2 files changed, 22 insertions, 1 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c
index d99e4e0b9..9b4f2bc60 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -1584,7 +1584,26 @@ int main(int argc, char **argv, char **envp) {
                        profile_add(line);
                }
 #endif
+                else if (strncmp(argv[i], "--mkdir=", 8) == 0) {
+                        char *line;
+                        if (asprintf(&line, "mkdir %s", argv[i] + 8) == -1)
+                                errExit("asprintf");
+                        /* Note: Applied both immediately in profile_check_line()
+                         *       and later on via fs_blacklist().
+                         */
+                        profile_check_line(line, 0, NULL);
+                        profile_add(line);
+                }
+                else if (strncmp(argv[i], "--mkfile=", 9) == 0) {
+                        char *line;
+                        if (asprintf(&line, "mkfile %s", argv[i] + 9) == -1)
+                                errExit("asprintf");
+                        /* Note: Applied both immediately in profile_check_line()
+                         *       and later on via fs_blacklist().
+                         */
+                        profile_check_line(line, 0, NULL);
+                        profile_add(line);
+                }
                else if (strncmp(argv[i], "--read-only=", 12) == 0) {
                        char *line;
                        if (asprintf(&line, "read-only %s", argv[i] + 12) == -1)
diff --git a/src/firejail/usage.c b/src/firejail/usage.c
index 2c6bbf98f..1ac30299a 100644
--- a/src/firejail/usage.c
+++ b/src/firejail/usage.c
@@ -246,6 +246,8 @@ static char *usage_str =
 #ifdef HAVE_WHITELIST
        "    --whitelist=filename - whitelist directory or file.\n"
 #endif
+        "    --mkdir=dirname - create a directory.\n"
+        "    --mkfile=filename - create a file.\n"
        "    --writable-etc - /etc directory is mounted read-write.\n"
        "    --writable-run-user - allow access to /run/user/$UID/systemd and\n"
        "\t/run/user/$UID/gnupg.\n"

diff --git a/src/firejail/main.c b/src/firejail/main.c index d99e4e0b9..9b4f2bc60 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c
@@ -1584,7 +1584,26 @@ int main(int argc, char argv, char envp) {
1584	profile_add(line);	1584	profile_add(line);
1585	}	1585	}
1586	#endif	1586	#endif
1587		1587	else if (strncmp(argv[i], "--mkdir=", 8) == 0) {
		1588	char *line;
		1589	if (asprintf(&line, "mkdir %s", argv[i] + 8) == -1)
		1590	errExit("asprintf");
		1591	/* Note: Applied both immediately in profile_check_line()
		1592	* and later on via fs_blacklist().
		1593	*/
		1594	profile_check_line(line, 0, NULL);
		1595	profile_add(line);
		1596	}
		1597	else if (strncmp(argv[i], "--mkfile=", 9) == 0) {
		1598	char *line;
		1599	if (asprintf(&line, "mkfile %s", argv[i] + 9) == -1)
		1600	errExit("asprintf");
		1601	/* Note: Applied both immediately in profile_check_line()
		1602	* and later on via fs_blacklist().
		1603	*/
		1604	profile_check_line(line, 0, NULL);
		1605	profile_add(line);
		1606	}
1588	else if (strncmp(argv[i], "--read-only=", 12) == 0) {	1607	else if (strncmp(argv[i], "--read-only=", 12) == 0) {
1589	char *line;	1608	char *line;
1590	if (asprintf(&line, "read-only %s", argv[i] + 12) == -1)	1609	if (asprintf(&line, "read-only %s", argv[i] + 12) == -1)


diff --git a/src/firejail/usage.c b/src/firejail/usage.c index 2c6bbf98f..1ac30299a 100644 --- a/src/firejail/usage.c +++ b/src/firejail/usage.c
@@ -246,6 +246,8 @@ static char *usage_str =
246	#ifdef HAVE_WHITELIST	246	#ifdef HAVE_WHITELIST
247	" --whitelist=filename - whitelist directory or file.\n"	247	" --whitelist=filename - whitelist directory or file.\n"
248	#endif	248	#endif
		249	" --mkdir=dirname - create a directory.\n"
		250	" --mkfile=filename - create a file.\n"
249	" --writable-etc - /etc directory is mounted read-write.\n"	251	" --writable-etc - /etc directory is mounted read-write.\n"
250	" --writable-run-user - allow access to /run/user/$UID/systemd and\n"	252	" --writable-run-user - allow access to /run/user/$UID/systemd and\n"
251	"\t/run/user/$UID/gnupg.\n"	253	"\t/run/user/$UID/gnupg.\n"