diff options
author | smitsohu <smitsohu@gmail.com> | 2021-03-15 15:53:48 +0100 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2021-03-15 15:53:48 +0100 |
commit | f03a0574d0cd6b6625da768f629649468dc3d6ab (patch) | |
tree | 83bfdc7fe7779be75e1a093f8092d020ec0ceadf | |
parent | Merge pull request #4095 from smitsohu/appimage (diff) | |
download | firejail-f03a0574d0cd6b6625da768f629649468dc3d6ab.tar.gz firejail-f03a0574d0cd6b6625da768f629649468dc3d6ab.tar.zst firejail-f03a0574d0cd6b6625da768f629649468dc3d6ab.zip |
finding a place for appimage mount
adds support to run appimage in a chroot
-rw-r--r-- | src/firejail/sandbox.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index 60c097cf2..743d84b43 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
@@ -630,8 +630,6 @@ int sandbox(void* sandbox_arg) { | |||
630 | errExit("mounting " RUN_FIREJAIL_LIB_DIR); | 630 | errExit("mounting " RUN_FIREJAIL_LIB_DIR); |
631 | // keep a copy of dhclient executable before the filesystem is modified | 631 | // keep a copy of dhclient executable before the filesystem is modified |
632 | dhcp_store_exec(); | 632 | dhcp_store_exec(); |
633 | // mount appimage before the filesystem is modified | ||
634 | appimage_mount(); | ||
635 | 633 | ||
636 | //**************************** | 634 | //**************************** |
637 | // log sandbox data | 635 | // log sandbox data |
@@ -827,6 +825,11 @@ int sandbox(void* sandbox_arg) { | |||
827 | fs_basic_fs(); | 825 | fs_basic_fs(); |
828 | 826 | ||
829 | //**************************** | 827 | //**************************** |
828 | // appimage | ||
829 | //**************************** | ||
830 | appimage_mount(); | ||
831 | |||
832 | //**************************** | ||
830 | // private mode | 833 | // private mode |
831 | //**************************** | 834 | //**************************** |
832 | if (arg_private) { | 835 | if (arg_private) { |
@@ -1155,14 +1158,12 @@ int sandbox(void* sandbox_arg) { | |||
1155 | //**************************** | 1158 | //**************************** |
1156 | // continue security filters | 1159 | // continue security filters |
1157 | //**************************** | 1160 | //**************************** |
1158 | |||
1159 | // set capabilities | 1161 | // set capabilities |
1160 | set_caps(); | 1162 | set_caps(); |
1161 | 1163 | ||
1162 | //**************************************** | 1164 | //**************************************** |
1163 | // relay status information to join option | 1165 | // relay status information to join option |
1164 | //**************************************** | 1166 | //**************************************** |
1165 | |||
1166 | char *set_sandbox_status = create_join_file(); | 1167 | char *set_sandbox_status = create_join_file(); |
1167 | 1168 | ||
1168 | //**************************************** | 1169 | //**************************************** |
@@ -1223,7 +1224,6 @@ int sandbox(void* sandbox_arg) { | |||
1223 | //**************************************** | 1224 | //**************************************** |
1224 | // set cpu affinity | 1225 | // set cpu affinity |
1225 | //**************************************** | 1226 | //**************************************** |
1226 | |||
1227 | if (cfg.cpus) | 1227 | if (cfg.cpus) |
1228 | set_cpu_affinity(); | 1228 | set_cpu_affinity(); |
1229 | 1229 | ||