moving appimage mount point from /tmp to /run - fixing --private-tmp

author: netblue30 <netblue30@yahoo.com> 2016-10-09 11:12:34 -0400
committer: netblue30 <netblue30@yahoo.com> 2016-10-09 11:12:34 -0400
commit: 223543a7e5bc520af0373415f5baca4449bebff0 (patch)
tree: 4ee17334cf1a8ff0148ed5bf01955e7219992d92
parent: moving appimage mount point from /tmp to /run (diff)
download: firejail-223543a7e5bc520af0373415f5baca4449bebff0.tar.gz
firejail-223543a7e5bc520af0373415f5baca4449bebff0.tar.zst
firejail-223543a7e5bc520af0373415f5baca4449bebff0.zip
1 files changed, 0 insertions, 23 deletions
diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c
index ad7fea227..849861805 100644
--- a/src/firejail/fs_whitelist.c
+++ b/src/firejail/fs_whitelist.c
@@ -550,29 +550,6 @@ void fs_whitelist(void) {
                if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=1777,gid=0") < 0)
                        errExit("mounting tmpfs on /tmp");
                fs_logger("tmpfs /tmp");
-                
-                // mount appimage directory if necessary
-                if (arg_appimage) {
-                        const char *dir = appimage_getdir();
-                        assert(dir);
-                        char *wdir;
-                        if (asprintf(&wdir, "%s/%s", RUN_WHITELIST_TMP_DIR, dir + 4) == -1)
-                                errExit("asprintf");
-                        // create directory
-                        if (mkdir(dir, 0755) < 0)
-                                errExit("mkdir");
-                        if (chown(dir, getuid(), getgid()) < 0)
-                                errExit("chown");
-                        if (chmod(dir, 0755) < 0)
-                                errExit("chmod");
-                
-                        // mount
-                        if (mount(wdir, dir, NULL, MS_BIND|MS_REC, NULL) < 0)
-                                errExit("mount bind");
-                        fs_logger2("whitelist", dir);
-                        free(wdir);
-                }
        }
        
        // /media mountpoint
author	netblue30 <netblue30@yahoo.com>	2016-10-09 11:12:34 -0400
committer	netblue30 <netblue30@yahoo.com>	2016-10-09 11:12:34 -0400
commit	223543a7e5bc520af0373415f5baca4449bebff0 (patch)
tree	4ee17334cf1a8ff0148ed5bf01955e7219992d92
parent	moving appimage mount point from /tmp to /run (diff)
download	firejail-223543a7e5bc520af0373415f5baca4449bebff0.tar.gz firejail-223543a7e5bc520af0373415f5baca4449bebff0.tar.zst firejail-223543a7e5bc520af0373415f5baca4449bebff0.zip

diff --git a/src/firejail/fs_whitelist.c b/src/firejail/fs_whitelist.c index ad7fea227..849861805 100644 --- a/src/firejail/fs_whitelist.c +++ b/src/firejail/fs_whitelist.c
@@ -550,29 +550,6 @@ void fs_whitelist(void) {
550	if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID \| MS_STRICTATIME \| MS_REC, "mode=1777,gid=0") < 0)	550	if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID \| MS_STRICTATIME \| MS_REC, "mode=1777,gid=0") < 0)
551	errExit("mounting tmpfs on /tmp");	551	errExit("mounting tmpfs on /tmp");
552	fs_logger("tmpfs /tmp");	552	fs_logger("tmpfs /tmp");
553
554	// mount appimage directory if necessary
555	if (arg_appimage) {
556	const char *dir = appimage_getdir();
557	assert(dir);
558	char *wdir;
559	if (asprintf(&wdir, "%s/%s", RUN_WHITELIST_TMP_DIR, dir + 4) == -1)
560	errExit("asprintf");
561
562	// create directory
563	if (mkdir(dir, 0755) < 0)
564	errExit("mkdir");
565	if (chown(dir, getuid(), getgid()) < 0)
566	errExit("chown");
567	if (chmod(dir, 0755) < 0)
568	errExit("chmod");
569
570	// mount
571	if (mount(wdir, dir, NULL, MS_BIND\|MS_REC, NULL) < 0)
572	errExit("mount bind");
573	fs_logger2("whitelist", dir);
574	free(wdir);
575	}
576	}	553	}
577		554
578	// /media mountpoint	555	// /media mountpoint