2 files changed, 22 insertions, 1 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c
index ef8166204..3c8667829 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -1589,7 +1589,26 @@ int main(int argc, char **argv, char **envp) {
                        profile_add(line);
                }
 #endif
+                else if (strncmp(argv[i], "--mkdir=", 8) == 0) {
+                        char *line;
+                        if (asprintf(&line, "mkdir %s", argv[i] + 8) == -1)
+                                errExit("asprintf");
+                        /* Note: Applied both immediately in profile_check_line()
+                         *       and later on via fs_blacklist().
+                         */
+                        profile_check_line(line, 0, NULL);
+                        profile_add(line);
+                }
+                else if (strncmp(argv[i], "--mkfile=", 9) == 0) {
+                        char *line;
+                        if (asprintf(&line, "mkfile %s", argv[i] + 9) == -1)
+                                errExit("asprintf");
+                        /* Note: Applied both immediately in profile_check_line()
+                         *       and later on via fs_blacklist().
+                         */
+                        profile_check_line(line, 0, NULL);
+                        profile_add(line);
+                }
                else if (strncmp(argv[i], "--read-only=", 12) == 0) {
                        char *line;
                        if (asprintf(&line, "read-only %s", argv[i] + 12) == -1)
diff --git a/src/firejail/usage.c b/src/firejail/usage.c
index 2c6bbf98f..1ac30299a 100644
--- a/src/firejail/usage.c
+++ b/src/firejail/usage.c
@@ -246,6 +246,8 @@ static char *usage_str =
 #ifdef HAVE_WHITELIST
        "    --whitelist=filename - whitelist directory or file.\n"
 #endif
+        "    --mkdir=dirname - create a directory.\n"
+        "    --mkfile=filename - create a file.\n"
        "    --writable-etc - /etc directory is mounted read-write.\n"
        "    --writable-run-user - allow access to /run/user/$UID/systemd and\n"
        "\t/run/user/$UID/gnupg.\n"

diff --git a/src/firejail/main.c b/src/firejail/main.c index ef8166204..3c8667829 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c
@@ -1589,7 +1589,26 @@ int main(int argc, char argv, char envp) {
1589	profile_add(line);	1589	profile_add(line);
1590	}	1590	}
1591	#endif	1591	#endif
1592		1592	else if (strncmp(argv[i], "--mkdir=", 8) == 0) {
		1593	char *line;
		1594	if (asprintf(&line, "mkdir %s", argv[i] + 8) == -1)
		1595	errExit("asprintf");
		1596	/* Note: Applied both immediately in profile_check_line()
		1597	* and later on via fs_blacklist().
		1598	*/
		1599	profile_check_line(line, 0, NULL);
		1600	profile_add(line);
		1601	}
		1602	else if (strncmp(argv[i], "--mkfile=", 9) == 0) {
		1603	char *line;
		1604	if (asprintf(&line, "mkfile %s", argv[i] + 9) == -1)
		1605	errExit("asprintf");
		1606	/* Note: Applied both immediately in profile_check_line()
		1607	* and later on via fs_blacklist().
		1608	*/
		1609	profile_check_line(line, 0, NULL);
		1610	profile_add(line);
		1611	}
1593	else if (strncmp(argv[i], "--read-only=", 12) == 0) {	1612	else if (strncmp(argv[i], "--read-only=", 12) == 0) {
1594	char *line;	1613	char *line;
1595	if (asprintf(&line, "read-only %s", argv[i] + 12) == -1)	1614	if (asprintf(&line, "read-only %s", argv[i] + 12) == -1)


diff --git a/src/firejail/usage.c b/src/firejail/usage.c index 2c6bbf98f..1ac30299a 100644 --- a/src/firejail/usage.c +++ b/src/firejail/usage.c
@@ -246,6 +246,8 @@ static char *usage_str =
246	#ifdef HAVE_WHITELIST	246	#ifdef HAVE_WHITELIST
247	" --whitelist=filename - whitelist directory or file.\n"	247	" --whitelist=filename - whitelist directory or file.\n"
248	#endif	248	#endif
		249	" --mkdir=dirname - create a directory.\n"
		250	" --mkfile=filename - create a file.\n"
249	" --writable-etc - /etc directory is mounted read-write.\n"	251	" --writable-etc - /etc directory is mounted read-write.\n"
250	" --writable-run-user - allow access to /run/user/$UID/systemd and\n"	252	" --writable-run-user - allow access to /run/user/$UID/systemd and\n"
251	"\t/run/user/$UID/gnupg.\n"	253	"\t/run/user/$UID/gnupg.\n"