocol unix,inet,inet6 37protocol unix,inet,inet6,netlink
38#seccomp 38#seccomp
39#shell none 39#shell none
40 40
41disable-mnt 41disable-mnt
42private 42private
43private-bin bash,fdns,sh 43private-bin bash,fdns,sh
44# private-cache 44private-cache
45private-dev 45#private-dev
46private-etc ca-certificates,crypto-policies,fdns,ld.so.cache,ld.so.preload,localtime,nsswitch.conf,passwd,pki,ssl 46private-etc ca-certificates,crypto-policies,fdns,ld.so.cache,ld.so.preload,localtime,nsswitch.conf,passwd,pki,ssl
47# private-lib 47# private-lib
48private-tmp 48private-tmp
diff --git a/src/firejail/main.c b/src/firejail/main.c
index daa924698..06f81a987 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -3080,17 +3080,27 @@ int main(int argc, char **argv, char **envp) {
3080 // end of signal-safe code 3080 // end of signal-safe code
3081 //***************************** 3081 //*****************************
3082 3082
3083#if 0
3084// at this point the sandbox was closed and we are on our way out
3085// it would make sense to move this before waitpid above to free some memory
3086// crash for now as of issue #3662 from dhcp code
3083 // free globals 3087 // free globals
3084 if (cfg.profile) { 3088 if (cfg.profile) {
3085 ProfileEntry *prf = cfg.profile; 3089 ProfileEntry *prf = cfg.profile;
3086 while (prf != NULL) { 3090 while (prf != NULL) {
3087 ProfileEntry *next = prf->next; 3091 ProfileEntry *next = prf->next;
3088 free(prf->data); 3092printf("data #%s#\n", prf->data);
3089 free(prf->link); 3093 if (prf->data)
3094 free(prf->data);
3095printf("link #%s#\n", prf->link);
3096 if (prf->link)
3097 free(prf->link);
3090 free(prf); 3098 free(prf);
3091 prf = next; 3099 prf = next;
3092 } 3100 }
3093 } 3101 }
3102#endif
3103
3094 3104
3095 if (WIFEXITED(status)){ 3105 if (WIFEXITED(status)){
3096 myexit(WEXITSTATUS(status)); 3106 myexit(WEXITSTATUS(status));
generated by cgit v1.2.3-54-g00ecf (git 2.45.1) at 2024-05-27 14:29:53 +0000