1 files changed, 12 insertions, 12 deletions
diff --git a/src/firejail/restrict_users.c b/src/firejail/restrict_users.c
index d2d106f27..733dbef41 100644
--- a/src/firejail/restrict_users.c
+++ b/src/firejail/restrict_users.c
@@ -73,11 +73,11 @@ static void sanitize_home(void) {
        }
        
        fs_build_mnt_dir();
-        if (mkdir(WHITELIST_HOME_DIR, 0755) == -1)
+        if (mkdir(RUN_WHITELIST_HOME_DIR, 0755) == -1)
                errExit("mkdir");
        // keep a copy of the user home directory
-        if (mount(cfg.homedir, WHITELIST_HOME_DIR, NULL, MS_BIND|MS_REC, NULL) < 0)
+        if (mount(cfg.homedir, RUN_WHITELIST_HOME_DIR, NULL, MS_BIND|MS_REC, NULL) < 0)
                errExit("mount bind");
        // mount tmpfs in the new home
@@ -95,11 +95,11 @@ static void sanitize_home(void) {
                errExit("chmod");
        // mount user home directory
-        if (mount(WHITELIST_HOME_DIR, cfg.homedir, NULL, MS_BIND|MS_REC, NULL) < 0)
+        if (mount(RUN_WHITELIST_HOME_DIR, cfg.homedir, NULL, MS_BIND|MS_REC, NULL) < 0)
                errExit("mount bind");
        // mask home dir under /run
-        if (mount("tmpfs", WHITELIST_HOME_DIR, "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC,  "mode=755,gid=0") < 0)
+        if (mount("tmpfs", RUN_WHITELIST_HOME_DIR, "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC,  "mode=755,gid=0") < 0)
                errExit("mount tmpfs");
 }
@@ -118,7 +118,7 @@ static void sanitize_passwd(void) {
        fpin = fopen("/etc/passwd", "r");
        if (!fpin)
                goto errout;
-        fpout = fopen(PASSWD_FILE, "w");
+        fpout = fopen(RUN_PASSWD_FILE, "w");
        if (!fpout)
                goto errout;
        
@@ -172,13 +172,13 @@ static void sanitize_passwd(void) {
        }
        fclose(fpin);
        fclose(fpout);
-        if (chown(PASSWD_FILE, 0, 0) == -1)
+        if (chown(RUN_PASSWD_FILE, 0, 0) == -1)
                errExit("chown");
-        if (chmod(PASSWD_FILE, 0644) == -1)
+        if (chmod(RUN_PASSWD_FILE, 0644) == -1)
                errExit("chmod");
                
        // mount-bind tne new password file
-        if (mount(PASSWD_FILE, "/etc/passwd", "none", MS_BIND, "mode=400,gid=0") < 0)
+        if (mount(RUN_PASSWD_FILE, "/etc/passwd", "none", MS_BIND, "mode=400,gid=0") < 0)
                errExit("mount");
        
        return; 
@@ -249,7 +249,7 @@ static void sanitize_group(void) {
        fpin = fopen("/etc/group", "r");
        if (!fpin)
                goto errout;
-        fpout = fopen(GROUP_FILE, "w");
+        fpout = fopen(RUN_GROUP_FILE, "w");
        if (!fpout)
                goto errout;
        
@@ -298,13 +298,13 @@ static void sanitize_group(void) {
        }
        fclose(fpin);
        fclose(fpout);
-        if (chown(GROUP_FILE, 0, 0) == -1)
+        if (chown(RUN_GROUP_FILE, 0, 0) == -1)
                errExit("chown");
-        if (chmod(GROUP_FILE, 0644) == -1)
+        if (chmod(RUN_GROUP_FILE, 0644) == -1)
                errExit("chmod");
                
        // mount-bind tne new group file
-        if (mount(GROUP_FILE, "/etc/group", "none", MS_BIND, "mode=400,gid=0") < 0)
+        if (mount(RUN_GROUP_FILE, "/etc/group", "none", MS_BIND, "mode=400,gid=0") < 0)
                errExit("mount");
        
        return;

diff --git a/src/firejail/restrict_users.c b/src/firejail/restrict_users.c index d2d106f27..733dbef41 100644 --- a/src/firejail/restrict_users.c +++ b/src/firejail/restrict_users.c
@@ -73,11 +73,11 @@ static void sanitize_home(void) {
73	}	73	}
74		74
75	fs_build_mnt_dir();	75	fs_build_mnt_dir();
76	if (mkdir(WHITELIST_HOME_DIR, 0755) == -1)	76	if (mkdir(RUN_WHITELIST_HOME_DIR, 0755) == -1)
77	errExit("mkdir");	77	errExit("mkdir");
78		78
79	// keep a copy of the user home directory	79	// keep a copy of the user home directory
80	if (mount(cfg.homedir, WHITELIST_HOME_DIR, NULL, MS_BIND\|MS_REC, NULL) < 0)	80	if (mount(cfg.homedir, RUN_WHITELIST_HOME_DIR, NULL, MS_BIND\|MS_REC, NULL) < 0)
81	errExit("mount bind");	81	errExit("mount bind");
82		82
83	// mount tmpfs in the new home	83	// mount tmpfs in the new home
@@ -95,11 +95,11 @@ static void sanitize_home(void) {
95	errExit("chmod");	95	errExit("chmod");
96		96
97	// mount user home directory	97	// mount user home directory
98	if (mount(WHITELIST_HOME_DIR, cfg.homedir, NULL, MS_BIND\|MS_REC, NULL) < 0)	98	if (mount(RUN_WHITELIST_HOME_DIR, cfg.homedir, NULL, MS_BIND\|MS_REC, NULL) < 0)
99	errExit("mount bind");	99	errExit("mount bind");
100		100
101	// mask home dir under /run	101	// mask home dir under /run
102	if (mount("tmpfs", WHITELIST_HOME_DIR, "tmpfs", MS_NOSUID \| MS_NODEV \| MS_STRICTATIME \| MS_REC, "mode=755,gid=0") < 0)	102	if (mount("tmpfs", RUN_WHITELIST_HOME_DIR, "tmpfs", MS_NOSUID \| MS_NODEV \| MS_STRICTATIME \| MS_REC, "mode=755,gid=0") < 0)
103	errExit("mount tmpfs");	103	errExit("mount tmpfs");
104	}	104	}
105		105
@@ -118,7 +118,7 @@ static void sanitize_passwd(void) {
118	fpin = fopen("/etc/passwd", "r");	118	fpin = fopen("/etc/passwd", "r");
119	if (!fpin)	119	if (!fpin)
120	goto errout;	120	goto errout;
121	fpout = fopen(PASSWD_FILE, "w");	121	fpout = fopen(RUN_PASSWD_FILE, "w");
122	if (!fpout)	122	if (!fpout)
123	goto errout;	123	goto errout;
124		124
@@ -172,13 +172,13 @@ static void sanitize_passwd(void) {
172	}	172	}
173	fclose(fpin);	173	fclose(fpin);
174	fclose(fpout);	174	fclose(fpout);
175	if (chown(PASSWD_FILE, 0, 0) == -1)	175	if (chown(RUN_PASSWD_FILE, 0, 0) == -1)
176	errExit("chown");	176	errExit("chown");
177	if (chmod(PASSWD_FILE, 0644) == -1)	177	if (chmod(RUN_PASSWD_FILE, 0644) == -1)
178	errExit("chmod");	178	errExit("chmod");
179		179
180	// mount-bind tne new password file	180	// mount-bind tne new password file
181	if (mount(PASSWD_FILE, "/etc/passwd", "none", MS_BIND, "mode=400,gid=0") < 0)	181	if (mount(RUN_PASSWD_FILE, "/etc/passwd", "none", MS_BIND, "mode=400,gid=0") < 0)
182	errExit("mount");	182	errExit("mount");
183		183
184	return;	184	return;
@@ -249,7 +249,7 @@ static void sanitize_group(void) {
249	fpin = fopen("/etc/group", "r");	249	fpin = fopen("/etc/group", "r");
250	if (!fpin)	250	if (!fpin)
251	goto errout;	251	goto errout;
252	fpout = fopen(GROUP_FILE, "w");	252	fpout = fopen(RUN_GROUP_FILE, "w");
253	if (!fpout)	253	if (!fpout)
254	goto errout;	254	goto errout;
255		255
@@ -298,13 +298,13 @@ static void sanitize_group(void) {
298	}	298	}
299	fclose(fpin);	299	fclose(fpin);
300	fclose(fpout);	300	fclose(fpout);
301	if (chown(GROUP_FILE, 0, 0) == -1)	301	if (chown(RUN_GROUP_FILE, 0, 0) == -1)
302	errExit("chown");	302	errExit("chown");
303	if (chmod(GROUP_FILE, 0644) == -1)	303	if (chmod(RUN_GROUP_FILE, 0644) == -1)
304	errExit("chmod");	304	errExit("chmod");
305		305
306	// mount-bind tne new group file	306	// mount-bind tne new group file
307	if (mount(GROUP_FILE, "/etc/group", "none", MS_BIND, "mode=400,gid=0") < 0)	307	if (mount(RUN_GROUP_FILE, "/etc/group", "none", MS_BIND, "mode=400,gid=0") < 0)
308	errExit("mount");	308	errExit("mount");
309		309
310	return;	310	return;