github-starred/firejail
2
0
Fork 0
mirror of https://github.com/netblue30/firejail.git synced 2026-05-21 14:56:05 -06:00
Code Issues 531 Projects Packages Wiki Activity Actions 1

Fix inconsistent descriptions of machine-id option

Browse source 
Some places say that it "preserves" the file and other places say that
it "spoofs" the file.  Based on the fs_machineid function on
src/firejail/fs_etc.c, the latter one is correct.

This amends commit d0cc960c9 ("spoof machine-id", 2016-12-05).

Fixes #4689.

Reported-by: @svc88
This commit is contained in:
Kelvin M. Klann 2021-11-15 00:27:03 -03:00
parent e2299b2a41
commit b5de1d0f91
4 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/firejail/firejail.h
View file

@ -341,7 +341,7 @@ extern int arg_allow_debuggers; // allow debuggers
extern int arg_x11_block; // block X11
extern int arg_x11_xorg; // use X11 security extension
extern int arg_allusers; // all user home directories visible
extern int arg_machineid; // preserve /etc/machine-id
extern int arg_machineid; // spoof /etc/machine-id
extern int arg_disable_mnt; // disable /mnt and /media
extern int arg_noprofile; // use default.profile if none other found/specified
extern int arg_memory_deny_write_execute; // block writable and executable memory

2
src/firejail/main.c
View file

@ -137,7 +137,7 @@ int arg_allow_debuggers = 0; // allow debuggers
int arg_x11_block = 0; // block X11
int arg_x11_xorg = 0; // use X11 security extension
int arg_allusers = 0; // all user home directories visible
int arg_machineid = 0; // preserve /etc/machine-id
int arg_machineid = 0; // spoof /etc/machine-id
int arg_allow_private_blacklist = 0; // blacklist things in private directories
int arg_disable_mnt = 0; // disable /mnt and /media
int arg_noprofile = 0; // use default.profile if none other found/specified

2
src/firejail/usage.c
View file

@ -127,7 +127,7 @@ static char *usage_str =
#ifdef HAVE_NETWORK
" --mac=xx:xx:xx:xx:xx:xx - set interface MAC address.\n"
#endif
" --machine-id - preserve /etc/machine-id\n"
" --machine-id - spoof /etc/machine-id with a random id\n"
" --memory-deny-write-execute - seccomp filter to block attempts to create\n"
"\tmemory mappings that are both writable and executable.\n"
" --mkdir=dirname - create a directory.\n"

2
src/zsh_completion/_firejail.in
View file

@ -105,7 +105,7 @@ _firejail_args=(
'--keep-config-pulse[disable automatic ~/.config/pulse init]'
'--keep-dev-shm[/dev/shm directory is untouched (even with --private-dev)]'
'--keep-var-tmp[/var/tmp directory is untouched]'
'--machine-id[preserve /etc/machine-id]'
'--machine-id[spoof /etc/machine-id]'
'--memory-deny-write-execute[seccomp filter to block attempts to create memory mappings that are both writable and executable]'
'*--mkdir=-[create a directory]:'
'*--mkfile=-[create a file]:'