From 265cd772fc7852d2deaacd886a26253006235d59 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Fri, 5 Aug 2016 08:39:56 -0400
Subject: fix whitelist ~/deletme problem

---
 src/firejail/fs_whitelist.c  | 16 ++++++++++------
 test/fs/fs.sh                |  2 ++
 test/fs/whitelist-double.exp | 42 ++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 54 insertions(+), 6 deletions(-)
 create mode 100755 test/fs/whitelist-double.exp

diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c
index f94040d0f..90b91f9dd 100644
--- a/src/firejail/fs_whitelist.c
+++ b/src/firejail/fs_whitelist.c
@@ -268,13 +268,17 @@ static void whitelist_path(ProfileEntry *entry) {
 	
 	// process regular file
 	else {
-		// create an empty file
-		FILE *fp = fopen(path, "w");
-		if (!fp) {
-			fprintf(stderr, "Error: cannot create empty file in home directory\n");
-			exit(1);
+		if (access(path, R_OK)) {
+			// create an empty file
+			FILE *fp = fopen(path, "w");
+			if (!fp) {
+				fprintf(stderr, "Error: cannot create empty file in home directory\n");
+				exit(1);
+			}
+			fclose(fp);
 		}
-		fclose(fp);
+		else
+			return; // the file is already present
 	}
 	
 	// set file properties
diff --git a/test/fs/fs.sh b/test/fs/fs.sh
index 00e6e29c2..ee6351e2e 100755
--- a/test/fs/fs.sh
+++ b/test/fs/fs.sh
@@ -54,3 +54,5 @@ echo "TESTING: bind as user (test/fs/option_bind_user.exp)"
 echo "TESTING: recursive mkdir (test/fs/mkdir.exp)"
 ./mkdir.exp
 
+echo "TESTING: double whitelist (test/fs/whitelist-double.exp)"
+./whitelist-double.exp
diff --git a/test/fs/whitelist-double.exp b/test/fs/whitelist-double.exp
new file mode 100755
index 000000000..87d6ed686
--- /dev/null
+++ b/test/fs/whitelist-double.exp
@@ -0,0 +1,42 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+
+set timeout 30
+spawn $env(SHELL)
+match_max 100000
+
+send -- "echo 123 > /tmp/firejal-deleteme\r"
+sleep 1
+
+send -- "firejail --whitelist=/tmp/firejal-deleteme --whitelist=/tmp/firejal-deleteme\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"Child process initialized"
+}
+sleep 1
+
+send -- "cat /tmp/firejal-deleteme\r"
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	"123"
+}
+
+send -- "exit\r"
+sleep 1
+
+send -- "cat /tmp/firejal-deleteme\r"
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	"123"
+}
+
+send -- "rm/tmp/firejal-deleteme \r"
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	"0"
+}
+sleep 1
+
+puts "\nall done\n"
-- 
cgit v1.2.3-54-g00ecf