diff options
author | Kelvin M. Klann <kmk3.code@protonmail.com> | 2021-11-15 00:27:03 -0300 |
---|---|---|
committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2021-11-15 01:19:32 -0300 |
commit | b5de1d0f910cbb1c4dae98957e7846731162e696 (patch) | |
tree | c893694bc5ef6daded52d6c64a940ba0f476b5a6 | |
parent | Profile fixes (diff) | |
download | firejail-b5de1d0f910cbb1c4dae98957e7846731162e696.tar.gz firejail-b5de1d0f910cbb1c4dae98957e7846731162e696.tar.zst firejail-b5de1d0f910cbb1c4dae98957e7846731162e696.zip |
Fix inconsistent descriptions of machine-id option
Some places say that it "preserves" the file and other places say that
it "spoofs" the file. Based on the fs_machineid function on
src/firejail/fs_etc.c, the latter one is correct.
This amends commit d0cc960c9 ("spoof machine-id", 2016-12-05).
Fixes #4689.
Reported-by: @svc88
-rw-r--r-- | src/firejail/firejail.h | 2 | ||||
-rw-r--r-- | src/firejail/main.c | 2 | ||||
-rw-r--r-- | src/firejail/usage.c | 2 | ||||
-rw-r--r-- | src/zsh_completion/_firejail.in | 2 |
4 files changed, 4 insertions, 4 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index adfe77f41..251350acc 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
@@ -341,7 +341,7 @@ extern int arg_allow_debuggers; // allow debuggers | |||
341 | extern int arg_x11_block; // block X11 | 341 | extern int arg_x11_block; // block X11 |
342 | extern int arg_x11_xorg; // use X11 security extension | 342 | extern int arg_x11_xorg; // use X11 security extension |
343 | extern int arg_allusers; // all user home directories visible | 343 | extern int arg_allusers; // all user home directories visible |
344 | extern int arg_machineid; // preserve /etc/machine-id | 344 | extern int arg_machineid; // spoof /etc/machine-id |
345 | extern int arg_disable_mnt; // disable /mnt and /media | 345 | extern int arg_disable_mnt; // disable /mnt and /media |
346 | extern int arg_noprofile; // use default.profile if none other found/specified | 346 | extern int arg_noprofile; // use default.profile if none other found/specified |
347 | extern int arg_memory_deny_write_execute; // block writable and executable memory | 347 | extern int arg_memory_deny_write_execute; // block writable and executable memory |
diff --git a/src/firejail/main.c b/src/firejail/main.c index dd36ac4b7..32c25c8d9 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -137,7 +137,7 @@ int arg_allow_debuggers = 0; // allow debuggers | |||
137 | int arg_x11_block = 0; // block X11 | 137 | int arg_x11_block = 0; // block X11 |
138 | int arg_x11_xorg = 0; // use X11 security extension | 138 | int arg_x11_xorg = 0; // use X11 security extension |
139 | int arg_allusers = 0; // all user home directories visible | 139 | int arg_allusers = 0; // all user home directories visible |
140 | int arg_machineid = 0; // preserve /etc/machine-id | 140 | int arg_machineid = 0; // spoof /etc/machine-id |
141 | int arg_allow_private_blacklist = 0; // blacklist things in private directories | 141 | int arg_allow_private_blacklist = 0; // blacklist things in private directories |
142 | int arg_disable_mnt = 0; // disable /mnt and /media | 142 | int arg_disable_mnt = 0; // disable /mnt and /media |
143 | int arg_noprofile = 0; // use default.profile if none other found/specified | 143 | int arg_noprofile = 0; // use default.profile if none other found/specified |
diff --git a/src/firejail/usage.c b/src/firejail/usage.c index 92806d3f1..4a0f05528 100644 --- a/src/firejail/usage.c +++ b/src/firejail/usage.c | |||
@@ -127,7 +127,7 @@ static char *usage_str = | |||
127 | #ifdef HAVE_NETWORK | 127 | #ifdef HAVE_NETWORK |
128 | " --mac=xx:xx:xx:xx:xx:xx - set interface MAC address.\n" | 128 | " --mac=xx:xx:xx:xx:xx:xx - set interface MAC address.\n" |
129 | #endif | 129 | #endif |
130 | " --machine-id - preserve /etc/machine-id\n" | 130 | " --machine-id - spoof /etc/machine-id with a random id\n" |
131 | " --memory-deny-write-execute - seccomp filter to block attempts to create\n" | 131 | " --memory-deny-write-execute - seccomp filter to block attempts to create\n" |
132 | "\tmemory mappings that are both writable and executable.\n" | 132 | "\tmemory mappings that are both writable and executable.\n" |
133 | " --mkdir=dirname - create a directory.\n" | 133 | " --mkdir=dirname - create a directory.\n" |
diff --git a/src/zsh_completion/_firejail.in b/src/zsh_completion/_firejail.in index b50c5cb46..f3090b31c 100644 --- a/src/zsh_completion/_firejail.in +++ b/src/zsh_completion/_firejail.in | |||
@@ -105,7 +105,7 @@ _firejail_args=( | |||
105 | '--keep-config-pulse[disable automatic ~/.config/pulse init]' | 105 | '--keep-config-pulse[disable automatic ~/.config/pulse init]' |
106 | '--keep-dev-shm[/dev/shm directory is untouched (even with --private-dev)]' | 106 | '--keep-dev-shm[/dev/shm directory is untouched (even with --private-dev)]' |
107 | '--keep-var-tmp[/var/tmp directory is untouched]' | 107 | '--keep-var-tmp[/var/tmp directory is untouched]' |
108 | '--machine-id[preserve /etc/machine-id]' | 108 | '--machine-id[spoof /etc/machine-id]' |
109 | '--memory-deny-write-execute[seccomp filter to block attempts to create memory mappings that are both writable and executable]' | 109 | '--memory-deny-write-execute[seccomp filter to block attempts to create memory mappings that are both writable and executable]' |
110 | '*--mkdir=-[create a directory]:' | 110 | '*--mkdir=-[create a directory]:' |
111 | '*--mkfile=-[create a file]:' | 111 | '*--mkfile=-[create a file]:' |