From e1d230828ce2900e71538bdaaa7a6a16338f1e69 Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Thu, 28 Oct 2021 15:19:15 +0200
Subject: more cleanup

possible because selinux_relabel_path
now raises privs itself where necessary
---
 src/firejail/fs_home.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

(limited to 'src')

diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c
index 8d8530d81..230e9186c 100644
--- a/src/firejail/fs_home.c
+++ b/src/firejail/fs_home.c
@@ -380,12 +380,14 @@ void fs_private(void) {
 		selinux_relabel_path("/home", "/home");
 		fs_logger("tmpfs /home");
 	}
+	EUID_USER();
 
 	if (u != 0) {
 		if (!arg_allusers && strncmp(homedir, "/home/", 6) == 0) {
 			// create new empty /home/user directory
 			if (arg_debug)
 				printf("Create a new user directory\n");
+			EUID_ROOT();
 			if (mkdir(homedir, S_IRWXU) == -1) {
 				if (mkpath_as_root(homedir) == -1)
 					errExit("mkpath");
@@ -394,20 +396,17 @@ void fs_private(void) {
 			}
 			if (chown(homedir, u, g) < 0)
 				errExit("chown");
+			EUID_USER();
 			fs_logger2("mkdir", homedir);
 			fs_logger2("tmpfs", homedir);
 		}
-		else {
+		else
 			// mask user home directory
 			// the directory should be owned by the current user
-			EUID_USER();
 			fs_tmpfs(homedir, 1);
-			EUID_ROOT();
-		}
 
 		selinux_relabel_path(homedir, homedir);
 	}
-	EUID_USER();
 
 	skel(homedir);
 	if (xflag)
-- 
cgit v1.2.3-70-g09d2