--keep-hostname part 2 (#7048)

2026-05-15 14:16:14 -06:00 · 2026-02-03 13:43:30 -05:00 · 2026-02-03 13:43:30 -05:00 · 6f164f415e
commit 6f164f415e
parent 47d8079259
2 changed files with 19 additions and 11 deletions
--- a/src/firejail/sandbox.c
+++ b/src/firejail/sandbox.c
@ -677,15 +677,6 @@ int sandbox(void* sandbox_arg) {
 		printf("PID namespace installed\n");


-	//****************************
-	// set hostname
-	//****************************
-	if (cfg.hostname) {
-		assert(arg_keep_hostname == 0);
-		if (sethostname(cfg.hostname, strlen(cfg.hostname)) < 0)
-			errExit("sethostname");
-	}
-
 	//****************************
 	// mount namespace
 	//****************************
@ -989,9 +980,15 @@ int sandbox(void* sandbox_arg) {
 	//****************************
 	// hosts and hostname
 	//****************************
-	if (!arg_keep_hostname)
+	if (!arg_keep_hostname) {
 		fs_hostname();
-
+		// /usr/bin/hostname is blacklisted in default.profile
+		// test this using cat /proc/sys/kernel/hostname, 
+		assert(cfg.hostname);
+		if (sethostname(cfg.hostname, strlen(cfg.hostname)) < 0)
+			errExit("sethostname");
+	}
+	
 	//****************************
 	// /etc overrides from the network namespace
 	//****************************
--- a/test/private-etc/hostname.exp
+++ b/test/private-etc/hostname.exp
@ -18,6 +18,17 @@ expect {
 }
 sleep 1

+send --  "firejail --hostname=foo cat /proc/sys/kernel/hostname\r"
+expect {
+	timeout {puts "TESTING ERROR 0\n";exit}
+	"Child process initialized"
+}
+expect {
+	timeout {puts "TESTING ERROR 0.1\n";exit}
+	"foo"
+}
+sleep 1
+
 send --  "firejail --hostname=foo --private-etc cat /etc/hostname\r"
 expect {
 	timeout {puts "TESTING ERROR 1\n";exit}