3 files changed, 54 insertions, 6 deletions
diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c
index f94040d0f..90b91f9dd 100644
--- a/src/firejail/fs_whitelist.c
+++ b/src/firejail/fs_whitelist.c
@@ -268,13 +268,17 @@ static void whitelist_path(ProfileEntry *entry) {
        
        // process regular file
        else {
-                // create an empty file
+                if (access(path, R_OK)) {
-                FILE *fp = fopen(path, "w");
+                        // create an empty file
-                if (!fp) {
+                        FILE *fp = fopen(path, "w");
-                        fprintf(stderr, "Error: cannot create empty file in home directory\n");
+                        if (!fp) {
-                        exit(1);
+                                fprintf(stderr, "Error: cannot create empty file in home directory\n");
+                                exit(1);
+                        }
+                        fclose(fp);
                }
-                fclose(fp);
+                else
+                        return; // the file is already present
        }
        
        // set file properties
diff --git a/test/fs/fs.sh b/test/fs/fs.sh
index 00e6e29c2..ee6351e2e 100755
--- a/test/fs/fs.sh
+++ b/test/fs/fs.sh
@@ -54,3 +54,5 @@ echo "TESTING: bind as user (test/fs/option_bind_user.exp)"
 echo "TESTING: recursive mkdir (test/fs/mkdir.exp)"
 ./mkdir.exp
+echo "TESTING: double whitelist (test/fs/whitelist-double.exp)"
+./whitelist-double.exp
diff --git a/test/fs/whitelist-double.exp b/test/fs/whitelist-double.exp
new file mode 100755
index 000000000..87d6ed686
--- /dev/null
+++ b/test/fs/whitelist-double.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+set timeout 30
+spawn $env(SHELL)
+match_max 100000
+send -- "echo 123 > /tmp/firejal-deleteme\r"
+sleep 1
+send -- "firejail --whitelist=/tmp/firejal-deleteme --whitelist=/tmp/firejal-deleteme\r"
+expect {
+        timeout {puts "TESTING ERROR 0\n";exit}
+        "Child process initialized"
+}
+sleep 1
+send -- "cat /tmp/firejal-deleteme\r"
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "123"
+}
+send -- "exit\r"
+sleep 1
+send -- "cat /tmp/firejal-deleteme\r"
+expect {
+        timeout {puts "TESTING ERROR 1\n";exit}
+        "123"
+}
+send -- "rm/tmp/firejal-deleteme \r"
+expect {
+        timeout {puts "TESTING ERROR 3\n";exit}
+        "0"
+}
+sleep 1
+puts "\nall done\n"

diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c index f94040d0f..90b91f9dd 100644 --- a/src/firejail/fs_whitelist.c +++ b/src/firejail/fs_whitelist.c
@@ -268,13 +268,17 @@ static void whitelist_path(ProfileEntry *entry) {
268		268
269	// process regular file	269	// process regular file
270	else {	270	else {
271	// create an empty file	271	if (access(path, R_OK)) {
272	FILE *fp = fopen(path, "w");	272	// create an empty file
273	if (!fp) {	273	FILE *fp = fopen(path, "w");
274	fprintf(stderr, "Error: cannot create empty file in home directory\n");	274	if (!fp) {
275	exit(1);	275	fprintf(stderr, "Error: cannot create empty file in home directory\n");
		276	exit(1);
		277	}
		278	fclose(fp);
276	}	279	}
277	fclose(fp);	280	else
		281	return; // the file is already present
278	}	282	}
279		283
280	// set file properties	284	// set file properties


diff --git a/test/fs/fs.sh b/test/fs/fs.sh index 00e6e29c2..ee6351e2e 100755 --- a/test/fs/fs.sh +++ b/test/fs/fs.sh
@@ -54,3 +54,5 @@ echo "TESTING: bind as user (test/fs/option_bind_user.exp)"
54	echo "TESTING: recursive mkdir (test/fs/mkdir.exp)"	54	echo "TESTING: recursive mkdir (test/fs/mkdir.exp)"
55	./mkdir.exp	55	./mkdir.exp
56		56
		57	echo "TESTING: double whitelist (test/fs/whitelist-double.exp)"
		58	./whitelist-double.exp


diff --git a/test/fs/whitelist-double.exp b/test/fs/whitelist-double.exp new file mode 100755 index 000000000..87d6ed686 --- /dev/null +++ b/test/fs/whitelist-double.exp
@@ -0,0 +1,42 @@
		1	#!/usr/bin/expect -f
		2	# This file is part of Firejail project
		3	# Copyright (C) 2014-2016 Firejail Authors
		4	# License GPL v2
		5
		6	set timeout 30
		7	spawn $env(SHELL)
		8	match_max 100000
		9
		10	send -- "echo 123 > /tmp/firejal-deleteme\r"
		11	sleep 1
		12
		13	send -- "firejail --whitelist=/tmp/firejal-deleteme --whitelist=/tmp/firejal-deleteme\r"
		14	expect {
		15	timeout {puts "TESTING ERROR 0\n";exit}
		16	"Child process initialized"
		17	}
		18	sleep 1
		19
		20	send -- "cat /tmp/firejal-deleteme\r"
		21	expect {
		22	timeout {puts "TESTING ERROR 1\n";exit}
		23	"123"
		24	}
		25
		26	send -- "exit\r"
		27	sleep 1
		28
		29	send -- "cat /tmp/firejal-deleteme\r"
		30	expect {
		31	timeout {puts "TESTING ERROR 1\n";exit}
		32	"123"
		33	}
		34
		35	send -- "rm/tmp/firejal-deleteme \r"
		36	expect {
		37	timeout {puts "TESTING ERROR 3\n";exit}
		38	"0"
		39	}
		40	sleep 1
		41
		42	puts "\nall done\n"