Fix inconsistent descriptions of machine-id option

Some places say that it "preserves" the file and other places say that it "spoofs" the file. Based on the fs_machineid function on src/firejail/fs_etc.c, the latter one is correct. This amends commit d0cc960 ("spoof machine-id", 2016-12-05). Fixes #4689. Reported-by: @svc88
netblue30 · Nov 15, 2021 · b5de1d0 · b5de1d0
1 parent e2299b2
commit b5de1d0
Show file tree

Hide file tree

Showing 4 changed files with 4 additions and 4 deletions.
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
@@ -341,7 +341,7 @@ extern int arg_allow_debuggers; // allow debuggers
 extern int arg_x11_block; // block X11
 extern int arg_x11_xorg; // use X11 security extension
 extern int arg_allusers; // all user home directories visible
-extern int arg_machineid; // preserve /etc/machine-id
+extern int arg_machineid; // spoof /etc/machine-id
 extern int arg_disable_mnt; // disable /mnt and /media
 extern int arg_noprofile; // use default.profile if none other found/specified
 extern int arg_memory_deny_write_execute; // block writable and executable memory

diff --git a/src/firejail/main.c b/src/firejail/main.c
@@ -137,7 +137,7 @@ int arg_allow_debuggers = 0; // allow debuggers
 int arg_x11_block = 0; // block X11
 int arg_x11_xorg = 0; // use X11 security extension
 int arg_allusers = 0; // all user home directories visible
-int arg_machineid = 0; // preserve /etc/machine-id
+int arg_machineid = 0; // spoof /etc/machine-id
 int arg_allow_private_blacklist = 0; // blacklist things in private directories
 int arg_disable_mnt = 0; // disable /mnt and /media
 int arg_noprofile = 0; // use default.profile if none other found/specified

diff --git a/src/firejail/usage.c b/src/firejail/usage.c
@@ -127,7 +127,7 @@ static char *usage_str =
 #ifdef HAVE_NETWORK
  " --mac=xx:xx:xx:xx:xx:xx - set interface MAC address.\n"
 #endif
- " --machine-id - preserve /etc/machine-id\n"
+ " --machine-id - spoof /etc/machine-id with a random id\n"
  " --memory-deny-write-execute - seccomp filter to block attempts to create\n"
  "\tmemory mappings that are both writable and executable.\n"
  " --mkdir=dirname - create a directory.\n"

diff --git a/src/zsh_completion/_firejail.in b/src/zsh_completion/_firejail.in
@@ -105,7 +105,7 @@ _firejail_args=(
  '--keep-config-pulse[disable automatic ~/.config/pulse init]'
  '--keep-dev-shm[/dev/shm directory is untouched (even with --private-dev)]'
  '--keep-var-tmp[/var/tmp directory is untouched]'
- '--machine-id[preserve /etc/machine-id]'
+ '--machine-id[spoof /etc/machine-id]'
  '--memory-deny-write-execute[seccomp filter to block attempts to create memory mappings that are both writable and executable]'
  '*--mkdir=-[create a directory]:'
  '*--mkfile=-[create a file]:'