fix whitelist ~/deletme problem

src/firejail/fs_whitelist.c

@@ -268,6 +268,7 @@ static void whitelist_path(ProfileEntry *entry) {
 	
 	// process regular file
 	else {
+		if (access(path, R_OK)) {
 			// create an empty file
 			FILE *fp = fopen(path, "w");
 			if (!fp) {
@@ -276,6 +277,9 @@ static void whitelist_path(ProfileEntry *entry) {
 			}
 			fclose(fp);
 		}
+		else
+			return; // the file is already present
+	}
 	
 	// set file properties
 	if (chown(path, s.st_uid, s.st_gid) < 0)

test/fs/fs.sh

@@ -54,3 +54,5 @@ echo "TESTING: bind as user (test/fs/option_bind_user.exp)"
 echo "TESTING: recursive mkdir (test/fs/mkdir.exp)"
 ./mkdir.exp
 
+echo "TESTING: double whitelist (test/fs/whitelist-double.exp)"
+./whitelist-double.exp

test/fs/whitelist-double.exp

@@ -0,0 +1,42 @@
+#!/usr/bin/expect -f
+# This file is part of Firejail project
+# Copyright (C) 2014-2016 Firejail Authors
+# License GPL v2
+
+set timeout 30
+spawn $env(SHELL)
+match_max 100000
+
+send -- "echo 123 > /tmp/firejal-deleteme\r"
+sleep 1
+
+send -- "firejail --whitelist=/tmp/firejal-deleteme --whitelist=/tmp/firejal-deleteme\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"Child process initialized"
+}
+sleep 1
+
+send -- "cat /tmp/firejal-deleteme\r"
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	"123"
+}
+
+send -- "exit\r"
+sleep 1
+
+send -- "cat /tmp/firejal-deleteme\r"
+expect {
+	timeout {puts "TESTING ERROR 1\n";exit}
+	"123"
+}
+
+send -- "rm/tmp/firejal-deleteme \r"
+expect {
+	timeout {puts "TESTING ERROR 3\n";exit}
+	"0"
+}
+sleep 1
+
+puts "\nall done\n"