From 42421564e0d62b89e5b10b5c1fb007ff560454c6 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Sat, 5 Sep 2015 06:28:38 -0400
Subject: cleanup and small fixes

---
 src/firejail/caps.c      |  2 +-
 src/firejail/fs_home.c   | 19 -------------------
 src/firejail/main.c      |  2 +-
 src/firejail/netfilter.c |  2 +-
 4 files changed, 3 insertions(+), 22 deletions(-)

(limited to 'src')

diff --git a/src/firejail/caps.c b/src/firejail/caps.c
index cd7dbee74..12d0eec57 100644
--- a/src/firejail/caps.c
+++ b/src/firejail/caps.c
@@ -309,7 +309,7 @@ int caps_default_filter(void) {
 
 void caps_drop_all(void) {
 	if (arg_debug)
-		printf("Droping all capabilities\n");
+		printf("Dropping all capabilities\n");
 
 	unsigned long cap;
 	for (cap=0; cap <= 63; cap++) {
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c
index fca5f51c8..98d62b685 100644
--- a/src/firejail/fs_home.c
+++ b/src/firejail/fs_home.c
@@ -203,12 +203,6 @@ void fs_private_homedir(void) {
 			printf("Mounting a new /home directory\n");
 		if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC,  "mode=755,gid=0") < 0)
 			errExit("mounting home directory");
-
-		// mask /tmp only in root mode; KDE keeps all kind of sockets in /tmp!
-		if (arg_debug)
-			printf("Mounting a new /tmp directory\n");
-		if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC,  "mode=777,gid=0") < 0)
-			errExit("mounting tmp directory");
 	}
 	
 
@@ -253,13 +247,6 @@ void fs_private(void) {
 		if (chown(homedir, u, g) < 0)
 			errExit("chown");
 	}
-	else {
-		// mask tmp only in root mode; KDE keeps all kind of sockets in /tmp!
-		if (arg_debug)
-			printf("Mounting a new /tmp directory\n");
-		if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC,  "mode=777,gid=0") < 0)
-			errExit("mounting tmp directory");
-	}
 	
 	skel(homedir, u, g);
 	if (xflag)
@@ -502,12 +489,6 @@ void fs_private_home_list(void) {
 			printf("Mounting a new /home directory\n");
 		if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC,  "mode=755,gid=0") < 0)
 			errExit("mounting home directory");
-
-		// mask /tmp only in root mode; KDE keeps all kind of sockets in /tmp!
-		if (arg_debug)
-			printf("Mounting a new /tmp directory\n");
-		if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC,  "mode=777,gid=0") < 0)
-			errExit("mounting tmp directory");
 	}
 
 	skel(homedir, u, g);
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 3b2e7e4d9..43a468c46 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -1084,7 +1084,7 @@ int main(int argc, char **argv) {
 			}
 			
 			if (custom_profile)
-				printf("\n** Note: %s profile can be disabled by --noprofile option **\n\n", profile_name);
+				printf("\n** Note: you can use --noprofile to disable %s.profile **\n\n", profile_name);
 		}
 	}
 
diff --git a/src/firejail/netfilter.c b/src/firejail/netfilter.c
index 5b5026a3d..8601a5696 100644
--- a/src/firejail/netfilter.c
+++ b/src/firejail/netfilter.c
@@ -87,7 +87,7 @@ void netfilter(const char *fname) {
 		allocated = 1;
 	}
 
-	// mount a tempfs on top of /tmp directory
+	// temporarily mount a tempfs on top of /tmp directory
 	if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=755,gid=0") < 0)
 		errExit("mounting /tmp");
 
-- 
cgit v1.2.3-54-g00ecf