diff options
author | startx2017 <vradu.startx@yandex.com> | 2017-09-07 07:23:36 -0400 |
---|---|---|
committer | startx2017 <vradu.startx@yandex.com> | 2017-09-07 07:23:36 -0400 |
commit | a890af827b8179562e74447de6638a122ddebc62 (patch) | |
tree | 4963ebc12ccd05af887aa9baeff6ded9376d287b /src | |
parent | Merge pull request #1536 from SpotComms/mt (diff) | |
download | firejail-a890af827b8179562e74447de6638a122ddebc62.tar.gz firejail-a890af827b8179562e74447de6638a122ddebc62.tar.zst firejail-a890af827b8179562e74447de6638a122ddebc62.zip |
small fixes
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/fs_whitelist.c | 15 | ||||
-rw-r--r-- | src/firejail/preproc.c | 2 |
2 files changed, 11 insertions, 6 deletions
diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c index dad8545a0..6e766f996 100644 --- a/src/firejail/fs_whitelist.c +++ b/src/firejail/fs_whitelist.c | |||
@@ -128,10 +128,12 @@ static char *resolve_downloads(int nowhitelist_flag) { | |||
128 | return NULL; | 128 | return NULL; |
129 | 129 | ||
130 | errout: | 130 | errout: |
131 | fprintf(stderr, "***\n"); | 131 | if (!arg_private) { |
132 | fprintf(stderr, "*** Error: Downloads directory was not found in user home.\n"); | 132 | fprintf(stderr, "***\n"); |
133 | fprintf(stderr, "*** \tAny files saved by the program, will be lost when the sandbox is closed.\n"); | 133 | fprintf(stderr, "*** Error: Downloads directory was not found in user home.\n"); |
134 | fprintf(stderr, "***\n"); | 134 | fprintf(stderr, "*** \tAny files saved by the program, will be lost when the sandbox is closed.\n"); |
135 | fprintf(stderr, "***\n"); | ||
136 | } | ||
135 | 137 | ||
136 | return NULL; | 138 | return NULL; |
137 | } | 139 | } |
@@ -353,7 +355,7 @@ void fs_whitelist(void) { | |||
353 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; | 355 | dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; |
354 | } | 356 | } |
355 | else { | 357 | else { |
356 | if (!nowhitelist_flag && !arg_quiet) { | 358 | if (!nowhitelist_flag && !arg_quiet && !arg_private) { |
357 | fprintf(stderr, "***\n"); | 359 | fprintf(stderr, "***\n"); |
358 | fprintf(stderr, "*** Warning: cannot whitelist Downloads directory\n"); | 360 | fprintf(stderr, "*** Warning: cannot whitelist Downloads directory\n"); |
359 | fprintf(stderr, "*** \tAny file saved will be lost when the sandbox is closed.\n"); | 361 | fprintf(stderr, "*** \tAny file saved will be lost when the sandbox is closed.\n"); |
@@ -441,7 +443,8 @@ void fs_whitelist(void) { | |||
441 | if (strncmp(new_name, cfg.homedir, strlen(cfg.homedir)) == 0) { | 443 | if (strncmp(new_name, cfg.homedir, strlen(cfg.homedir)) == 0) { |
442 | // whitelisting home directory is disabled if --private option is present | 444 | // whitelisting home directory is disabled if --private option is present |
443 | if (arg_private) { | 445 | if (arg_private) { |
444 | fwarning("\"%s\" disabled by --private\n", entry->data); | 446 | if (arg_debug || arg_debug_whitelists) |
447 | printf("\"%s\" disabled by --private\n", entry->data); | ||
445 | 448 | ||
446 | entry->data = EMPTY_STRING; | 449 | entry->data = EMPTY_STRING; |
447 | continue; | 450 | continue; |
diff --git a/src/firejail/preproc.c b/src/firejail/preproc.c index 42502008e..5039c6238 100644 --- a/src/firejail/preproc.c +++ b/src/firejail/preproc.c | |||
@@ -81,6 +81,7 @@ void preproc_mount_mnt_dir(void) { | |||
81 | tmpfs_mounted = 1; | 81 | tmpfs_mounted = 1; |
82 | fs_logger2("tmpfs", RUN_MNT_DIR); | 82 | fs_logger2("tmpfs", RUN_MNT_DIR); |
83 | 83 | ||
84 | #ifdef HAVE_SECCOMP | ||
84 | if (arg_seccomp_block_secondary) | 85 | if (arg_seccomp_block_secondary) |
85 | copy_file(PATH_SECCOMP_BLOCK_SECONDARY, RUN_SECCOMP_BLOCK_SECONDARY, getuid(), getgid(), 0644); // root needed | 86 | copy_file(PATH_SECCOMP_BLOCK_SECONDARY, RUN_SECCOMP_BLOCK_SECONDARY, getuid(), getgid(), 0644); // root needed |
86 | else { | 87 | else { |
@@ -102,6 +103,7 @@ void preproc_mount_mnt_dir(void) { | |||
102 | create_empty_file_as_root(RUN_SECCOMP_POSTEXEC, 0644); | 103 | create_empty_file_as_root(RUN_SECCOMP_POSTEXEC, 0644); |
103 | if (set_perms(RUN_SECCOMP_POSTEXEC, getuid(), getgid(), 0644)) | 104 | if (set_perms(RUN_SECCOMP_POSTEXEC, getuid(), getgid(), 0644)) |
104 | errExit("set_perms"); | 105 | errExit("set_perms"); |
106 | #endif | ||
105 | } | 107 | } |
106 | } | 108 | } |
107 | 109 | ||