diff options
| author |  Aleksey Manevich <manevich.aleksey@gmail.com> | 2016-08-09 01:29:55 +0300 |
|---|---|---|
| committer | Aleksey Manevich <manevich.aleksey@gmail.com> | 2016-08-09 01:29:55 +0300 |
| commit | 1b19e521c4f007e16010e1c935bc4392bd333145 (patch) | |
| tree | 585d6d6409b27c498ff48807538e3fa4012e4c6d /mketc.sh | |
| parent | --private-bin and --private-etc fix (diff) | |
| download | firejail-1b19e521c4f007e16010e1c935bc4392bd333145.tar.gz firejail-1b19e521c4f007e16010e1c935bc4392bd333145.tar.zst firejail-1b19e521c4f007e16010e1c935bc4392bd333145.zip | |
workaround for systems where common UNIX utilities are symlinks to busybox
Diffstat (limited to 'mketc.sh')
| -rwxr-xr-x | mketc.sh | 14 |
1 files changed, 14 insertions, 0 deletions
| @@ -6,3 +6,17 @@ for file in etc/*.profile etc/*.inc etc/*.net; | |||
| 6 | do | 6 | do |
| 7 | sed "s;/etc/firejail;$1/firejail;g" $file > .$file | 7 | sed "s;/etc/firejail;$1/firejail;g" $file > .$file |
| 8 | done | 8 | done |
| 9 | |||
| 10 | if [ "x$2" = "xyes" ] | ||
| 11 | then | ||
| 12 | sed -i -e ' | ||
| 13 | 1i# Workaround for systems where common UNIX utilities are symlinks to busybox.\ | ||
| 14 | # If this is not your case you can remove --enable-busybox-workaround from\ | ||
| 15 | # ./configure options, for added security.\ | ||
| 16 | noblacklist \${PATH}/mount\ | ||
| 17 | noblacklist \${PATH}/umount\ | ||
| 18 | noblacklist \${PATH}/su\ | ||
| 19 | noblacklist \${PATH}/sudo\ | ||
| 20 | noblacklist \${PATH}/nc\ | ||
| 21 | ' .etc/disable-common.inc | ||
| 22 | fi | ||