diff options
author | Aleksey Manevich <manevich.aleksey@gmail.com> | 2016-08-09 01:29:55 +0300 |
---|---|---|
committer | Aleksey Manevich <manevich.aleksey@gmail.com> | 2016-08-09 01:29:55 +0300 |
commit | 1b19e521c4f007e16010e1c935bc4392bd333145 (patch) | |
tree | 585d6d6409b27c498ff48807538e3fa4012e4c6d /mketc.sh | |
parent | --private-bin and --private-etc fix (diff) | |
download | firejail-1b19e521c4f007e16010e1c935bc4392bd333145.tar.gz firejail-1b19e521c4f007e16010e1c935bc4392bd333145.tar.zst firejail-1b19e521c4f007e16010e1c935bc4392bd333145.zip |
workaround for systems where common UNIX utilities are symlinks to busybox
Diffstat (limited to 'mketc.sh')
-rwxr-xr-x | mketc.sh | 14 |
1 files changed, 14 insertions, 0 deletions
@@ -6,3 +6,17 @@ for file in etc/*.profile etc/*.inc etc/*.net; | |||
6 | do | 6 | do |
7 | sed "s;/etc/firejail;$1/firejail;g" $file > .$file | 7 | sed "s;/etc/firejail;$1/firejail;g" $file > .$file |
8 | done | 8 | done |
9 | |||
10 | if [ "x$2" = "xyes" ] | ||
11 | then | ||
12 | sed -i -e ' | ||
13 | 1i# Workaround for systems where common UNIX utilities are symlinks to busybox.\ | ||
14 | # If this is not your case you can remove --enable-busybox-workaround from\ | ||
15 | # ./configure options, for added security.\ | ||
16 | noblacklist \${PATH}/mount\ | ||
17 | noblacklist \${PATH}/umount\ | ||
18 | noblacklist \${PATH}/su\ | ||
19 | noblacklist \${PATH}/sudo\ | ||
20 | noblacklist \${PATH}/nc\ | ||
21 | ' .etc/disable-common.inc | ||
22 | fi | ||