--read-only fix

2 files changed, 10 insertions, 8 deletions

diff --git a/src/firejail/util.c b/src/firejail/util.c
index da73bbfd5..3d5fc214d 100644
--- a/src/firejail/util.c
+++ b/src/firejail/util.c
@@ -548,7 +548,7 @@ char *expand_home(const char *path, const char* homedir) {
                         errExit("asprintf");
                 return new_name;
         }
-        else if (strncmp(path, "~/", 2) == 0) {
+        else if (*path == '~') {
                 if (asprintf(&new_name, "%s%s", homedir, path + 1) == -1)
                         errExit("asprintf");
                 return new_name;
diff --git a/src/man/firejail.txt b/src/man/firejail.txt
index 29a84f71e..e3a660286 100644
--- a/src/man/firejail.txt
+++ b/src/man/firejail.txt
@@ -153,14 +153,7 @@ Example:
 .br
 $ sudo firejail \-\-caps.keep=chown,net_bind_service,setgid,\\
 setuid /etc/init.d/nginx start
-.br
 
-.br
-A short note about mixing \-\-whitelist and \-\-read-only options. Whitelisted directories
-should be made read-only independently. Making a parent directory read-only, will not
-make the whitelist read-only. Example:
-.br
-$ firejail --whitelist=~/work --read-only=~/ --read-only=~/work
 .TP
 \fB\-\-caps.print=name|pid
 Print the caps filter for the sandbox identified by name or by PID.
@@ -1138,6 +1131,15 @@ Set directory or file read-only.
 Example:
 .br
 $ firejail \-\-read-only=~/.mozilla firefox
+.br
+
+.br
+A short note about mixing \-\-whitelist and \-\-read-only options. Whitelisted directories
+should be made read-only independently. Making a parent directory read-only, will not
+make the whitelist read-only. Example:
+.br
+$ firejail --whitelist=~/work --read-only=~/ --read-only=~/work
+
 .TP
 \fB\-\-rlimit-fsize=number
 Set the maximum file size that can be created by a process.