From e750f3e9b124aefef96b7d7463f67d8239cacafe Mon Sep 17 00:00:00 2001
From: "Kelvin M. Klann" <kmk3.code@protonmail.com>
Date: Wed, 8 Nov 2023 10:34:32 -0300
Subject: landlock: stop setting global ruleset in ll_create_full_ruleset

To avoid confusion, only return a new ruleset and let the caller set the
global one.

This amends commit 13b2c566d ("feature: add Landlock support",
2023-10-24) / PR #6078.
---
 src/firejail/landlock.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/firejail/landlock.c b/src/firejail/landlock.c
index fcbe895f7..64d10b914 100644
--- a/src/firejail/landlock.c
+++ b/src/firejail/landlock.c
@@ -100,12 +100,12 @@ static int ll_create_full_ruleset(void) {
 		LANDLOCK_ACCESS_FS_REMOVE_FILE |
 		LANDLOCK_ACCESS_FS_WRITE_FILE;
 
-	ll_ruleset_fd = landlock_create_ruleset(&attr, sizeof(attr), 0);
-	if (ll_ruleset_fd < 0) {
+	int ruleset_fd = landlock_create_ruleset(&attr, sizeof(attr), 0);
+	if (ruleset_fd < 0) {
 		fprintf(stderr, "Error: failed to create a Landlock ruleset: %s\n",
 		        strerror(errno));
 	}
-	return ll_ruleset_fd;
+	return ruleset_fd;
 }
 
 int ll_read(const char *allowed_path) {
-- 
cgit v1.2.3-70-g09d2