bugfix: fix --allusers when running as root

author: startx2017 <vradu.startx@yandex.com> 2017-07-07 06:55:37 -0400
committer: startx2017 <vradu.startx@yandex.com> 2017-07-07 06:55:37 -0400
commit: a8dc9a5926beedccfd79b62cd4719277c1a9f6ca (patch)
tree: b00d9c6e3de63fb46dea12a0c1e38f32c11ea08c
parent: merges (diff)
download: firejail-a8dc9a5926beedccfd79b62cd4719277c1a9f6ca.tar.gz
firejail-a8dc9a5926beedccfd79b62cd4719277c1a9f6ca.tar.zst
firejail-a8dc9a5926beedccfd79b62cd4719277c1a9f6ca.zip
1 files changed, 7 insertions, 3 deletions
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c
index e5e068583..9e3678c33 100644
--- a/src/firejail/fs_home.c
+++ b/src/firejail/fs_home.c
@@ -284,9 +284,13 @@ void fs_private(void) {
        // mask /home
        if (arg_debug)
                printf("Mounting a new /home directory\n");
-        if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME | MS_REC,  "mode=755,gid=0") < 0)
+        if (u == 0 && arg_allusers) // allow --allusers when starting the sandbox as root
-                errExit("mounting home directory");
+                ;
-        fs_logger("tmpfs /home");
+        else {
+                if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME | MS_REC,  "mode=755,gid=0") < 0)
+                        errExit("mounting home directory");
+                fs_logger("tmpfs /home");
+        }
        // mask /root
        if (arg_debug)
author	startx2017 <vradu.startx@yandex.com>	2017-07-07 06:55:37 -0400
committer	startx2017 <vradu.startx@yandex.com>	2017-07-07 06:55:37 -0400
commit	a8dc9a5926beedccfd79b62cd4719277c1a9f6ca (patch)
tree	b00d9c6e3de63fb46dea12a0c1e38f32c11ea08c
parent	merges (diff)
download	firejail-a8dc9a5926beedccfd79b62cd4719277c1a9f6ca.tar.gz firejail-a8dc9a5926beedccfd79b62cd4719277c1a9f6ca.tar.zst firejail-a8dc9a5926beedccfd79b62cd4719277c1a9f6ca.zip