diff options
Diffstat (limited to 'src/firejail/main.c')
| -rw-r--r-- | src/firejail/main.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index 09e1a1071..0816afe83 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
| @@ -149,6 +149,7 @@ int arg_nou2f = 0; // --nou2f | |||
| 149 | int arg_noinput = 0; // --noinput | 149 | int arg_noinput = 0; // --noinput |
| 150 | int arg_deterministic_exit_code = 0; // always exit with first child's exit status | 150 | int arg_deterministic_exit_code = 0; // always exit with first child's exit status |
| 151 | int arg_deterministic_shutdown = 0; // shut down the sandbox if first child dies | 151 | int arg_deterministic_shutdown = 0; // shut down the sandbox if first child dies |
| 152 | int arg_keep_fd_all = 0; // inherit all file descriptors to sandbox | ||
| 152 | DbusPolicy arg_dbus_user = DBUS_POLICY_ALLOW; // --dbus-user | 153 | DbusPolicy arg_dbus_user = DBUS_POLICY_ALLOW; // --dbus-user |
| 153 | DbusPolicy arg_dbus_system = DBUS_POLICY_ALLOW; // --dbus-system | 154 | DbusPolicy arg_dbus_system = DBUS_POLICY_ALLOW; // --dbus-system |
| 154 | const char *arg_dbus_log_file = NULL; | 155 | const char *arg_dbus_log_file = NULL; |
| @@ -1862,6 +1863,14 @@ int main(int argc, char **argv, char **envp) { | |||
| 1862 | } | 1863 | } |
| 1863 | profile_add_ignore(argv[i] + 9); | 1864 | profile_add_ignore(argv[i] + 9); |
| 1864 | } | 1865 | } |
| 1866 | else if (strncmp(argv[i], "--keep-fd=", 10) == 0) { | ||
| 1867 | if (strcmp(argv[i] + 10, "all") == 0) | ||
| 1868 | arg_keep_fd_all = 1; | ||
| 1869 | else { | ||
| 1870 | const char *add = argv[i] + 10; | ||
| 1871 | profile_list_augment(&cfg.keep_fd, add); | ||
| 1872 | } | ||
| 1873 | } | ||
| 1865 | #ifdef HAVE_CHROOT | 1874 | #ifdef HAVE_CHROOT |
| 1866 | else if (strncmp(argv[i], "--chroot=", 9) == 0) { | 1875 | else if (strncmp(argv[i], "--chroot=", 9) == 0) { |
| 1867 | if (checkcfg(CFG_CHROOT)) { | 1876 | if (checkcfg(CFG_CHROOT)) { |