1 files changed, 19 insertions, 6 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 1c2f021bb..1621d810f 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -277,6 +277,9 @@ static void run_cmd_and_exit(int i, int argc, char **argv) {
 #ifndef HAVE_FILE_TRANSFER
                printf("File transfer support is disabled.\n");
 #endif
+#ifndef HAVE_WHITELIST
+                printf("whitelisting support is disabled.\n");
+#endif
                exit(0);
        }
 #ifdef HAVE_X11
@@ -1114,14 +1117,24 @@ int main(int argc, char **argv) {
                        profile_check_line(line, 0, NULL);      // will exit if something wrong
                        profile_add(line);
                }
+#ifdef HAVE_WHITELIST
                else if (strncmp(argv[i], "--whitelist=", 12) == 0) {
-                        char *line;
+                        if (checkcfg(CFG_WHITELIST)) {
-                        if (asprintf(&line, "whitelist %s", argv[i] + 12) == -1)
+                                char *line;
-                                errExit("asprintf");
+                                if (asprintf(&line, "whitelist %s", argv[i] + 12) == -1)
-                        
+                                        errExit("asprintf");
-                        profile_check_line(line, 0, NULL);      // will exit if something wrong
+                                
-                        profile_add(line);
+                                profile_check_line(line, 0, NULL);      // will exit if something wrong
+                                profile_add(line);
+                        }
+                        else {
+                                fprintf(stderr, "Error: whitelist feature is disabled in Firejail configuration file\n");
+                                exit(1);
+                        }
                }
+#endif          
                else if (strncmp(argv[i], "--read-only=", 12) == 0) {
                        char *line;
                        if (asprintf(&line, "read-only %s", argv[i] + 12) == -1)

diff --git a/src/firejail/main.c b/src/firejail/main.c index 1c2f021bb..1621d810f 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c
@@ -277,6 +277,9 @@ static void run_cmd_and_exit(int i, int argc, char **argv) {
277	#ifndef HAVE_FILE_TRANSFER	277	#ifndef HAVE_FILE_TRANSFER
278	printf("File transfer support is disabled.\n");	278	printf("File transfer support is disabled.\n");
279	#endif	279	#endif
		280	#ifndef HAVE_WHITELIST
		281	printf("whitelisting support is disabled.\n");
		282	#endif
280	exit(0);	283	exit(0);
281	}	284	}
282	#ifdef HAVE_X11	285	#ifdef HAVE_X11
@@ -1114,14 +1117,24 @@ int main(int argc, char **argv) {
1114	profile_check_line(line, 0, NULL); // will exit if something wrong	1117	profile_check_line(line, 0, NULL); // will exit if something wrong
1115	profile_add(line);	1118	profile_add(line);
1116	}	1119	}
		1120
		1121	#ifdef HAVE_WHITELIST
1117	else if (strncmp(argv[i], "--whitelist=", 12) == 0) {	1122	else if (strncmp(argv[i], "--whitelist=", 12) == 0) {
1118	char *line;	1123	if (checkcfg(CFG_WHITELIST)) {
1119	if (asprintf(&line, "whitelist %s", argv[i] + 12) == -1)	1124	char *line;
1120	errExit("asprintf");	1125	if (asprintf(&line, "whitelist %s", argv[i] + 12) == -1)
1121		1126	errExit("asprintf");
1122	profile_check_line(line, 0, NULL); // will exit if something wrong	1127
1123	profile_add(line);	1128	profile_check_line(line, 0, NULL); // will exit if something wrong
		1129	profile_add(line);
		1130	}
		1131	else {
		1132	fprintf(stderr, "Error: whitelist feature is disabled in Firejail configuration file\n");
		1133	exit(1);
		1134	}
1124	}	1135	}
		1136	#endif
		1137
1125	else if (strncmp(argv[i], "--read-only=", 12) == 0) {	1138	else if (strncmp(argv[i], "--read-only=", 12) == 0) {
1126	char *line;	1139	char *line;
1127	if (asprintf(&line, "read-only %s", argv[i] + 12) == -1)	1140	if (asprintf(&line, "read-only %s", argv[i] + 12) == -1)