diff options
author | netblue30 <netblue30@yahoo.com> | 2017-10-02 08:56:54 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-10-02 08:56:54 -0400 |
commit | 8d7db067a134cdb3893a537ee3097091f8f7776a (patch) | |
tree | 1b4a12f5766757da2eef50fbd3478ca79128273f | |
parent | temporary fix for inkscape profile (diff) | |
download | firejail-8d7db067a134cdb3893a537ee3097091f8f7776a.tar.gz firejail-8d7db067a134cdb3893a537ee3097091f8f7776a.tar.zst firejail-8d7db067a134cdb3893a537ee3097091f8f7776a.zip |
potential fix for mutt/gnupg issue #1585
-rw-r--r-- | etc/mutt.profile | 1 | ||||
-rw-r--r-- | src/firejail/main.c | 2 | ||||
-rw-r--r-- | src/firejail/usage.c | 2 | ||||
-rw-r--r-- | src/man/firejail.txt | 2 |
4 files changed, 5 insertions, 2 deletions
diff --git a/etc/mutt.profile b/etc/mutt.profile index fbee46393..bdd629773 100644 --- a/etc/mutt.profile +++ b/etc/mutt.profile | |||
@@ -50,5 +50,6 @@ novideo | |||
50 | protocol unix,inet,inet6 | 50 | protocol unix,inet,inet6 |
51 | seccomp | 51 | seccomp |
52 | shell none | 52 | shell none |
53 | writable-run-user | ||
53 | 54 | ||
54 | private-dev | 55 | private-dev |
diff --git a/src/firejail/main.c b/src/firejail/main.c index 1b49c5fb3..e83bc899f 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -931,7 +931,7 @@ int main(int argc, char **argv) { | |||
931 | 931 | ||
932 | // check argv[0] symlink wrapper if this is not a login shell | 932 | // check argv[0] symlink wrapper if this is not a login shell |
933 | if (*argv[0] != '-') | 933 | if (*argv[0] != '-') |
934 | run_symlink(argc, argv); // this function will not return | 934 | run_symlink(argc, argv); // if symlink detected, this function will not return |
935 | 935 | ||
936 | // check if we already have a sandbox running | 936 | // check if we already have a sandbox running |
937 | // If LXC is detected, start firejail sandbox | 937 | // If LXC is detected, start firejail sandbox |
diff --git a/src/firejail/usage.c b/src/firejail/usage.c index f09eb6416..28b5cc8a4 100644 --- a/src/firejail/usage.c +++ b/src/firejail/usage.c | |||
@@ -210,6 +210,8 @@ void usage(void) { | |||
210 | printf(" --whitelist=filename - whitelist directory or file.\n"); | 210 | printf(" --whitelist=filename - whitelist directory or file.\n"); |
211 | #endif | 211 | #endif |
212 | printf(" --writable-etc - /etc directory is mounted read-write.\n"); | 212 | printf(" --writable-etc - /etc directory is mounted read-write.\n"); |
213 | printf(" --writable-run-user - allow access to /run/user/$UID/systemd and\n"); | ||
214 | printf("\t/run/user/$UID/gnupg.\n"); | ||
213 | printf(" --writable-var - /var directory is mounted read-write.\n"); | 215 | printf(" --writable-var - /var directory is mounted read-write.\n"); |
214 | printf(" --writable-var-log - use the real /var/log directory, not a clone.\n"); | 216 | printf(" --writable-var-log - use the real /var/log directory, not a clone.\n"); |
215 | #ifdef HAVE_X11 | 217 | #ifdef HAVE_X11 |
diff --git a/src/man/firejail.txt b/src/man/firejail.txt index 9bbb224e1..17ddd5c88 100644 --- a/src/man/firejail.txt +++ b/src/man/firejail.txt | |||
@@ -1978,7 +1978,7 @@ $ sudo firejail --writable-etc | |||
1978 | 1978 | ||
1979 | .TP | 1979 | .TP |
1980 | \fB\-\-writable-run-user | 1980 | \fB\-\-writable-run-user |
1981 | Disable the default blacklisting of run/user/$UID/systemd and /run/user/$UID/gnupg. | 1981 | Disable the default blacklisting of /run/user/$UID/systemd and /run/user/$UID/gnupg. |
1982 | .br | 1982 | .br |
1983 | 1983 | ||
1984 | .br | 1984 | .br |