diff options
author | netblue30 <netblue30@yahoo.com> | 2016-09-27 15:52:21 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-09-27 15:52:21 -0400 |
commit | 19a67bebb4e11dd1727f8085dfa03c45d3128d49 (patch) | |
tree | 527147048cfbd3fbacc802f2b903ef3c9db10c2a | |
parent | CVE-2016-7545 (diff) | |
download | firejail-19a67bebb4e11dd1727f8085dfa03c45d3128d49.tar.gz firejail-19a67bebb4e11dd1727f8085dfa03c45d3128d49.tar.zst firejail-19a67bebb4e11dd1727f8085dfa03c45d3128d49.zip |
debug
-rw-r--r-- | src/firejail/fs_dev.c | 6 | ||||
-rw-r--r-- | src/firejail/pulseaudio.c | 2 |
2 files changed, 7 insertions, 1 deletions
diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c index 4744b3096..c21aed6c4 100644 --- a/src/firejail/fs_dev.c +++ b/src/firejail/fs_dev.c | |||
@@ -59,13 +59,15 @@ static void deventry_mount(void) { | |||
59 | while (dev[i].dev_fname != NULL) { | 59 | while (dev[i].dev_fname != NULL) { |
60 | struct stat s; | 60 | struct stat s; |
61 | if (stat(dev[i].run_fname, &s) == 0) { | 61 | if (stat(dev[i].run_fname, &s) == 0) { |
62 | if (arg_debug) | ||
63 | printf("mounting %s\n", dev[i].run_fname); | ||
62 | if (mkdir(dev[i].dev_fname, 0755) == -1) | 64 | if (mkdir(dev[i].dev_fname, 0755) == -1) |
63 | errExit("mkdir"); | 65 | errExit("mkdir"); |
64 | if (chmod(dev[i].dev_fname, 0755) == -1) | 66 | if (chmod(dev[i].dev_fname, 0755) == -1) |
65 | errExit("chmod"); | 67 | errExit("chmod"); |
66 | ASSERT_PERMS(dev[i].dev_fname, 0, 0, 0755); | 68 | ASSERT_PERMS(dev[i].dev_fname, 0, 0, 0755); |
67 | if (mount(dev[i].run_fname, dev[i].dev_fname, NULL, MS_BIND|MS_REC, NULL) < 0) | 69 | if (mount(dev[i].run_fname, dev[i].dev_fname, NULL, MS_BIND|MS_REC, NULL) < 0) |
68 | errExit("mounting /dev/snd"); | 70 | errExit("mounting dev file"); |
69 | fs_logger2("whitelist", dev[i].dev_fname); | 71 | fs_logger2("whitelist", dev[i].dev_fname); |
70 | } | 72 | } |
71 | 73 | ||
@@ -261,6 +263,8 @@ void fs_dev_shm(void) { | |||
261 | } | 263 | } |
262 | 264 | ||
263 | void fs_dev_disable_sound() { | 265 | void fs_dev_disable_sound() { |
266 | if (arg_debug) | ||
267 | printf("disable /dev/snd\n"); | ||
264 | if (mount(RUN_RO_DIR, "/dev/snd", "none", MS_BIND, "mode=400,gid=0") < 0) | 268 | if (mount(RUN_RO_DIR, "/dev/snd", "none", MS_BIND, "mode=400,gid=0") < 0) |
265 | errExit("disable /dev/snd"); | 269 | errExit("disable /dev/snd"); |
266 | fs_logger("blacklist /dev/snd"); | 270 | fs_logger("blacklist /dev/snd"); |
diff --git a/src/firejail/pulseaudio.c b/src/firejail/pulseaudio.c index 7db8d2c18..90997f934 100644 --- a/src/firejail/pulseaudio.c +++ b/src/firejail/pulseaudio.c | |||
@@ -53,6 +53,8 @@ doexit: | |||
53 | 53 | ||
54 | // disable pulseaudio socket | 54 | // disable pulseaudio socket |
55 | void pulseaudio_disable(void) { | 55 | void pulseaudio_disable(void) { |
56 | if (arg_debug) | ||
57 | printf("disable pulseaudio\n"); | ||
56 | // blacklist user config directory | 58 | // blacklist user config directory |
57 | disable_file(cfg.homedir, ".config/pulse"); | 59 | disable_file(cfg.homedir, ".config/pulse"); |
58 | 60 | ||