1 files changed, 13 insertions, 0 deletions
diff --git a/src/firejail/profile.c b/src/firejail/profile.c
index 15cc1e55a..5aeba2f55 100644
--- a/src/firejail/profile.c
+++ b/src/firejail/profile.c
@@ -169,6 +169,10 @@ int profile_check_line(char *ptr, int lineno, const char *fname) {
                arg_private = 1;
                return 0;
        }
+   else if (strcmp(ptr, "private-template") == 0) {
+      arg_private_template = 1;
+      return 0;
+   }
        else if (strcmp(ptr, "private-dev") == 0) {
                arg_private_dev = 1;
                return 0;
@@ -614,6 +618,15 @@ int profile_check_line(char *ptr, int lineno, const char *fname) {
                return 0;
        }
+   if (strncmp(ptr, "private-template ", 17) == 0) {
+      if (arg_private) {
+         fprintf(stderr, "Error: --private and --private-template are mutually exclusive\n");
+         exit(1);
+      }
+      cfg.private_template = ptr + 17;
+      fs_check_private_template();
+      arg_private_template = 1;
+   }
        // private /etc list of files and directories
        if (strncmp(ptr, "private-etc ", 12) == 0) {
                if (arg_writable_etc) {

diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 15cc1e55a..5aeba2f55 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c
@@ -169,6 +169,10 @@ int profile_check_line(char ptr, int lineno, const char fname) {
169	arg_private = 1;	169	arg_private = 1;
170	return 0;	170	return 0;
171	}	171	}
		172	else if (strcmp(ptr, "private-template") == 0) {
		173	arg_private_template = 1;
		174	return 0;
		175	}
172	else if (strcmp(ptr, "private-dev") == 0) {	176	else if (strcmp(ptr, "private-dev") == 0) {
173	arg_private_dev = 1;	177	arg_private_dev = 1;
174	return 0;	178	return 0;
@@ -614,6 +618,15 @@ int profile_check_line(char ptr, int lineno, const char fname) {
614	return 0;	618	return 0;
615	}	619	}
616		620
		621	if (strncmp(ptr, "private-template ", 17) == 0) {
		622	if (arg_private) {
		623	fprintf(stderr, "Error: --private and --private-template are mutually exclusive\n");
		624	exit(1);
		625	}
		626	cfg.private_template = ptr + 17;
		627	fs_check_private_template();
		628	arg_private_template = 1;
		629	}
617	// private /etc list of files and directories	630	// private /etc list of files and directories
618	if (strncmp(ptr, "private-etc ", 12) == 0) {	631	if (strncmp(ptr, "private-etc ", 12) == 0) {
619	if (arg_writable_etc) {	632	if (arg_writable_etc) {