From df38295faa992dbcb02b4f18dedbd60b770d4d22 Mon Sep 17 00:00:00 2001
From: thewisenerd <thewisenerd@protonmail.com>
Date: Sat, 24 Dec 2016 07:14:16 +0530
Subject: firejail: argv: allow multiple private-* options

---
 src/firejail/main.c | 30 +++++++++++++++++++++++++-----
 1 file changed, 25 insertions(+), 5 deletions(-)

diff --git a/src/firejail/main.c b/src/firejail/main.c
index c7470c33b..f1095d41f 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -1504,7 +1504,11 @@ int main(int argc, char **argv) {
 					fprintf(stderr, "Error: invalid private-home option\n");
 					exit(1);
 				}
-				cfg.home_private_keep = argv[i] + 15;
+				if (cfg.home_private_keep) {
+					if ( asprintf(&cfg.home_private_keep, "%s,%s", cfg.home_private_keep, argv[i] + 15) < 0 )
+						errExit("asprintf");
+				} else
+					cfg.home_private_keep = argv[i] + 15;
 				arg_private = 1;
 			}
 			else
@@ -1525,7 +1529,11 @@ int main(int argc, char **argv) {
 				fprintf(stderr, "Error: invalid private-etc option\n");
 				exit(1);
 			}
-			cfg.etc_private_keep = argv[i] + 14;
+			if (cfg.etc_private_keep) {
+				if ( asprintf(&cfg.etc_private_keep, "%s,%s", cfg.etc_private_keep, argv[i] + 14) < 0 )
+					errExit("asprintf");
+			} else
+				cfg.etc_private_keep = argv[i] + 14;
 			arg_private_etc = 1;
 		}
 		else if (strncmp(argv[i], "--private-opt=", 14) == 0) {
@@ -1534,7 +1542,11 @@ int main(int argc, char **argv) {
 				fprintf(stderr, "Error: invalid private-opt option\n");
 				exit(1);
 			}
-			cfg.opt_private_keep = argv[i] + 14;
+			if (cfg.opt_private_keep) {
+				if ( asprintf(&cfg.opt_private_keep, "%s,%s", cfg.opt_private_keep, argv[i] + 14) < 0 )
+					errExit("asprintf");
+			} else
+				cfg.opt_private_keep = argv[i] + 14;
 			arg_private_opt = 1;
 		}
 		else if (strncmp(argv[i], "--private-srv=", 14) == 0) {
@@ -1543,7 +1555,11 @@ int main(int argc, char **argv) {
 				fprintf(stderr, "Error: invalid private-etc option\n");
 				exit(1);
 			}
-			cfg.srv_private_keep = argv[i] + 14;
+			if (cfg.srv_private_keep) {
+				if ( asprintf(&cfg.srv_private_keep, "%s,%s", cfg.srv_private_keep, argv[i] + 14) < 0 )
+					errExit("asprintf");
+			} else
+				cfg.srv_private_keep = argv[i] + 14;
 			arg_private_srv = 1;
 		}
 		else if (strncmp(argv[i], "--private-bin=", 14) == 0) {
@@ -1552,7 +1568,11 @@ int main(int argc, char **argv) {
 				fprintf(stderr, "Error: invalid private-bin option\n");
 				exit(1);
 			}
-			cfg.bin_private_keep = argv[i] + 14;
+			if (cfg.bin_private_keep) {
+				if ( asprintf(&cfg.bin_private_keep, "%s,%s", cfg.bin_private_keep, argv[i] + 14) < 0 )
+					errExit("asprintf");
+			} else
+				cfg.bin_private_keep = argv[i] + 14;
 			arg_private_bin = 1;
 		}
 		else if (strcmp(argv[i], "--private-tmp") == 0) {
-- 
cgit v1.2.3-54-g00ecf