diff options
| author |  smitsohu <smitsohu@gmail.com> | 2020-02-09 11:30:31 +0100 |
|---|---|---|
| committer | smitsohu <smitsohu@gmail.com> | 2020-02-09 11:30:31 +0100 |
| commit | 609be4fda2dda5557de864eba814c42fe2f40dca (patch) | |
| tree | 4705e07b546c1a9d2d102feae3d7156316f64710 | |
| parent | include wvc to more profiles (#3209) (diff) | |
| download | firejail-609be4fda2dda5557de864eba814c42fe2f40dca.tar.gz firejail-609be4fda2dda5557de864eba814c42fe2f40dca.tar.zst firejail-609be4fda2dda5557de864eba814c42fe2f40dca.zip | |
openSUSE fix: mount private-etc on /usr/etc as well
see issue #3145
| -rw-r--r-- | src/firejail/fs_etc.c | 3 | ||||
| -rw-r--r-- | src/firejail/sandbox.c | 1 | ||||
| -rw-r--r-- | src/include/rundefs.h | 1 |
3 files changed, 4 insertions, 1 deletions
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c index 7b7813926..76bcb751e 100644 --- a/src/firejail/fs_etc.c +++ b/src/firejail/fs_etc.c | |||
| @@ -145,7 +145,8 @@ void fs_private_dir_list(const char *private_dir, const char *private_run_dir, c | |||
| 145 | // nothing to do if directory does not exist | 145 | // nothing to do if directory does not exist |
| 146 | struct stat s; | 146 | struct stat s; |
| 147 | if (stat(private_dir, &s) == -1) { | 147 | if (stat(private_dir, &s) == -1) { |
| 148 | fmessage("Cannot find %s\n", private_dir); | 148 | if (arg_debug) |
| 149 | printf("Cannot find %s\n", private_dir); | ||
| 149 | return; | 150 | return; |
| 150 | } | 151 | } |
| 151 | 152 | ||
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index 96ad30bed..4f53cafcc 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
| @@ -855,6 +855,7 @@ int sandbox(void* sandbox_arg) { | |||
| 855 | fwarning("private-etc feature is disabled in overlay\n"); | 855 | fwarning("private-etc feature is disabled in overlay\n"); |
| 856 | else { | 856 | else { |
| 857 | fs_private_dir_list("/etc", RUN_ETC_DIR, cfg.etc_private_keep); | 857 | fs_private_dir_list("/etc", RUN_ETC_DIR, cfg.etc_private_keep); |
| 858 | fs_private_dir_list("/usr/etc", RUN_USR_ETC_DIR, cfg.etc_private_keep); // openSUSE | ||
| 858 | // create /etc/ld.so.preload file again | 859 | // create /etc/ld.so.preload file again |
| 859 | if (need_preload) | 860 | if (need_preload) |
| 860 | fs_trace_preload(); | 861 | fs_trace_preload(); |
diff --git a/src/include/rundefs.h b/src/include/rundefs.h index 7f9c68be2..1cfeee28d 100644 --- a/src/include/rundefs.h +++ b/src/include/rundefs.h | |||
| @@ -42,6 +42,7 @@ | |||
| 42 | #define RUN_NONEWPRIVS_CFG RUN_MNT_DIR "/nonewprivs" | 42 | #define RUN_NONEWPRIVS_CFG RUN_MNT_DIR "/nonewprivs" |
| 43 | #define RUN_HOME_DIR RUN_MNT_DIR "/home" | 43 | #define RUN_HOME_DIR RUN_MNT_DIR "/home" |
| 44 | #define RUN_ETC_DIR RUN_MNT_DIR "/etc" | 44 | #define RUN_ETC_DIR RUN_MNT_DIR "/etc" |
| 45 | #define RUN_USR_ETC_DIR RUN_MNT_DIR "/usretc" | ||
| 45 | #define RUN_OPT_DIR RUN_MNT_DIR "/opt" | 46 | #define RUN_OPT_DIR RUN_MNT_DIR "/opt" |
| 46 | #define RUN_SRV_DIR RUN_MNT_DIR "/srv" | 47 | #define RUN_SRV_DIR RUN_MNT_DIR "/srv" |
| 47 | #define RUN_BIN_DIR RUN_MNT_DIR "/bin" | 48 | #define RUN_BIN_DIR RUN_MNT_DIR "/bin" |