From 7ef3560b009343313a4dee1444e21b98073956ce Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Wed, 17 Oct 2018 09:20:32 -0400
Subject: fix #2197

---
 src/firejail/firejail.h | 4 ++--
 src/firejail/main.c     | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

(limited to 'src')

diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index 8145c1bb5..19b8480f8 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -801,8 +801,8 @@ void build_appimage_cmdline(char **command_line, char **window_title, int argc,
 #define PATH_FIREMON (PREFIX "/bin/firemon")
 #define PATH_FIREJAIL (PREFIX "/bin/firejail")
 
-//#define PATH_FSECCOMP (LIBDIR "/firejail/fseccomp")
-#define PATH_FSECCOMP ( RUN_FIREJAIL_LIB_DIR "/fseccomp")
+#define PATH_FSECCOMP_MAIN (LIBDIR "/firejail/fseccomp")		// when called from main thread
+#define PATH_FSECCOMP ( RUN_FIREJAIL_LIB_DIR "/fseccomp")	// when called from sandbox thread
 
 // FSEC_PRINT is run outside of sandbox by --seccomp.print
 // it is also run from inside the sandbox by --debug; in this case we do an access(filename, X_OK) test first
diff --git a/src/firejail/main.c b/src/firejail/main.c
index 680ce5800..29e3df7c6 100644
--- a/src/firejail/main.c
+++ b/src/firejail/main.c
@@ -456,7 +456,7 @@ static void run_cmd_and_exit(int i, int argc, char **argv) {
 #ifdef HAVE_SECCOMP
 	else if (strcmp(argv[i], "--debug-syscalls") == 0) {
 		if (checkcfg(CFG_SECCOMP)) {
-			int rv = sbox_run(SBOX_USER | SBOX_CAPS_NONE | SBOX_SECCOMP, 2, PATH_FSECCOMP, "debug-syscalls");
+			int rv = sbox_run(SBOX_USER | SBOX_CAPS_NONE | SBOX_SECCOMP, 2, PATH_FSECCOMP_MAIN, "debug-syscalls");
 			exit(rv);
 		}
 		else
@@ -464,7 +464,7 @@ static void run_cmd_and_exit(int i, int argc, char **argv) {
 	}
 	else if (strcmp(argv[i], "--debug-errnos") == 0) {
 		if (checkcfg(CFG_SECCOMP)) {
-			int rv = sbox_run(SBOX_USER | SBOX_CAPS_NONE | SBOX_SECCOMP, 2, PATH_FSECCOMP, "debug-errnos");
+			int rv = sbox_run(SBOX_USER | SBOX_CAPS_NONE | SBOX_SECCOMP, 2, PATH_FSECCOMP_MAIN, "debug-errnos");
 			exit(rv);
 		}
 		else
@@ -482,7 +482,7 @@ static void run_cmd_and_exit(int i, int argc, char **argv) {
 		exit(0);
 	}
 	else if (strcmp(argv[i], "--debug-protocols") == 0) {
-		int rv = sbox_run(SBOX_USER | SBOX_CAPS_NONE | SBOX_SECCOMP, 2, PATH_FSECCOMP, "debug-protocols");
+		int rv = sbox_run(SBOX_USER | SBOX_CAPS_NONE | SBOX_SECCOMP, 2, PATH_FSECCOMP_MAIN, "debug-protocols");
 		exit(rv);
 	}
 	else if (strncmp(argv[i], "--protocol.print=", 17) == 0) {
-- 
cgit v1.2.3-54-g00ecf