diff options
| author |  Kelvin M. Klann <kmk3.code@protonmail.com> | 2021-11-15 00:27:03 -0300 |
|---|---|---|
| committer | Kelvin M. Klann <kmk3.code@protonmail.com> | 2021-11-15 01:19:32 -0300 |
| commit | b5de1d0f910cbb1c4dae98957e7846731162e696 (patch) | |
| tree | c893694bc5ef6daded52d6c64a940ba0f476b5a6 | |
| parent | Profile fixes (diff) | |
| download | firejail-b5de1d0f9.tar.gz firejail-b5de1d0f9.tar.zst firejail-b5de1d0f9.zip | |
Fix inconsistent descriptions of machine-id option
Some places say that it "preserves" the file and other places say that
it "spoofs" the file. Based on the fs_machineid function on
src/firejail/fs_etc.c, the latter one is correct.
This amends commit d0cc960c9 ("spoof machine-id", 2016-12-05).
Fixes #4689.
Reported-by: @svc88
| -rw-r--r-- | src/firejail/firejail.h | 2 | ||||
| -rw-r--r-- | src/firejail/main.c | 2 | ||||
| -rw-r--r-- | src/firejail/usage.c | 2 | ||||
| -rw-r--r-- | src/zsh_completion/_firejail.in | 2 |
4 files changed, 4 insertions, 4 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index adfe77f41..251350acc 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
| @@ -341,7 +341,7 @@ extern int arg_allow_debuggers; // allow debuggers | |||
| 341 | extern int arg_x11_block; // block X11 | 341 | extern int arg_x11_block; // block X11 |
| 342 | extern int arg_x11_xorg; // use X11 security extension | 342 | extern int arg_x11_xorg; // use X11 security extension |
| 343 | extern int arg_allusers; // all user home directories visible | 343 | extern int arg_allusers; // all user home directories visible |
| 344 | extern int arg_machineid; // preserve /etc/machine-id | 344 | extern int arg_machineid; // spoof /etc/machine-id |
| 345 | extern int arg_disable_mnt; // disable /mnt and /media | 345 | extern int arg_disable_mnt; // disable /mnt and /media |
| 346 | extern int arg_noprofile; // use default.profile if none other found/specified | 346 | extern int arg_noprofile; // use default.profile if none other found/specified |
| 347 | extern int arg_memory_deny_write_execute; // block writable and executable memory | 347 | extern int arg_memory_deny_write_execute; // block writable and executable memory |
diff --git a/src/firejail/main.c b/src/firejail/main.c index dd36ac4b7..32c25c8d9 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
| @@ -137,7 +137,7 @@ int arg_allow_debuggers = 0; // allow debuggers | |||
| 137 | int arg_x11_block = 0; // block X11 | 137 | int arg_x11_block = 0; // block X11 |
| 138 | int arg_x11_xorg = 0; // use X11 security extension | 138 | int arg_x11_xorg = 0; // use X11 security extension |
| 139 | int arg_allusers = 0; // all user home directories visible | 139 | int arg_allusers = 0; // all user home directories visible |
| 140 | int arg_machineid = 0; // preserve /etc/machine-id | 140 | int arg_machineid = 0; // spoof /etc/machine-id |
| 141 | int arg_allow_private_blacklist = 0; // blacklist things in private directories | 141 | int arg_allow_private_blacklist = 0; // blacklist things in private directories |
| 142 | int arg_disable_mnt = 0; // disable /mnt and /media | 142 | int arg_disable_mnt = 0; // disable /mnt and /media |
| 143 | int arg_noprofile = 0; // use default.profile if none other found/specified | 143 | int arg_noprofile = 0; // use default.profile if none other found/specified |
diff --git a/src/firejail/usage.c b/src/firejail/usage.c index 92806d3f1..4a0f05528 100644 --- a/src/firejail/usage.c +++ b/src/firejail/usage.c | |||
| @@ -127,7 +127,7 @@ static char *usage_str = | |||
| 127 | #ifdef HAVE_NETWORK | 127 | #ifdef HAVE_NETWORK |
| 128 | " --mac=xx:xx:xx:xx:xx:xx - set interface MAC address.\n" | 128 | " --mac=xx:xx:xx:xx:xx:xx - set interface MAC address.\n" |
| 129 | #endif | 129 | #endif |
| 130 | " --machine-id - preserve /etc/machine-id\n" | 130 | " --machine-id - spoof /etc/machine-id with a random id\n" |
| 131 | " --memory-deny-write-execute - seccomp filter to block attempts to create\n" | 131 | " --memory-deny-write-execute - seccomp filter to block attempts to create\n" |
| 132 | "\tmemory mappings that are both writable and executable.\n" | 132 | "\tmemory mappings that are both writable and executable.\n" |
| 133 | " --mkdir=dirname - create a directory.\n" | 133 | " --mkdir=dirname - create a directory.\n" |
diff --git a/src/zsh_completion/_firejail.in b/src/zsh_completion/_firejail.in index b50c5cb46..f3090b31c 100644 --- a/src/zsh_completion/_firejail.in +++ b/src/zsh_completion/_firejail.in | |||
| @@ -105,7 +105,7 @@ _firejail_args=( | |||
| 105 | '--keep-config-pulse[disable automatic ~/.config/pulse init]' | 105 | '--keep-config-pulse[disable automatic ~/.config/pulse init]' |
| 106 | '--keep-dev-shm[/dev/shm directory is untouched (even with --private-dev)]' | 106 | '--keep-dev-shm[/dev/shm directory is untouched (even with --private-dev)]' |
| 107 | '--keep-var-tmp[/var/tmp directory is untouched]' | 107 | '--keep-var-tmp[/var/tmp directory is untouched]' |
| 108 | '--machine-id[preserve /etc/machine-id]' | 108 | '--machine-id[spoof /etc/machine-id]' |
| 109 | '--memory-deny-write-execute[seccomp filter to block attempts to create memory mappings that are both writable and executable]' | 109 | '--memory-deny-write-execute[seccomp filter to block attempts to create memory mappings that are both writable and executable]' |
| 110 | '*--mkdir=-[create a directory]:' | 110 | '*--mkdir=-[create a directory]:' |
| 111 | '*--mkfile=-[create a file]:' | 111 | '*--mkfile=-[create a file]:' |