diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/main.c | 9 | ||||
-rw-r--r-- | src/firejail/profile.c | 4 |
2 files changed, 13 insertions, 0 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index 15720b4c6..0f7809fea 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -1279,6 +1279,10 @@ int main(int argc, char **argv) { | |||
1279 | fprintf(stderr, "Error: --writable-etc is available only for root user\n"); | 1279 | fprintf(stderr, "Error: --writable-etc is available only for root user\n"); |
1280 | exit(1); | 1280 | exit(1); |
1281 | } | 1281 | } |
1282 | if (cfg.etc_private_keep) { | ||
1283 | fprintf(stderr, "Error: --private-etc and --writable-etc are mutually exclusive\n"); | ||
1284 | exit(1); | ||
1285 | } | ||
1282 | arg_writable_etc = 1; | 1286 | arg_writable_etc = 1; |
1283 | } | 1287 | } |
1284 | else if (strcmp(argv[i], "--writable-var") == 0) { | 1288 | else if (strcmp(argv[i], "--writable-var") == 0) { |
@@ -1304,6 +1308,11 @@ int main(int argc, char **argv) { | |||
1304 | arg_private_dev = 1; | 1308 | arg_private_dev = 1; |
1305 | } | 1309 | } |
1306 | else if (strncmp(argv[i], "--private-etc=", 14) == 0) { | 1310 | else if (strncmp(argv[i], "--private-etc=", 14) == 0) { |
1311 | if (arg_writable_etc) { | ||
1312 | fprintf(stderr, "Error: --private-etc and --writable-etc are mutually exclusive\n"); | ||
1313 | exit(1); | ||
1314 | } | ||
1315 | |||
1307 | // extract private etc list | 1316 | // extract private etc list |
1308 | cfg.etc_private_keep = argv[i] + 14; | 1317 | cfg.etc_private_keep = argv[i] + 14; |
1309 | if (*cfg.etc_private_keep == '\0') { | 1318 | if (*cfg.etc_private_keep == '\0') { |
diff --git a/src/firejail/profile.c b/src/firejail/profile.c index 7ff7c7926..a2336090f 100644 --- a/src/firejail/profile.c +++ b/src/firejail/profile.c | |||
@@ -580,6 +580,10 @@ int profile_check_line(char *ptr, int lineno, const char *fname) { | |||
580 | 580 | ||
581 | // private /etc list of files and directories | 581 | // private /etc list of files and directories |
582 | if (strncmp(ptr, "private-etc ", 12) == 0) { | 582 | if (strncmp(ptr, "private-etc ", 12) == 0) { |
583 | if (arg_writable_etc) { | ||
584 | fprintf(stderr, "Error: --private-etc and --writable-etc are mutually exclusive\n"); | ||
585 | exit(1); | ||
586 | } | ||
583 | cfg.etc_private_keep = ptr + 12; | 587 | cfg.etc_private_keep = ptr + 12; |
584 | fs_check_etc_list(); | 588 | fs_check_etc_list(); |
585 | if (*cfg.etc_private_keep != '\0') | 589 | if (*cfg.etc_private_keep != '\0') |