1 files changed, 4 insertions, 62 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c
index 49074f525..c689a49fa 100644
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -767,26 +767,7 @@ void fs_proc_sys_dev_boot(void) {
                        char *fnamegpg;
                        if (asprintf(&fnamegpg, "/run/user/%d/gnupg", getuid()) == -1)
                                errExit("asprintf");
-                        if (stat(fnamegpg, &s) == -1) {
+                        create_empty_dir_as_user(fnamegpg, 0700);
-                                pid_t child = fork();
-                                if (child < 0)
-                                        errExit("fork");
-                                if (child == 0) {
-                                        // drop privileges
-                                        drop_privs(0);
-                                        if (mkdir(fnamegpg, 0700) == 0) {
-                                                if (chmod(fnamegpg, 0700) == -1)
-                                                        {;} // do nothing
-                                        }
-#ifdef HAVE_GCOV
-                                        __gcov_flush();
-#endif
-                                        _exit(0);
-                                }
-                                // wait for the child to finish
-                                waitpid(child, NULL, 0);
-                                fs_logger2("create", fnamegpg);
-                        }
                        if (stat(fnamegpg, &s) == 0)
                                disable_file(BLACKLIST_FILE, fnamegpg);
                        free(fnamegpg);
@@ -795,26 +776,7 @@ void fs_proc_sys_dev_boot(void) {
                        char *fnamesysd;
                        if (asprintf(&fnamesysd, "/run/user/%d/systemd", getuid()) == -1)
                                errExit("asprintf");
-                        if (stat(fnamesysd, &s) == -1) {
+                        create_empty_dir_as_user(fnamesysd, 0755);
-                                pid_t child = fork();
-                                if (child < 0)
-                                        errExit("fork");
-                                if (child == 0) {
-                                        // drop privileges
-                                        drop_privs(0);
-                                        if (mkdir(fnamesysd, 0755) == 0) {
-                                                if (chmod(fnamesysd, 0755) == -1)
-                                                        {;} // do nothing
-                                        }
-#ifdef HAVE_GCOV
-                                        __gcov_flush();
-#endif
-                                        _exit(0);
-                                }
-                                // wait for the child to finish
-                                waitpid(child, NULL, 0);
-                                fs_logger2("create", fnamesysd);
-                        }
                        if (stat(fnamesysd, &s) == 0)
                                disable_file(BLACKLIST_FILE, fnamesysd);
                        free(fnamesysd);
@@ -924,31 +886,11 @@ char *fs_check_overlay_dir(const char *subdirname, int allow_reuse) {
        }
        else {
                // create ~/.firejail directory
-                pid_t child = fork();
+                create_empty_dir_as_user(dirname, 0700);
-                if (child < 0)
-                        errExit("fork");
-                if (child == 0) {
-                        // drop privileges
-                        drop_privs(0);
-                        // create directory
-                        if (mkdir(dirname, 0700))
-                                errExit("mkdir");
-                        if (chmod(dirname, 0700) == -1)
-                                errExit("chmod");
-                        ASSERT_PERMS(dirname, getuid(), getgid(), 0700);
-#ifdef HAVE_GCOV
-                        __gcov_flush();
-#endif
-                        _exit(0);
-                }
-                // wait for the child to finish
-                waitpid(child, NULL, 0);
                if (stat(dirname, &s) == -1) {
-                        fprintf(stderr, "Error: cannot create ~/.firejail directory\n");
+                        fprintf(stderr, "Error: cannot create directory %s\n", dirname);
                        exit(1);
                }
-                fs_logger2("create", dirname);
        }
        free(dirname);

diff --git a/src/firejail/fs.c b/src/firejail/fs.c index 49074f525..c689a49fa 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c
@@ -767,26 +767,7 @@ void fs_proc_sys_dev_boot(void) {
767	char *fnamegpg;	767	char *fnamegpg;
768	if (asprintf(&fnamegpg, "/run/user/%d/gnupg", getuid()) == -1)	768	if (asprintf(&fnamegpg, "/run/user/%d/gnupg", getuid()) == -1)
769	errExit("asprintf");	769	errExit("asprintf");
770	if (stat(fnamegpg, &s) == -1) {	770	create_empty_dir_as_user(fnamegpg, 0700);
771	pid_t child = fork();
772	if (child < 0)
773	errExit("fork");
774	if (child == 0) {
775	// drop privileges
776	drop_privs(0);
777	if (mkdir(fnamegpg, 0700) == 0) {
778	if (chmod(fnamegpg, 0700) == -1)
779	{;} // do nothing
780	}
781	#ifdef HAVE_GCOV
782	__gcov_flush();
783	#endif
784	_exit(0);
785	}
786	// wait for the child to finish
787	waitpid(child, NULL, 0);
788	fs_logger2("create", fnamegpg);
789	}
790	if (stat(fnamegpg, &s) == 0)	771	if (stat(fnamegpg, &s) == 0)
791	disable_file(BLACKLIST_FILE, fnamegpg);	772	disable_file(BLACKLIST_FILE, fnamegpg);
792	free(fnamegpg);	773	free(fnamegpg);
@@ -795,26 +776,7 @@ void fs_proc_sys_dev_boot(void) {
795	char *fnamesysd;	776	char *fnamesysd;
796	if (asprintf(&fnamesysd, "/run/user/%d/systemd", getuid()) == -1)	777	if (asprintf(&fnamesysd, "/run/user/%d/systemd", getuid()) == -1)
797	errExit("asprintf");	778	errExit("asprintf");
798	if (stat(fnamesysd, &s) == -1) {	779	create_empty_dir_as_user(fnamesysd, 0755);
799	pid_t child = fork();
800	if (child < 0)
801	errExit("fork");
802	if (child == 0) {
803	// drop privileges
804	drop_privs(0);
805	if (mkdir(fnamesysd, 0755) == 0) {
806	if (chmod(fnamesysd, 0755) == -1)
807	{;} // do nothing
808	}
809	#ifdef HAVE_GCOV
810	__gcov_flush();
811	#endif
812	_exit(0);
813	}
814	// wait for the child to finish
815	waitpid(child, NULL, 0);
816	fs_logger2("create", fnamesysd);
817	}
818	if (stat(fnamesysd, &s) == 0)	780	if (stat(fnamesysd, &s) == 0)
819	disable_file(BLACKLIST_FILE, fnamesysd);	781	disable_file(BLACKLIST_FILE, fnamesysd);
820	free(fnamesysd);	782	free(fnamesysd);
@@ -924,31 +886,11 @@ char fs_check_overlay_dir(const char subdirname, int allow_reuse) {
924	}	886	}
925	else {	887	else {
926	// create ~/.firejail directory	888	// create ~/.firejail directory
927	pid_t child = fork();	889	create_empty_dir_as_user(dirname, 0700);
928	if (child < 0)
929	errExit("fork");
930	if (child == 0) {
931	// drop privileges
932	drop_privs(0);
933
934	// create directory
935	if (mkdir(dirname, 0700))
936	errExit("mkdir");
937	if (chmod(dirname, 0700) == -1)
938	errExit("chmod");
939	ASSERT_PERMS(dirname, getuid(), getgid(), 0700);
940	#ifdef HAVE_GCOV
941	__gcov_flush();
942	#endif
943	_exit(0);
944	}
945	// wait for the child to finish
946	waitpid(child, NULL, 0);
947	if (stat(dirname, &s) == -1) {	890	if (stat(dirname, &s) == -1) {
948	fprintf(stderr, "Error: cannot create ~/.firejail directory\n");	891	fprintf(stderr, "Error: cannot create directory %s\n", dirname);
949	exit(1);	892	exit(1);
950	}	893	}
951	fs_logger2("create", dirname);
952	}	894	}
953	free(dirname);	895	free(dirname);
954		896