overlayfs fix

author: netblue30 <netblue30@yahoo.com> 2016-06-23 13:20:11 -0400
committer: netblue30 <netblue30@yahoo.com> 2016-06-23 13:20:11 -0400
commit: 152a2259a597029fd8cd93d5b806c7e685d17d7a (patch)
tree: 59fd64ac6fd9495fd0f86320a6af1d37d10cb7ce
parent: profile update (diff)
download: firejail-152a2259a597029fd8cd93d5b806c7e685d17d7a.tar.gz
firejail-152a2259a597029fd8cd93d5b806c7e685d17d7a.tar.zst
firejail-152a2259a597029fd8cd93d5b806c7e685d17d7a.zip
1 files changed, 13 insertions, 11 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c
index be77dfa85..5665ab456 100644
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -928,17 +928,19 @@ void fs_overlayfs(void) {
        fs_logger("whitelist /run");
        // mount-bind /tmp/.X11-unix directory
-        if (arg_debug)
+        struct stat s;
-                printf("Mounting /tmp/.X11-unix\n");
+        if (stat("/tmp/.X11-unix", &s) == 0) {
-        char *x11;
+                if (arg_debug)
-        if (asprintf(&x11, "%s/tmp/.X11-unix", oroot) == -1)
+                        printf("Mounting /tmp/.X11-unix\n");
-                errExit("asprintf");
+                char *x11;
-        if (mount("/tmp/.X11-unix", x11, NULL, MS_BIND|MS_REC, NULL) < 0)
+                if (asprintf(&x11, "%s/tmp/.X11-unix", oroot) == -1)
-                errExit("mounting /tmp/.X11-unix");
+                        errExit("asprintf");
-        fs_logger("whitelist /tmp/.X11-unix");
+                if (mount("/tmp/.X11-unix", x11, NULL, MS_BIND|MS_REC, NULL) < 0)
+                        fprintf(stderr, "Warning: cannot mount /tmp/.X11-unix in overlay\n");
+                else
+                        fs_logger("whitelist /tmp/.X11-unix");
+                free(x11);
+        }
        // chroot in the new filesystem
        if (chroot(oroot) == -1)
author	netblue30 <netblue30@yahoo.com>	2016-06-23 13:20:11 -0400
committer	netblue30 <netblue30@yahoo.com>	2016-06-23 13:20:11 -0400
commit	152a2259a597029fd8cd93d5b806c7e685d17d7a (patch)
tree	59fd64ac6fd9495fd0f86320a6af1d37d10cb7ce
parent	profile update (diff)
download	firejail-152a2259a597029fd8cd93d5b806c7e685d17d7a.tar.gz firejail-152a2259a597029fd8cd93d5b806c7e685d17d7a.tar.zst firejail-152a2259a597029fd8cd93d5b806c7e685d17d7a.zip

diff --git a/src/firejail/fs.c b/src/firejail/fs.c index be77dfa85..5665ab456 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c
@@ -928,17 +928,19 @@ void fs_overlayfs(void) {
928	fs_logger("whitelist /run");	928	fs_logger("whitelist /run");
929		929
930	// mount-bind /tmp/.X11-unix directory	930	// mount-bind /tmp/.X11-unix directory
931	if (arg_debug)	931	struct stat s;
932	printf("Mounting /tmp/.X11-unix\n");	932	if (stat("/tmp/.X11-unix", &s) == 0) {
933	char *x11;	933	if (arg_debug)
934	if (asprintf(&x11, "%s/tmp/.X11-unix", oroot) == -1)	934	printf("Mounting /tmp/.X11-unix\n");
935	errExit("asprintf");	935	char *x11;
936	if (mount("/tmp/.X11-unix", x11, NULL, MS_BIND\|MS_REC, NULL) < 0)	936	if (asprintf(&x11, "%s/tmp/.X11-unix", oroot) == -1)
937	errExit("mounting /tmp/.X11-unix");	937	errExit("asprintf");
938	fs_logger("whitelist /tmp/.X11-unix");	938	if (mount("/tmp/.X11-unix", x11, NULL, MS_BIND\|MS_REC, NULL) < 0)
939		939	fprintf(stderr, "Warning: cannot mount /tmp/.X11-unix in overlay\n");
940		940	else
941		941	fs_logger("whitelist /tmp/.X11-unix");
		942	free(x11);
		943	}
942		944
943	// chroot in the new filesystem	945	// chroot in the new filesystem
944	if (chroot(oroot) == -1)	946	if (chroot(oroot) == -1)