diff options
-rw-r--r-- | src/firejail/main.c | 21 | ||||
-rw-r--r-- | src/firejail/usage.c | 2 |
2 files changed, 22 insertions, 1 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index d99e4e0b9..9b4f2bc60 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -1584,7 +1584,26 @@ int main(int argc, char **argv, char **envp) { | |||
1584 | profile_add(line); | 1584 | profile_add(line); |
1585 | } | 1585 | } |
1586 | #endif | 1586 | #endif |
1587 | 1587 | else if (strncmp(argv[i], "--mkdir=", 8) == 0) { | |
1588 | char *line; | ||
1589 | if (asprintf(&line, "mkdir %s", argv[i] + 8) == -1) | ||
1590 | errExit("asprintf"); | ||
1591 | /* Note: Applied both immediately in profile_check_line() | ||
1592 | * and later on via fs_blacklist(). | ||
1593 | */ | ||
1594 | profile_check_line(line, 0, NULL); | ||
1595 | profile_add(line); | ||
1596 | } | ||
1597 | else if (strncmp(argv[i], "--mkfile=", 9) == 0) { | ||
1598 | char *line; | ||
1599 | if (asprintf(&line, "mkfile %s", argv[i] + 9) == -1) | ||
1600 | errExit("asprintf"); | ||
1601 | /* Note: Applied both immediately in profile_check_line() | ||
1602 | * and later on via fs_blacklist(). | ||
1603 | */ | ||
1604 | profile_check_line(line, 0, NULL); | ||
1605 | profile_add(line); | ||
1606 | } | ||
1588 | else if (strncmp(argv[i], "--read-only=", 12) == 0) { | 1607 | else if (strncmp(argv[i], "--read-only=", 12) == 0) { |
1589 | char *line; | 1608 | char *line; |
1590 | if (asprintf(&line, "read-only %s", argv[i] + 12) == -1) | 1609 | if (asprintf(&line, "read-only %s", argv[i] + 12) == -1) |
diff --git a/src/firejail/usage.c b/src/firejail/usage.c index 2c6bbf98f..1ac30299a 100644 --- a/src/firejail/usage.c +++ b/src/firejail/usage.c | |||
@@ -246,6 +246,8 @@ static char *usage_str = | |||
246 | #ifdef HAVE_WHITELIST | 246 | #ifdef HAVE_WHITELIST |
247 | " --whitelist=filename - whitelist directory or file.\n" | 247 | " --whitelist=filename - whitelist directory or file.\n" |
248 | #endif | 248 | #endif |
249 | " --mkdir=dirname - create a directory.\n" | ||
250 | " --mkfile=filename - create a file.\n" | ||
249 | " --writable-etc - /etc directory is mounted read-write.\n" | 251 | " --writable-etc - /etc directory is mounted read-write.\n" |
250 | " --writable-run-user - allow access to /run/user/$UID/systemd and\n" | 252 | " --writable-run-user - allow access to /run/user/$UID/systemd and\n" |
251 | "\t/run/user/$UID/gnupg.\n" | 253 | "\t/run/user/$UID/gnupg.\n" |