diff options
-rw-r--r-- | etc/firejail.config | 2 | ||||
-rw-r--r-- | src/firejail/checkcfg.c | 4 | ||||
-rw-r--r-- | src/firejail/firejail.h | 2 | ||||
-rw-r--r-- | src/firejail/fs.c | 2 | ||||
-rw-r--r-- | src/firejail/fs_etc.c | 2 |
5 files changed, 6 insertions, 6 deletions
diff --git a/etc/firejail.config b/etc/firejail.config index 26125e4b6..7dd2e80e7 100644 --- a/etc/firejail.config +++ b/etc/firejail.config | |||
@@ -79,7 +79,7 @@ | |||
79 | # overlayfs yes | 79 | # overlayfs yes |
80 | 80 | ||
81 | # Hide blacklisted files in /etc directory, default disabled. | 81 | # Hide blacklisted files in /etc directory, default disabled. |
82 | # etc-no-blacklisted no | 82 | # etc-hide-blacklisted no |
83 | 83 | ||
84 | # Set the limit for file copy in several --private-* options. The size is set | 84 | # Set the limit for file copy in several --private-* options. The size is set |
85 | # in megabytes. By default we allow up to 500MB. | 85 | # in megabytes. By default we allow up to 500MB. |
diff --git a/src/firejail/checkcfg.c b/src/firejail/checkcfg.c index 590543217..ce8446cc8 100644 --- a/src/firejail/checkcfg.c +++ b/src/firejail/checkcfg.c | |||
@@ -51,7 +51,7 @@ int checkcfg(int val) { | |||
51 | cfg_val[i] = 1; // most of them are enabled by default | 51 | cfg_val[i] = 1; // most of them are enabled by default |
52 | cfg_val[CFG_RESTRICTED_NETWORK] = 0; // disabled by default | 52 | cfg_val[CFG_RESTRICTED_NETWORK] = 0; // disabled by default |
53 | cfg_val[CFG_FORCE_NONEWPRIVS] = 0; | 53 | cfg_val[CFG_FORCE_NONEWPRIVS] = 0; |
54 | cfg_val[CFG_ETC_NO_BLACKLISTED] = 0; | 54 | cfg_val[CFG_ETC_HIDE_BLACKLISTED] = 0; |
55 | cfg_val[CFG_PRIVATE_BIN_NO_LOCAL] = 0; | 55 | cfg_val[CFG_PRIVATE_BIN_NO_LOCAL] = 0; |
56 | cfg_val[CFG_FIREJAIL_PROMPT] = 0; | 56 | cfg_val[CFG_FIREJAIL_PROMPT] = 0; |
57 | cfg_val[CFG_DISABLE_MNT] = 0; | 57 | cfg_val[CFG_DISABLE_MNT] = 0; |
@@ -116,7 +116,7 @@ int checkcfg(int val) { | |||
116 | PARSE_YESNO(CFG_TRACELOG, "tracelog") | 116 | PARSE_YESNO(CFG_TRACELOG, "tracelog") |
117 | PARSE_YESNO(CFG_XEPHYR_WINDOW_TITLE, "xephyr-window-title") | 117 | PARSE_YESNO(CFG_XEPHYR_WINDOW_TITLE, "xephyr-window-title") |
118 | PARSE_YESNO(CFG_OVERLAYFS, "overlayfs") | 118 | PARSE_YESNO(CFG_OVERLAYFS, "overlayfs") |
119 | PARSE_YESNO(CFG_ETC_NO_BLACKLISTED, "etc-no-blacklisted") | 119 | PARSE_YESNO(CFG_ETC_HIDE_BLACKLISTED, "etc-hide-blacklisted") |
120 | PARSE_YESNO(CFG_PRIVATE_BIN, "private-bin") | 120 | PARSE_YESNO(CFG_PRIVATE_BIN, "private-bin") |
121 | PARSE_YESNO(CFG_PRIVATE_BIN_NO_LOCAL, "private-bin-no-local") | 121 | PARSE_YESNO(CFG_PRIVATE_BIN_NO_LOCAL, "private-bin-no-local") |
122 | PARSE_YESNO(CFG_PRIVATE_CACHE, "private-cache") | 122 | PARSE_YESNO(CFG_PRIVATE_CACHE, "private-cache") |
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index cf5c5b2fa..13ee573ad 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
@@ -811,7 +811,7 @@ enum { | |||
811 | CFG_FORCE_NONEWPRIVS, | 811 | CFG_FORCE_NONEWPRIVS, |
812 | CFG_XEPHYR_WINDOW_TITLE, | 812 | CFG_XEPHYR_WINDOW_TITLE, |
813 | CFG_OVERLAYFS, | 813 | CFG_OVERLAYFS, |
814 | CFG_ETC_NO_BLACKLISTED, | 814 | CFG_ETC_HIDE_BLACKLISTED, |
815 | CFG_PRIVATE_BIN, | 815 | CFG_PRIVATE_BIN, |
816 | CFG_PRIVATE_BIN_NO_LOCAL, | 816 | CFG_PRIVATE_BIN_NO_LOCAL, |
817 | CFG_PRIVATE_CACHE, | 817 | CFG_PRIVATE_CACHE, |
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index 3066c50ed..84f207fac 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
@@ -162,7 +162,7 @@ static void disable_file(OPERATION op, const char *filename) { | |||
162 | fs_logger2("blacklist-nolog", fname); | 162 | fs_logger2("blacklist-nolog", fname); |
163 | 163 | ||
164 | // files in /etc will be reprocessed during /etc rebuild | 164 | // files in /etc will be reprocessed during /etc rebuild |
165 | if (checkcfg(CFG_ETC_NO_BLACKLISTED) && strncmp(fname, "/etc/", 5) == 0) { | 165 | if (checkcfg(CFG_ETC_HIDE_BLACKLISTED) && strncmp(fname, "/etc/", 5) == 0) { |
166 | ProfileEntry *prf = malloc(sizeof(ProfileEntry)); | 166 | ProfileEntry *prf = malloc(sizeof(ProfileEntry)); |
167 | if (!prf) | 167 | if (!prf) |
168 | errExit("malloc"); | 168 | errExit("malloc"); |
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c index e58537e49..dcbd297da 100644 --- a/src/firejail/fs_etc.c +++ b/src/firejail/fs_etc.c | |||
@@ -267,7 +267,7 @@ void fs_rebuild_etc(void) { | |||
267 | if (cfg.dns1 == NULL && !any_dhcp()) { | 267 | if (cfg.dns1 == NULL && !any_dhcp()) { |
268 | // this function has the effect that updates to files using rename(2) don't propagate into the sandbox | 268 | // this function has the effect that updates to files using rename(2) don't propagate into the sandbox |
269 | // avoid this in the default setting, in order to not break /etc/resolv.conf (issue #5010) | 269 | // avoid this in the default setting, in order to not break /etc/resolv.conf (issue #5010) |
270 | if (!checkcfg(CFG_ETC_NO_BLACKLISTED)) | 270 | if (!checkcfg(CFG_ETC_HIDE_BLACKLISTED)) |
271 | return; | 271 | return; |
272 | have_dhcp = 0; | 272 | have_dhcp = 0; |
273 | } | 273 | } |