diff options
author | netblue30 <netblue30@yahoo.com> | 2018-06-12 07:58:38 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2018-06-12 07:58:38 -0400 |
commit | 2b4afcfb0ae77ffd40e665efdada274d804678bc (patch) | |
tree | 239818c4699d2484e2eef8597817f03794478041 | |
parent | mounting a tmpfs on ~/.cache directory (private-cache) by default (diff) | |
download | firejail-2b4afcfb0ae77ffd40e665efdada274d804678bc.tar.gz firejail-2b4afcfb0ae77ffd40e665efdada274d804678bc.tar.zst firejail-2b4afcfb0ae77ffd40e665efdada274d804678bc.zip |
potential fix for Yubikey devices
-rw-r--r-- | src/firejail/fs_dev.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c index 152ddf5f7..947dc1364 100644 --- a/src/firejail/fs_dev.c +++ b/src/firejail/fs_dev.c | |||
@@ -39,6 +39,7 @@ typedef enum { | |||
39 | DEV_VIDEO, | 39 | DEV_VIDEO, |
40 | DEV_TV, | 40 | DEV_TV, |
41 | DEV_DVD, | 41 | DEV_DVD, |
42 | DEV_USB, | ||
42 | } DEV_TYPE; | 43 | } DEV_TYPE; |
43 | 44 | ||
44 | 45 | ||
@@ -76,6 +77,7 @@ static DevEntry dev[] = { | |||
76 | {"/dev/video9", RUN_DEV_DIR "/video9", DEV_VIDEO}, | 77 | {"/dev/video9", RUN_DEV_DIR "/video9", DEV_VIDEO}, |
77 | {"/dev/dvb", RUN_DEV_DIR "/dvb", DEV_TV}, // DVB (Digital Video Broadcasting) - TV device | 78 | {"/dev/dvb", RUN_DEV_DIR "/dvb", DEV_TV}, // DVB (Digital Video Broadcasting) - TV device |
78 | {"/dev/sr0", RUN_DEV_DIR "/sr0", DEV_DVD}, // for DVD and audio CD players | 79 | {"/dev/sr0", RUN_DEV_DIR "/sr0", DEV_DVD}, // for DVD and audio CD players |
80 | {"/dev/usb", RUN_DEV_DIR "/usb", DEV_USB}, // USB devices such as Yubikey, U2F | ||
79 | {NULL, NULL, DEV_NONE} | 81 | {NULL, NULL, DEV_NONE} |
80 | }; | 82 | }; |
81 | 83 | ||
@@ -84,13 +86,13 @@ static void deventry_mount(void) { | |||
84 | while (dev[i].dev_fname != NULL) { | 86 | while (dev[i].dev_fname != NULL) { |
85 | struct stat s; | 87 | struct stat s; |
86 | if (stat(dev[i].run_fname, &s) == 0) { | 88 | if (stat(dev[i].run_fname, &s) == 0) { |
87 | |||
88 | // check device type and subsystem configuration | 89 | // check device type and subsystem configuration |
89 | if ((dev[i].type == DEV_SOUND && arg_nosound == 0) || | 90 | if ((dev[i].type == DEV_SOUND && arg_nosound == 0) || |
90 | (dev[i].type == DEV_3D && arg_no3d == 0) || | 91 | (dev[i].type == DEV_3D && arg_no3d == 0) || |
91 | (dev[i].type == DEV_VIDEO && arg_novideo == 0) || | 92 | (dev[i].type == DEV_VIDEO && arg_novideo == 0) || |
92 | (dev[i].type == DEV_TV && arg_notv == 0) || | 93 | (dev[i].type == DEV_TV && arg_notv == 0) || |
93 | (dev[i].type == DEV_DVD && arg_nodvd == 0)) { | 94 | (dev[i].type == DEV_DVD && arg_nodvd == 0) || |
95 | (dev[i].type == DEV_USB)) { | ||
94 | 96 | ||
95 | int dir = is_dir(dev[i].run_fname); | 97 | int dir = is_dir(dev[i].run_fname); |
96 | if (arg_debug) | 98 | if (arg_debug) |