more cleanup: remove MS_REC from tmpfs mounts

author: smitsohu <smitsohu@gmail.com> 2019-03-02 17:59:32 +0100
committer: smitsohu <smitsohu@gmail.com> 2019-03-02 17:59:32 +0100
commit: 10726a0601e0622b21e8f94ca033b0745ed49229 (patch)
tree: 90064b2647119ef09e040e5699e7ade2c0e266ec /src/firejail/fs_home.c
parent: profile.c: errout with too many dns args (diff)
download: firejail-10726a0601e0622b21e8f94ca033b0745ed49229.tar.gz
firejail-10726a0601e0622b21e8f94ca033b0745ed49229.tar.zst
firejail-10726a0601e0622b21e8f94ca033b0745ed49229.zip
1 files changed, 6 insertions, 6 deletions
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c
index 7746aa44b..e35bf073d 100644
--- a/src/firejail/fs_home.c
+++ b/src/firejail/fs_home.c
@@ -270,7 +270,7 @@ void fs_private_homedir(void) {
                // mask /root
                if (arg_debug)
                        printf("Mounting a new /root directory\n");
-                if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME | MS_REC,  "mode=700,gid=0") < 0)
+                if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME,  "mode=700,gid=0") < 0)
                        errExit("mounting home directory");
                fs_logger("tmpfs /root");
        }
@@ -278,7 +278,7 @@ void fs_private_homedir(void) {
                // mask /home
                if (arg_debug)
                        printf("Mounting a new /home directory\n");
-                if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME | MS_REC,  "mode=755,gid=0") < 0)
+                if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME,  "mode=755,gid=0") < 0)
                        errExit("mounting home directory");
                fs_logger("tmpfs /home");
        }
@@ -313,7 +313,7 @@ void fs_private(void) {
        else {
                if (arg_allusers)
                        fwarning("--allusers disabled by --private or --whitelist\n");
-                if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME | MS_REC,  "mode=755,gid=0") < 0)
+                if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME,  "mode=755,gid=0") < 0)
                        errExit("mounting home directory");
                fs_logger("tmpfs /home");
        }
@@ -321,7 +321,7 @@ void fs_private(void) {
        // mask /root
        if (arg_debug)
                printf("Mounting a new /root directory\n");
-        if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME | MS_REC,  "mode=700,gid=0") < 0)
+        if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME,  "mode=700,gid=0") < 0)
                errExit("mounting root directory");
        fs_logger("tmpfs /root");
@@ -517,14 +517,14 @@ void fs_private_home_list(void) {
                // mask /root
                if (arg_debug)
                        printf("Mounting a new /root directory\n");
-                if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC,  "mode=700,gid=0") < 0)
+                if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME,  "mode=700,gid=0") < 0)
                        errExit("mounting home directory");
        }
        else {
                // mask /home
                if (arg_debug)
                        printf("Mounting a new /home directory\n");
-                if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC,  "mode=755,gid=0") < 0)
+                if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME,  "mode=755,gid=0") < 0)
                        errExit("mounting home directory");
        }
author	smitsohu <smitsohu@gmail.com>	2019-03-02 17:59:32 +0100
committer	smitsohu <smitsohu@gmail.com>	2019-03-02 17:59:32 +0100
commit	10726a0601e0622b21e8f94ca033b0745ed49229 (patch)
tree	90064b2647119ef09e040e5699e7ade2c0e266ec /src/firejail/fs_home.c
parent	profile.c: errout with too many dns args (diff)
download	firejail-10726a0601e0622b21e8f94ca033b0745ed49229.tar.gz firejail-10726a0601e0622b21e8f94ca033b0745ed49229.tar.zst firejail-10726a0601e0622b21e8f94ca033b0745ed49229.zip

diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c index 7746aa44b..e35bf073d 100644 --- a/src/firejail/fs_home.c +++ b/src/firejail/fs_home.c
@@ -270,7 +270,7 @@ void fs_private_homedir(void) {
270	// mask /root	270	// mask /root
271	if (arg_debug)	271	if (arg_debug)
272	printf("Mounting a new /root directory\n");	272	printf("Mounting a new /root directory\n");
273	if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID \| MS_NODEV \| MS_NOEXEC \| MS_STRICTATIME \| MS_REC, "mode=700,gid=0") < 0)	273	if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID \| MS_NODEV \| MS_NOEXEC \| MS_STRICTATIME, "mode=700,gid=0") < 0)
274	errExit("mounting home directory");	274	errExit("mounting home directory");
275	fs_logger("tmpfs /root");	275	fs_logger("tmpfs /root");
276	}	276	}
@@ -278,7 +278,7 @@ void fs_private_homedir(void) {
278	// mask /home	278	// mask /home
279	if (arg_debug)	279	if (arg_debug)
280	printf("Mounting a new /home directory\n");	280	printf("Mounting a new /home directory\n");
281	if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID \| MS_NODEV \| MS_NOEXEC \| MS_STRICTATIME \| MS_REC, "mode=755,gid=0") < 0)	281	if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID \| MS_NODEV \| MS_NOEXEC \| MS_STRICTATIME, "mode=755,gid=0") < 0)
282	errExit("mounting home directory");	282	errExit("mounting home directory");
283	fs_logger("tmpfs /home");	283	fs_logger("tmpfs /home");
284	}	284	}
@@ -313,7 +313,7 @@ void fs_private(void) {
313	else {	313	else {
314	if (arg_allusers)	314	if (arg_allusers)
315	fwarning("--allusers disabled by --private or --whitelist\n");	315	fwarning("--allusers disabled by --private or --whitelist\n");
316	if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID \| MS_NODEV \| MS_NOEXEC \| MS_STRICTATIME \| MS_REC, "mode=755,gid=0") < 0)	316	if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID \| MS_NODEV \| MS_NOEXEC \| MS_STRICTATIME, "mode=755,gid=0") < 0)
317	errExit("mounting home directory");	317	errExit("mounting home directory");
318	fs_logger("tmpfs /home");	318	fs_logger("tmpfs /home");
319	}	319	}
@@ -321,7 +321,7 @@ void fs_private(void) {
321	// mask /root	321	// mask /root
322	if (arg_debug)	322	if (arg_debug)
323	printf("Mounting a new /root directory\n");	323	printf("Mounting a new /root directory\n");
324	if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID \| MS_NODEV \| MS_NOEXEC \| MS_STRICTATIME \| MS_REC, "mode=700,gid=0") < 0)	324	if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID \| MS_NODEV \| MS_NOEXEC \| MS_STRICTATIME, "mode=700,gid=0") < 0)
325	errExit("mounting root directory");	325	errExit("mounting root directory");
326	fs_logger("tmpfs /root");	326	fs_logger("tmpfs /root");
327		327
@@ -517,14 +517,14 @@ void fs_private_home_list(void) {
517	// mask /root	517	// mask /root
518	if (arg_debug)	518	if (arg_debug)
519	printf("Mounting a new /root directory\n");	519	printf("Mounting a new /root directory\n");
520	if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID \| MS_NODEV \| MS_STRICTATIME \| MS_REC, "mode=700,gid=0") < 0)	520	if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID \| MS_NODEV \| MS_STRICTATIME, "mode=700,gid=0") < 0)
521	errExit("mounting home directory");	521	errExit("mounting home directory");
522	}	522	}
523	else {	523	else {
524	// mask /home	524	// mask /home
525	if (arg_debug)	525	if (arg_debug)
526	printf("Mounting a new /home directory\n");	526	printf("Mounting a new /home directory\n");
527	if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID \| MS_NODEV \| MS_STRICTATIME \| MS_REC, "mode=755,gid=0") < 0)	527	if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID \| MS_NODEV \| MS_STRICTATIME, "mode=755,gid=0") < 0)
528	errExit("mounting home directory");	528	errExit("mounting home directory");
529	}	529	}
530		530