diff options
author | netblue30 <netblue30@yahoo.com> | 2016-11-13 10:47:20 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-11-13 10:47:20 -0500 |
commit | 63e16bfcd9f79c63f3801f51df4840f74fa6f41b (patch) | |
tree | fa62784ad7ff5becbb4856ed84264cb5d4de8828 /src/firejail/fs_dev.c | |
parent | set_perms cleanup (diff) | |
download | firejail-63e16bfcd9f79c63f3801f51df4840f74fa6f41b.tar.gz firejail-63e16bfcd9f79c63f3801f51df4840f74fa6f41b.tar.zst firejail-63e16bfcd9f79c63f3801f51df4840f74fa6f41b.zip |
major cleanup and testing
Diffstat (limited to 'src/firejail/fs_dev.c')
-rw-r--r-- | src/firejail/fs_dev.c | 32 |
1 files changed, 5 insertions, 27 deletions
diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c index ef5d67b55..d710e98f2 100644 --- a/src/firejail/fs_dev.c +++ b/src/firejail/fs_dev.c | |||
@@ -65,11 +65,7 @@ static void deventry_mount(void) { | |||
65 | if (arg_debug) | 65 | if (arg_debug) |
66 | printf("mounting %s %s\n", dev[i].run_fname, (dir)? "directory": "file"); | 66 | printf("mounting %s %s\n", dev[i].run_fname, (dir)? "directory": "file"); |
67 | if (dir) { | 67 | if (dir) { |
68 | if (mkdir(dev[i].dev_fname, 0755) == -1) | 68 | mkdir_attr(dev[i].dev_fname, 0755, 0, 0); |
69 | errExit("mkdir"); | ||
70 | if (chmod(dev[i].dev_fname, 0755) == -1) | ||
71 | errExit("chmod"); | ||
72 | ASSERT_PERMS(dev[i].dev_fname, 0, 0, 0755); | ||
73 | } | 69 | } |
74 | else { | 70 | else { |
75 | struct stat s; | 71 | struct stat s; |
@@ -130,11 +126,7 @@ void fs_private_dev(void){ | |||
130 | 126 | ||
131 | // create DRI_DIR | 127 | // create DRI_DIR |
132 | // keep a copy of dev directory | 128 | // keep a copy of dev directory |
133 | if (mkdir(RUN_DEV_DIR, 0755) == -1) | 129 | mkdir_attr(RUN_DEV_DIR, 0755, 0, 0); |
134 | errExit("mkdir"); | ||
135 | if (chmod(RUN_DEV_DIR, 0755) == -1) | ||
136 | errExit("chmod"); | ||
137 | ASSERT_PERMS(RUN_DEV_DIR, 0, 0, 0755); | ||
138 | if (mount("/dev", RUN_DEV_DIR, NULL, MS_BIND|MS_REC, NULL) < 0) | 130 | if (mount("/dev", RUN_DEV_DIR, NULL, MS_BIND|MS_REC, NULL) < 0) |
139 | errExit("mounting /dev/dri"); | 131 | errExit("mounting /dev/dri"); |
140 | 132 | ||
@@ -179,12 +171,7 @@ void fs_private_dev(void){ | |||
179 | // create /dev/shm | 171 | // create /dev/shm |
180 | if (arg_debug) | 172 | if (arg_debug) |
181 | printf("Create /dev/shm directory\n"); | 173 | printf("Create /dev/shm directory\n"); |
182 | if (mkdir("/dev/shm", 01777) == -1) | 174 | mkdir_attr("/dev/shm", 01777, 0, 0); |
183 | errExit("mkdir"); | ||
184 | // mkdir sets only the file permission bits | ||
185 | if (chmod("/dev/shm", 01777) < 0) | ||
186 | errExit("chmod"); | ||
187 | ASSERT_PERMS("/dev/shm", 0, 0, 01777); | ||
188 | fs_logger("mkdir /dev/shm"); | 175 | fs_logger("mkdir /dev/shm"); |
189 | 176 | ||
190 | // create devices | 177 | // create devices |
@@ -206,11 +193,7 @@ void fs_private_dev(void){ | |||
206 | #endif | 193 | #endif |
207 | 194 | ||
208 | // pseudo-terminal | 195 | // pseudo-terminal |
209 | if (mkdir("/dev/pts", 0755) == -1) | 196 | mkdir_attr("/dev/pts", 0755, 0, 0); |
210 | errExit("mkdir"); | ||
211 | if (chmod("/dev/pts", 0755) == -1) | ||
212 | errExit("chmod"); | ||
213 | ASSERT_PERMS("/dev/pts", 0, 0, 0755); | ||
214 | fs_logger("mkdir /dev/pts"); | 197 | fs_logger("mkdir /dev/pts"); |
215 | create_char_dev("/dev/pts/ptmx", 0666, 5, 2); //"mknod -m 666 /dev/pts/ptmx c 5 2"); | 198 | create_char_dev("/dev/pts/ptmx", 0666, 5, 2); //"mknod -m 666 /dev/pts/ptmx c 5 2"); |
216 | fs_logger("mknod /dev/pts/ptmx"); | 199 | fs_logger("mknod /dev/pts/ptmx"); |
@@ -260,12 +243,7 @@ void fs_dev_shm(void) { | |||
260 | if (lnk) { | 243 | if (lnk) { |
261 | if (!is_dir(lnk)) { | 244 | if (!is_dir(lnk)) { |
262 | // create directory | 245 | // create directory |
263 | if (mkdir(lnk, 01777)) | 246 | mkdir_attr(lnk, 01777, 0, 0); |
264 | errExit("mkdir"); | ||
265 | // mkdir sets only the file permission bits | ||
266 | if (chmod(lnk, 01777)) | ||
267 | errExit("chmod"); | ||
268 | ASSERT_PERMS(lnk, 0, 0, 01777); | ||
269 | } | 247 | } |
270 | if (arg_debug) | 248 | if (arg_debug) |
271 | printf("Mounting tmpfs on %s on behalf of /dev/shm\n", lnk); | 249 | printf("Mounting tmpfs on %s on behalf of /dev/shm\n", lnk); |