1 files changed, 16 insertions, 0 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 6b50b450c..27bd7c385 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -96,6 +96,8 @@ int arg_join_network = 0;			// join only the network namespace
 int arg_join_filesystem = 0;                    // join only the mount namespace
 int arg_nice = 0;                               // nice value configured
 int arg_ipc = 0;                                        // enable ipc namespace
+int arg_writable_etc = 0;                       // writable etc
+int arg_writable_var = 0;                       // writable var
 int parent_to_child_fds[2];
 int child_to_parent_fds[2];
@@ -1272,6 +1274,20 @@ int main(int argc, char **argv) {
                }
 #endif
+                else if (strcmp(argv[i], "--writable-etc") == 0) {
+                        if (getuid() != 0) {
+                                fprintf(stderr, "Error: --writable-etc is available only for root user\n");
+                                exit(1);
+                        }
+                        arg_writable_etc = 1;
+                }
+                else if (strcmp(argv[i], "--writable-var") == 0) {
+                        if (getuid() != 0) {
+                                fprintf(stderr, "Error: --writable-var is available only for root user\n");
+                                exit(1);
+                        }
+                        arg_writable_var = 1;
+                }
                else if (strcmp(argv[i], "--private") == 0)
                        arg_private = 1;
                else if (strncmp(argv[i], "--private=", 10) == 0) {

diff --git a/src/firejail/main.c b/src/firejail/main.c index 6b50b450c..27bd7c385 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c
@@ -96,6 +96,8 @@ int arg_join_network = 0; // join only the network namespace
96	int arg_join_filesystem = 0; // join only the mount namespace	96	int arg_join_filesystem = 0; // join only the mount namespace
97	int arg_nice = 0; // nice value configured	97	int arg_nice = 0; // nice value configured
98	int arg_ipc = 0; // enable ipc namespace	98	int arg_ipc = 0; // enable ipc namespace
		99	int arg_writable_etc = 0; // writable etc
		100	int arg_writable_var = 0; // writable var
99		101
100	int parent_to_child_fds[2];	102	int parent_to_child_fds[2];
101	int child_to_parent_fds[2];	103	int child_to_parent_fds[2];
@@ -1272,6 +1274,20 @@ int main(int argc, char **argv) {
1272		1274
1273	}	1275	}
1274	#endif	1276	#endif
		1277	else if (strcmp(argv[i], "--writable-etc") == 0) {
		1278	if (getuid() != 0) {
		1279	fprintf(stderr, "Error: --writable-etc is available only for root user\n");
		1280	exit(1);
		1281	}
		1282	arg_writable_etc = 1;
		1283	}
		1284	else if (strcmp(argv[i], "--writable-var") == 0) {
		1285	if (getuid() != 0) {
		1286	fprintf(stderr, "Error: --writable-var is available only for root user\n");
		1287	exit(1);
		1288	}
		1289	arg_writable_var = 1;
		1290	}
1275	else if (strcmp(argv[i], "--private") == 0)	1291	else if (strcmp(argv[i], "--private") == 0)
1276	arg_private = 1;	1292	arg_private = 1;
1277	else if (strncmp(argv[i], "--private=", 10) == 0) {	1293	else if (strncmp(argv[i], "--private=", 10) == 0) {