From 8259f66e1f6b54f0ea6039f5fd65a77cbb27dfd9 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@protonmail.com>
Date: Sat, 6 Apr 2024 23:16:10 -0400
Subject: landlock fix for old kernel versions

---
 src/firejail/landlock.c | 6 ++++++
 src/firejail/profile.c  | 6 ++++--
 2 files changed, 10 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/firejail/landlock.c b/src/firejail/landlock.c
index 453ad8f10..44d7eeafa 100644
--- a/src/firejail/landlock.c
+++ b/src/firejail/landlock.c
@@ -294,4 +294,10 @@ void ll_add_profile(int type, const char *data) {
 	ptr->next = entry;
 }
 
+#else
+void ll_add_profile(int type, const char *data) {
+	(void) type;
+	(void) data;
+}
+
 #endif /* HAVE_LANDLOCK */
diff --git a/src/firejail/profile.c b/src/firejail/profile.c
index 4e0b17a8c..62767f8dc 100644
--- a/src/firejail/profile.c
+++ b/src/firejail/profile.c
@@ -1073,7 +1073,9 @@ int profile_check_line(char *ptr, int lineno, const char *fname) {
 		return 0;
 	}
 
-#ifdef HAVE_LANDLOCK
+//#ifdef HAVE_LANDLOCK
+// landlock_connon.inc included by derfault in landlock.profile
+// all landlcok functions are empty in case landlock is not available in the kernel
 	if (strncmp(ptr, "landlock.enforce", 16) == 0) {
 		arg_landlock_enforce = 1;
 		return 0;
@@ -1098,7 +1100,7 @@ int profile_check_line(char *ptr, int lineno, const char *fname) {
 		ll_add_profile(LL_FS_EXEC, ptr + 20);
 		return 0;
 	}
-#endif
+//#endif
 
 	// memory deny write&execute
 	if (strcmp(ptr, "memory-deny-write-execute") == 0) {
-- 
cgit v1.2.3-54-g00ecf