cleanup and small fixes

4 files changed, 3 insertions, 22 deletions

diff --git a/src/firejail/caps.c b/src/firejail/caps.c
index cd7dbee74..12d0eec57 100644
--- a/src/firejail/caps.c
+++ b/src/firejail/caps.c
@@ -309,7 +309,7 @@ int caps_default_filter(void) {
 
 void caps_drop_all(void) {
         if (arg_debug)
-                printf("Droping all capabilities\n");
+                printf("Dropping all capabilities\n");
 
         unsigned long cap;
         for (cap=0; cap <= 63; cap++) {
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c
index fca5f51c8..98d62b685 100644
--- a/src/firejail/fs_home.c
+++ b/src/firejail/fs_home.c
@@ -203,12 +203,6 @@ void fs_private_homedir(void) {
                         printf("Mounting a new /home directory\n");
                 if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC,  "mode=755,gid=0") < 0)
                         errExit("mounting home directory");
-
-                // mask /tmp only in root mode; KDE keeps all kind of sockets in /tmp!
-                if (arg_debug)
-                        printf("Mounting a new /tmp directory\n");
-                if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC,  "mode=777,gid=0") < 0)
-                        errExit("mounting tmp directory");
         }
         
 
@@ -253,13 +247,6 @@ void fs_private(void) {
                 if (chown(homedir, u, g) < 0)
                         errExit("chown");
         }
-        else {
-                // mask tmp only in root mode; KDE keeps all kind of sockets in /tmp!
-                if (arg_debug)
-                        printf("Mounting a new /tmp directory\n");
-                if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC,  "mode=777,gid=0") < 0)
-                        errExit("mounting tmp directory");
-        }
         
         skel(homedir, u, g);
         if (xflag)
@@ -502,12 +489,6 @@ void fs_private_home_list(void) {
                         printf("Mounting a new /home directory\n");
                 if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC,  "mode=755,gid=0") < 0)
                         errExit("mounting home directory");
-
-                // mask /tmp only in root mode; KDE keeps all kind of sockets in /tmp!
-                if (arg_debug)
-                        printf("Mounting a new /tmp directory\n");
-                if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC,  "mode=777,gid=0") < 0)
-                        errExit("mounting tmp directory");
         }
 
         skel(homedir, u, g);
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 3b2e7e4d9..43a468c46 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -1084,7 +1084,7 @@ int main(int argc, char **argv) {
                         }
                         
                         if (custom_profile)
-                                printf("\n** Note: %s profile can be disabled by --noprofile option **\n\n", profile_name);
+                                printf("\n** Note: you can use --noprofile to disable %s.profile **\n\n", profile_name);
                 }
         }
 
diff --git a/src/firejail/netfilter.c b/src/firejail/netfilter.c
index 5b5026a3d..8601a5696 100644
--- a/src/firejail/netfilter.c
+++ b/src/firejail/netfilter.c
@@ -87,7 +87,7 @@ void netfilter(const char *fname) {
                 allocated = 1;
         }
 
-        // mount a tempfs on top of /tmp directory
+        // temporarily mount a tempfs on top of /tmp directory
         if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=755,gid=0") < 0)
                 errExit("mounting /tmp");