From a890af827b8179562e74447de6638a122ddebc62 Mon Sep 17 00:00:00 2001 From: startx2017 Date: Thu, 7 Sep 2017 07:23:36 -0400 Subject: small fixes --- src/firejail/fs_whitelist.c | 15 +++++++++------ src/firejail/preproc.c | 2 ++ 2 files changed, 11 insertions(+), 6 deletions(-) (limited to 'src') diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c index dad8545a0..6e766f996 100644 --- a/src/firejail/fs_whitelist.c +++ b/src/firejail/fs_whitelist.c @@ -128,10 +128,12 @@ static char *resolve_downloads(int nowhitelist_flag) { return NULL; errout: - fprintf(stderr, "***\n"); - fprintf(stderr, "*** Error: Downloads directory was not found in user home.\n"); - fprintf(stderr, "*** \tAny files saved by the program, will be lost when the sandbox is closed.\n"); - fprintf(stderr, "***\n"); + if (!arg_private) { + fprintf(stderr, "***\n"); + fprintf(stderr, "*** Error: Downloads directory was not found in user home.\n"); + fprintf(stderr, "*** \tAny files saved by the program, will be lost when the sandbox is closed.\n"); + fprintf(stderr, "***\n"); + } return NULL; } @@ -353,7 +355,7 @@ void fs_whitelist(void) { dataptr = (nowhitelist_flag)? entry->data + 12: entry->data + 10; } else { - if (!nowhitelist_flag && !arg_quiet) { + if (!nowhitelist_flag && !arg_quiet && !arg_private) { fprintf(stderr, "***\n"); fprintf(stderr, "*** Warning: cannot whitelist Downloads directory\n"); fprintf(stderr, "*** \tAny file saved will be lost when the sandbox is closed.\n"); @@ -441,7 +443,8 @@ void fs_whitelist(void) { if (strncmp(new_name, cfg.homedir, strlen(cfg.homedir)) == 0) { // whitelisting home directory is disabled if --private option is present if (arg_private) { - fwarning("\"%s\" disabled by --private\n", entry->data); + if (arg_debug || arg_debug_whitelists) + printf("\"%s\" disabled by --private\n", entry->data); entry->data = EMPTY_STRING; continue; diff --git a/src/firejail/preproc.c b/src/firejail/preproc.c index 42502008e..5039c6238 100644 --- a/src/firejail/preproc.c +++ b/src/firejail/preproc.c @@ -81,6 +81,7 @@ void preproc_mount_mnt_dir(void) { tmpfs_mounted = 1; fs_logger2("tmpfs", RUN_MNT_DIR); +#ifdef HAVE_SECCOMP if (arg_seccomp_block_secondary) copy_file(PATH_SECCOMP_BLOCK_SECONDARY, RUN_SECCOMP_BLOCK_SECONDARY, getuid(), getgid(), 0644); // root needed else { @@ -102,6 +103,7 @@ void preproc_mount_mnt_dir(void) { create_empty_file_as_root(RUN_SECCOMP_POSTEXEC, 0644); if (set_perms(RUN_SECCOMP_POSTEXEC, getuid(), getgid(), 0644)) errExit("set_perms"); +#endif } } -- cgit v1.2.3-70-g09d2