diff options
author | netblue30 <netblue30@protonmail.com> | 2021-05-26 09:12:09 -0400 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2021-05-26 09:12:09 -0400 |
commit | 4909fa7efce4a36bd16e7bf80c9642b93c262ddf (patch) | |
tree | a1f051c787c45473a732e038564f02223ddfa14f /src | |
parent | fix firejail startup race (diff) | |
download | firejail-4909fa7efce4a36bd16e7bf80c9642b93c262ddf.tar.gz firejail-4909fa7efce4a36bd16e7bf80c9642b93c262ddf.tar.zst firejail-4909fa7efce4a36bd16e7bf80c9642b93c262ddf.zip |
deprecated follow-symlink-as-user from firejail.config
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/checkcfg.c | 1 | ||||
-rw-r--r-- | src/firejail/firejail.h | 1 | ||||
-rw-r--r-- | src/firejail/main.c | 4 |
3 files changed, 4 insertions, 2 deletions
diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c index 614b144e5..cb087d395 100644 --- a/src/firejail/checkcfg.c +++ b/src/firejail/checkcfg.c | |||
@@ -103,7 +103,6 @@ int checkcfg(int val) { | |||
103 | PARSE_YESNO(CFG_USERNS, "userns") | 103 | PARSE_YESNO(CFG_USERNS, "userns") |
104 | PARSE_YESNO(CFG_CHROOT, "chroot") | 104 | PARSE_YESNO(CFG_CHROOT, "chroot") |
105 | PARSE_YESNO(CFG_FIREJAIL_PROMPT, "firejail-prompt") | 105 | PARSE_YESNO(CFG_FIREJAIL_PROMPT, "firejail-prompt") |
106 | PARSE_YESNO(CFG_FOLLOW_SYMLINK_AS_USER, "follow-symlink-as-user") | ||
107 | PARSE_YESNO(CFG_FORCE_NONEWPRIVS, "force-nonewprivs") | 106 | PARSE_YESNO(CFG_FORCE_NONEWPRIVS, "force-nonewprivs") |
108 | PARSE_YESNO(CFG_SECCOMP, "seccomp") | 107 | PARSE_YESNO(CFG_SECCOMP, "seccomp") |
109 | PARSE_YESNO(CFG_WHITELIST, "whitelist") | 108 | PARSE_YESNO(CFG_WHITELIST, "whitelist") |
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 1c1ad4e97..1da70fd54 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
@@ -765,7 +765,6 @@ enum { | |||
765 | CFG_PRIVATE_HOME, | 765 | CFG_PRIVATE_HOME, |
766 | CFG_PRIVATE_BIN_NO_LOCAL, | 766 | CFG_PRIVATE_BIN_NO_LOCAL, |
767 | CFG_FIREJAIL_PROMPT, | 767 | CFG_FIREJAIL_PROMPT, |
768 | CFG_FOLLOW_SYMLINK_AS_USER, | ||
769 | CFG_DISABLE_MNT, | 768 | CFG_DISABLE_MNT, |
770 | CFG_JOIN, | 769 | CFG_JOIN, |
771 | CFG_ARP_PROBES, | 770 | CFG_ARP_PROBES, |
diff --git a/src/firejail/main.c b/src/firejail/main.c index 7cfa58078..31694558d 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -1904,6 +1904,8 @@ int main(int argc, char **argv, char **envp) { | |||
1904 | } | 1904 | } |
1905 | else if (strcmp(argv[i], "--private") == 0) { | 1905 | else if (strcmp(argv[i], "--private") == 0) { |
1906 | arg_private = 1; | 1906 | arg_private = 1; |
1907 | // disable whitelisting in home directory | ||
1908 | profile_add("whitelist ~/*"); | ||
1907 | } | 1909 | } |
1908 | else if (strncmp(argv[i], "--private=", 10) == 0) { | 1910 | else if (strncmp(argv[i], "--private=", 10) == 0) { |
1909 | if (cfg.home_private_keep) { | 1911 | if (cfg.home_private_keep) { |
@@ -1925,6 +1927,8 @@ int main(int argc, char **argv, char **envp) { | |||
1925 | cfg.home_private = NULL; | 1927 | cfg.home_private = NULL; |
1926 | } | 1928 | } |
1927 | arg_private = 1; | 1929 | arg_private = 1; |
1930 | // disable whitelisting in home directory | ||
1931 | profile_add("whitelist ~/*"); | ||
1928 | } | 1932 | } |
1929 | #ifdef HAVE_PRIVATE_HOME | 1933 | #ifdef HAVE_PRIVATE_HOME |
1930 | else if (strncmp(argv[i], "--private-home=", 15) == 0) { | 1934 | else if (strncmp(argv[i], "--private-home=", 15) == 0) { |