1 files changed, 34 insertions, 1 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 6c5d9a44e..3c7a8401e 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -52,7 +52,8 @@ int arg_private = 0;				// mount private /home and /tmp directoryu
 int arg_debug = 0;                              // print debug messages
 int arg_nonetwork = 0;                          // --net=none
 int arg_command = 0;                            // -c
-int arg_overlay = 0;                            // --overlay
+int arg_overlay = 0;                            // overlay option
+int arg_overlay_keep = 0;                       // place overlay diff directory in ~/.firejail
 int arg_zsh = 0;                                // use zsh as default shell
 int arg_csh = 0;                                // use csh as default shell
@@ -625,6 +626,38 @@ int main(int argc, char **argv) {
                                exit(1);
                        }
                        arg_overlay = 1;
+                        arg_overlay_keep = 1;
+                        
+                        // create ~/.firejail directory
+                        char *dirname;
+                        if (asprintf(&dirname, "%s/.firejail", cfg.homedir) == -1)
+                                errExit("asprintf");
+                        struct stat s;
+                        if (stat(dirname, &s) == -1) {
+                                if (mkdir(dirname, S_IRWXU | S_IRWXG | S_IRWXO))
+                                        errExit("mkdir");
+                                if (chown(dirname, getuid(), getgid()) < 0)
+                                        errExit("chown");
+                                if (chmod(dirname, S_IRWXU  | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH) < 0)
+                                        errExit("chmod");
+                        }
+                        free(dirname);
+                        
+                        // check overlay directory
+                        if (asprintf(&dirname, "%s/.firejail/%d", cfg.homedir, getpid()) == -1)
+                                errExit("asprintf");
+                        if (stat(dirname, &s) == 0) {
+                                fprintf(stderr, "Error: overlay directory already exists: %s\n", dirname);
+                                exit(1);
+                        }
+                        cfg.overlay_dir = dirname;
+                }
+                else if (strcmp(argv[i], "--overlay-tmpfs") == 0) {
+                        if (cfg.chrootdir) {
+                                fprintf(stderr, "Error: --overlay and --chroot options are mutually exclusive\n");
+                                exit(1);
+                        }
+                        arg_overlay = 1;
                }
                else if (strncmp(argv[i], "--profile=", 10) == 0) {
                        // multiple profile files are allowed!

diff --git a/src/firejail/main.c b/src/firejail/main.c index 6c5d9a44e..3c7a8401e 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c
@@ -52,7 +52,8 @@ int arg_private = 0; // mount private /home and /tmp directoryu
52	int arg_debug = 0; // print debug messages	52	int arg_debug = 0; // print debug messages
53	int arg_nonetwork = 0; // --net=none	53	int arg_nonetwork = 0; // --net=none
54	int arg_command = 0; // -c	54	int arg_command = 0; // -c
55	int arg_overlay = 0; // --overlay	55	int arg_overlay = 0; // overlay option
		56	int arg_overlay_keep = 0; // place overlay diff directory in ~/.firejail
56	int arg_zsh = 0; // use zsh as default shell	57	int arg_zsh = 0; // use zsh as default shell
57	int arg_csh = 0; // use csh as default shell	58	int arg_csh = 0; // use csh as default shell
58		59
@@ -625,6 +626,38 @@ int main(int argc, char **argv) {
625	exit(1);	626	exit(1);
626	}	627	}
627	arg_overlay = 1;	628	arg_overlay = 1;
		629	arg_overlay_keep = 1;
		630
		631	// create ~/.firejail directory
		632	char *dirname;
		633	if (asprintf(&dirname, "%s/.firejail", cfg.homedir) == -1)
		634	errExit("asprintf");
		635	struct stat s;
		636	if (stat(dirname, &s) == -1) {
		637	if (mkdir(dirname, S_IRWXU \| S_IRWXG \| S_IRWXO))
		638	errExit("mkdir");
		639	if (chown(dirname, getuid(), getgid()) < 0)
		640	errExit("chown");
		641	if (chmod(dirname, S_IRWXU \| S_IRGRP \| S_IXGRP \| S_IROTH \| S_IXOTH) < 0)
		642	errExit("chmod");
		643	}
		644	free(dirname);
		645
		646	// check overlay directory
		647	if (asprintf(&dirname, "%s/.firejail/%d", cfg.homedir, getpid()) == -1)
		648	errExit("asprintf");
		649	if (stat(dirname, &s) == 0) {
		650	fprintf(stderr, "Error: overlay directory already exists: %s\n", dirname);
		651	exit(1);
		652	}
		653	cfg.overlay_dir = dirname;
		654	}
		655	else if (strcmp(argv[i], "--overlay-tmpfs") == 0) {
		656	if (cfg.chrootdir) {
		657	fprintf(stderr, "Error: --overlay and --chroot options are mutually exclusive\n");
		658	exit(1);
		659	}
		660	arg_overlay = 1;
628	}	661	}
629	else if (strncmp(argv[i], "--profile=", 10) == 0) {	662	else if (strncmp(argv[i], "--profile=", 10) == 0) {
630	// multiple profile files are allowed!	663	// multiple profile files are allowed!