aboutsummaryrefslogtreecommitdiffstats
path: root/src/firejail/fs_dev.c
diff options
context:
space:
mode:
authorLibravatar netblue30 <netblue30@yahoo.com>2016-11-13 10:47:20 -0500
committerLibravatar netblue30 <netblue30@yahoo.com>2016-11-13 10:47:20 -0500
commit63e16bfcd9f79c63f3801f51df4840f74fa6f41b (patch)
treefa62784ad7ff5becbb4856ed84264cb5d4de8828 /src/firejail/fs_dev.c
parentset_perms cleanup (diff)
downloadfirejail-63e16bfcd9f79c63f3801f51df4840f74fa6f41b.tar.gz
firejail-63e16bfcd9f79c63f3801f51df4840f74fa6f41b.tar.zst
firejail-63e16bfcd9f79c63f3801f51df4840f74fa6f41b.zip
major cleanup and testing
Diffstat (limited to 'src/firejail/fs_dev.c')
-rw-r--r--src/firejail/fs_dev.c32
1 files changed, 5 insertions, 27 deletions
diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c
index ef5d67b55..d710e98f2 100644
--- a/src/firejail/fs_dev.c
+++ b/src/firejail/fs_dev.c
@@ -65,11 +65,7 @@ static void deventry_mount(void) {
65 if (arg_debug) 65 if (arg_debug)
66 printf("mounting %s %s\n", dev[i].run_fname, (dir)? "directory": "file"); 66 printf("mounting %s %s\n", dev[i].run_fname, (dir)? "directory": "file");
67 if (dir) { 67 if (dir) {
68 if (mkdir(dev[i].dev_fname, 0755) == -1) 68 mkdir_attr(dev[i].dev_fname, 0755, 0, 0);
69 errExit("mkdir");
70 if (chmod(dev[i].dev_fname, 0755) == -1)
71 errExit("chmod");
72 ASSERT_PERMS(dev[i].dev_fname, 0, 0, 0755);
73 } 69 }
74 else { 70 else {
75 struct stat s; 71 struct stat s;
@@ -130,11 +126,7 @@ void fs_private_dev(void){
130 126
131 // create DRI_DIR 127 // create DRI_DIR
132 // keep a copy of dev directory 128 // keep a copy of dev directory
133 if (mkdir(RUN_DEV_DIR, 0755) == -1) 129 mkdir_attr(RUN_DEV_DIR, 0755, 0, 0);
134 errExit("mkdir");
135 if (chmod(RUN_DEV_DIR, 0755) == -1)
136 errExit("chmod");
137 ASSERT_PERMS(RUN_DEV_DIR, 0, 0, 0755);
138 if (mount("/dev", RUN_DEV_DIR, NULL, MS_BIND|MS_REC, NULL) < 0) 130 if (mount("/dev", RUN_DEV_DIR, NULL, MS_BIND|MS_REC, NULL) < 0)
139 errExit("mounting /dev/dri"); 131 errExit("mounting /dev/dri");
140 132
@@ -179,12 +171,7 @@ void fs_private_dev(void){
179 // create /dev/shm 171 // create /dev/shm
180 if (arg_debug) 172 if (arg_debug)
181 printf("Create /dev/shm directory\n"); 173 printf("Create /dev/shm directory\n");
182 if (mkdir("/dev/shm", 01777) == -1) 174 mkdir_attr("/dev/shm", 01777, 0, 0);
183 errExit("mkdir");
184 // mkdir sets only the file permission bits
185 if (chmod("/dev/shm", 01777) < 0)
186 errExit("chmod");
187 ASSERT_PERMS("/dev/shm", 0, 0, 01777);
188 fs_logger("mkdir /dev/shm"); 175 fs_logger("mkdir /dev/shm");
189 176
190 // create devices 177 // create devices
@@ -206,11 +193,7 @@ void fs_private_dev(void){
206#endif 193#endif
207 194
208 // pseudo-terminal 195 // pseudo-terminal
209 if (mkdir("/dev/pts", 0755) == -1) 196 mkdir_attr("/dev/pts", 0755, 0, 0);
210 errExit("mkdir");
211 if (chmod("/dev/pts", 0755) == -1)
212 errExit("chmod");
213 ASSERT_PERMS("/dev/pts", 0, 0, 0755);
214 fs_logger("mkdir /dev/pts"); 197 fs_logger("mkdir /dev/pts");
215 create_char_dev("/dev/pts/ptmx", 0666, 5, 2); //"mknod -m 666 /dev/pts/ptmx c 5 2"); 198 create_char_dev("/dev/pts/ptmx", 0666, 5, 2); //"mknod -m 666 /dev/pts/ptmx c 5 2");
216 fs_logger("mknod /dev/pts/ptmx"); 199 fs_logger("mknod /dev/pts/ptmx");
@@ -260,12 +243,7 @@ void fs_dev_shm(void) {
260 if (lnk) { 243 if (lnk) {
261 if (!is_dir(lnk)) { 244 if (!is_dir(lnk)) {
262 // create directory 245 // create directory
263 if (mkdir(lnk, 01777)) 246 mkdir_attr(lnk, 01777, 0, 0);
264 errExit("mkdir");
265 // mkdir sets only the file permission bits
266 if (chmod(lnk, 01777))
267 errExit("chmod");
268 ASSERT_PERMS(lnk, 0, 0, 01777);
269 } 247 }
270 if (arg_debug) 248 if (arg_debug)
271 printf("Mounting tmpfs on %s on behalf of /dev/shm\n", lnk); 249 printf("Mounting tmpfs on %s on behalf of /dev/shm\n", lnk);
generated by cgit v1.2.3-54-g00ecf (git 2.45.1) at 2024-06-03 10:12:45 +0000