diff options
| author |  netblue30 <netblue30@protonmail.com> | 2021-05-26 09:12:09 -0400 |
|---|---|---|
| committer | netblue30 <netblue30@protonmail.com> | 2021-05-26 09:12:09 -0400 |
| commit | 4909fa7efce4a36bd16e7bf80c9642b93c262ddf (patch) | |
| tree | a1f051c787c45473a732e038564f02223ddfa14f /src | |
| parent | fix firejail startup race (diff) | |
| download | firejail-4909fa7efce4a36bd16e7bf80c9642b93c262ddf.tar.gz firejail-4909fa7efce4a36bd16e7bf80c9642b93c262ddf.tar.zst firejail-4909fa7efce4a36bd16e7bf80c9642b93c262ddf.zip | |
deprecated follow-symlink-as-user from firejail.config
Diffstat (limited to 'src')
| -rw-r--r-- | src/firejail/checkcfg.c | 1 | ||||
| -rw-r--r-- | src/firejail/firejail.h | 1 | ||||
| -rw-r--r-- | src/firejail/main.c | 4 |
3 files changed, 4 insertions, 2 deletions
diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c index 614b144e5..cb087d395 100644 --- a/src/firejail/checkcfg.c +++ b/src/firejail/checkcfg.c | |||
| @@ -103,7 +103,6 @@ int checkcfg(int val) { | |||
| 103 | PARSE_YESNO(CFG_USERNS, "userns") | 103 | PARSE_YESNO(CFG_USERNS, "userns") |
| 104 | PARSE_YESNO(CFG_CHROOT, "chroot") | 104 | PARSE_YESNO(CFG_CHROOT, "chroot") |
| 105 | PARSE_YESNO(CFG_FIREJAIL_PROMPT, "firejail-prompt") | 105 | PARSE_YESNO(CFG_FIREJAIL_PROMPT, "firejail-prompt") |
| 106 | PARSE_YESNO(CFG_FOLLOW_SYMLINK_AS_USER, "follow-symlink-as-user") | ||
| 107 | PARSE_YESNO(CFG_FORCE_NONEWPRIVS, "force-nonewprivs") | 106 | PARSE_YESNO(CFG_FORCE_NONEWPRIVS, "force-nonewprivs") |
| 108 | PARSE_YESNO(CFG_SECCOMP, "seccomp") | 107 | PARSE_YESNO(CFG_SECCOMP, "seccomp") |
| 109 | PARSE_YESNO(CFG_WHITELIST, "whitelist") | 108 | PARSE_YESNO(CFG_WHITELIST, "whitelist") |
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 1c1ad4e97..1da70fd54 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
| @@ -765,7 +765,6 @@ enum { | |||
| 765 | CFG_PRIVATE_HOME, | 765 | CFG_PRIVATE_HOME, |
| 766 | CFG_PRIVATE_BIN_NO_LOCAL, | 766 | CFG_PRIVATE_BIN_NO_LOCAL, |
| 767 | CFG_FIREJAIL_PROMPT, | 767 | CFG_FIREJAIL_PROMPT, |
| 768 | CFG_FOLLOW_SYMLINK_AS_USER, | ||
| 769 | CFG_DISABLE_MNT, | 768 | CFG_DISABLE_MNT, |
| 770 | CFG_JOIN, | 769 | CFG_JOIN, |
| 771 | CFG_ARP_PROBES, | 770 | CFG_ARP_PROBES, |
diff --git a/src/firejail/main.c b/src/firejail/main.c index 7cfa58078..31694558d 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
| @@ -1904,6 +1904,8 @@ int main(int argc, char **argv, char **envp) { | |||
| 1904 | } | 1904 | } |
| 1905 | else if (strcmp(argv[i], "--private") == 0) { | 1905 | else if (strcmp(argv[i], "--private") == 0) { |
| 1906 | arg_private = 1; | 1906 | arg_private = 1; |
| 1907 | // disable whitelisting in home directory | ||
| 1908 | profile_add("whitelist ~/*"); | ||
| 1907 | } | 1909 | } |
| 1908 | else if (strncmp(argv[i], "--private=", 10) == 0) { | 1910 | else if (strncmp(argv[i], "--private=", 10) == 0) { |
| 1909 | if (cfg.home_private_keep) { | 1911 | if (cfg.home_private_keep) { |
| @@ -1925,6 +1927,8 @@ int main(int argc, char **argv, char **envp) { | |||
| 1925 | cfg.home_private = NULL; | 1927 | cfg.home_private = NULL; |
| 1926 | } | 1928 | } |
| 1927 | arg_private = 1; | 1929 | arg_private = 1; |
| 1930 | // disable whitelisting in home directory | ||
| 1931 | profile_add("whitelist ~/*"); | ||
| 1928 | } | 1932 | } |
| 1929 | #ifdef HAVE_PRIVATE_HOME | 1933 | #ifdef HAVE_PRIVATE_HOME |
| 1930 | else if (strncmp(argv[i], "--private-home=", 15) == 0) { | 1934 | else if (strncmp(argv[i], "--private-home=", 15) == 0) { |