diff options
-rw-r--r-- | README.md | 3 | ||||
-rw-r--r-- | RELNOTES | 2 | ||||
-rw-r--r-- | src/firejail/main.c | 15 |
3 files changed, 16 insertions, 4 deletions
@@ -77,4 +77,5 @@ Office: evince, gthumb, fbreader, pix | |||
77 | 77 | ||
78 | ## New security profiles | 78 | ## New security profiles |
79 | 79 | ||
80 | Gitter, gThumb, mpv, Franz messenger, LibreOffice, pix, audacity, strings, xz, gzip, cpio | 80 | Gitter, gThumb, mpv, Franz messenger, LibreOffice, pix, audacity, strings, xz, xzdec, gzip, cpio, less |
81 | |||
@@ -4,7 +4,7 @@ firejail (0.9.41) baseline; urgency=low | |||
4 | * compile time support to disable global configuration file | 4 | * compile time support to disable global configuration file |
5 | * some profiles have been converted to private-bin | 5 | * some profiles have been converted to private-bin |
6 | * new profiles: Gitter, gThumb, mpv, Franz messenger, LibreOffice | 6 | * new profiles: Gitter, gThumb, mpv, Franz messenger, LibreOffice |
7 | * new profiles: pix, audacity | 7 | * new profiles: pix, audacity, strings, xz, xzdec, gzip, cpio, less |
8 | -- netblue30 <netblue30@yahoo.com> Tue, 31 May 2016 08:00:00 -0500 | 8 | -- netblue30 <netblue30@yahoo.com> Tue, 31 May 2016 08:00:00 -0500 |
9 | 9 | ||
10 | firejail (0.9.40) baseline; urgency=low | 10 | firejail (0.9.40) baseline; urgency=low |
diff --git a/src/firejail/main.c b/src/firejail/main.c index 463bf4f31..6faec9109 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -766,7 +766,6 @@ int main(int argc, char **argv) { | |||
766 | if (*argv[0] != '-') | 766 | if (*argv[0] != '-') |
767 | run_symlink(argc, argv); | 767 | run_symlink(argc, argv); |
768 | 768 | ||
769 | |||
770 | // check if we already have a sandbox running | 769 | // check if we already have a sandbox running |
771 | // If LXC is detected, start firejail sandbox | 770 | // If LXC is detected, start firejail sandbox |
772 | // otherwise try to detect a PID namespace by looking under /proc for specific kernel processes and: | 771 | // otherwise try to detect a PID namespace by looking under /proc for specific kernel processes and: |
@@ -836,7 +835,19 @@ int main(int argc, char **argv) { | |||
836 | // check root/suid | 835 | // check root/suid |
837 | EUID_ROOT(); | 836 | EUID_ROOT(); |
838 | if (geteuid()) { | 837 | if (geteuid()) { |
839 | fprintf(stderr, "Error: the sandbox is not setuid root\n"); | 838 | // detect --version |
839 | for (i = 1; i < argc; i++) { | ||
840 | if (strcmp(argv[i], "--version") == 0) { | ||
841 | printf("firejail version %s\n", VERSION); | ||
842 | exit(0); | ||
843 | } | ||
844 | |||
845 | // detect end of firejail params | ||
846 | if (strcmp(argv[i], "--") == 0) | ||
847 | break; | ||
848 | if (strncmp(argv[i], "--", 2) != 0) | ||
849 | break; | ||
850 | } | ||
840 | exit(1); | 851 | exit(1); |
841 | } | 852 | } |
842 | EUID_USER(); | 853 | EUID_USER(); |