diff options
author | 2023-06-18 22:04:58 -0400 | |
---|---|---|
committer | 2023-06-18 22:04:58 -0400 | |
commit | 8b4072faf6603ed61aa4039001832896e00b3d04 (patch) | |
tree | 2cb67bda339b9cf51e3e78ab9cfb0bcc0cf79448 | |
parent | Merge pull request #5857 from kmk3/ci-standardize-apt (diff) | |
download | firejail-8b4072faf6603ed61aa4039001832896e00b3d04.tar.gz firejail-8b4072faf6603ed61aa4039001832896e00b3d04.tar.zst firejail-8b4072faf6603ed61aa4039001832896e00b3d04.zip |
cleanup
-rw-r--r-- | etc/profile-a-l/fdns.profile | 2 | ||||
-rw-r--r-- | src/firejail/no_sandbox.c | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/etc/profile-a-l/fdns.profile b/etc/profile-a-l/fdns.profile index 77e16a56b..4dbf3c194 100644 --- a/etc/profile-a-l/fdns.profile +++ b/etc/profile-a-l/fdns.profile | |||
@@ -21,6 +21,7 @@ include disable-xdg.inc | |||
21 | #include whitelist-usr-share-common.inc | 21 | #include whitelist-usr-share-common.inc |
22 | #include whitelist-var-common.inc | 22 | #include whitelist-var-common.inc |
23 | 23 | ||
24 | apparmor /usr/bin/fdns | ||
24 | caps.keep kill,net_bind_service,setgid,setuid,sys_admin,sys_chroot | 25 | caps.keep kill,net_bind_service,setgid,setuid,sys_admin,sys_chroot |
25 | ipc-namespace | 26 | ipc-namespace |
26 | # netfilter /etc/firejail/webserver.net | 27 | # netfilter /etc/firejail/webserver.net |
@@ -47,4 +48,3 @@ private-etc @tls-ca,fdns | |||
47 | private-tmp | 48 | private-tmp |
48 | 49 | ||
49 | memory-deny-write-execute | 50 | memory-deny-write-execute |
50 | restrict-namespaces | ||
diff --git a/src/firejail/no_sandbox.c b/src/firejail/no_sandbox.c index 22ee9dc3c..9c5e3ee58 100644 --- a/src/firejail/no_sandbox.c +++ b/src/firejail/no_sandbox.c | |||
@@ -120,7 +120,7 @@ int check_kernel_procs(void) { | |||
120 | 120 | ||
121 | // read file | 121 | // read file |
122 | char buf[100]; | 122 | char buf[100]; |
123 | if (fgets(buf, 10, fp) == NULL) { | 123 | if (fgets(buf, 100, fp) == NULL) { |
124 | fwarning("cannot read %s\n", fname); | 124 | fwarning("cannot read %s\n", fname); |
125 | fclose(fp); | 125 | fclose(fp); |
126 | free(fname); | 126 | free(fname); |