diff options
author | smitsohu <smitsohu@gmail.com> | 2019-03-02 17:59:32 +0100 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2019-03-02 17:59:32 +0100 |
commit | 10726a0601e0622b21e8f94ca033b0745ed49229 (patch) | |
tree | 90064b2647119ef09e040e5699e7ade2c0e266ec /src/firejail/fs_home.c | |
parent | profile.c: errout with too many dns args (diff) | |
download | firejail-10726a0601e0622b21e8f94ca033b0745ed49229.tar.gz firejail-10726a0601e0622b21e8f94ca033b0745ed49229.tar.zst firejail-10726a0601e0622b21e8f94ca033b0745ed49229.zip |
more cleanup: remove MS_REC from tmpfs mounts
Diffstat (limited to 'src/firejail/fs_home.c')
-rw-r--r-- | src/firejail/fs_home.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c index 7746aa44b..e35bf073d 100644 --- a/src/firejail/fs_home.c +++ b/src/firejail/fs_home.c | |||
@@ -270,7 +270,7 @@ void fs_private_homedir(void) { | |||
270 | // mask /root | 270 | // mask /root |
271 | if (arg_debug) | 271 | if (arg_debug) |
272 | printf("Mounting a new /root directory\n"); | 272 | printf("Mounting a new /root directory\n"); |
273 | if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME | MS_REC, "mode=700,gid=0") < 0) | 273 | if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME, "mode=700,gid=0") < 0) |
274 | errExit("mounting home directory"); | 274 | errExit("mounting home directory"); |
275 | fs_logger("tmpfs /root"); | 275 | fs_logger("tmpfs /root"); |
276 | } | 276 | } |
@@ -278,7 +278,7 @@ void fs_private_homedir(void) { | |||
278 | // mask /home | 278 | // mask /home |
279 | if (arg_debug) | 279 | if (arg_debug) |
280 | printf("Mounting a new /home directory\n"); | 280 | printf("Mounting a new /home directory\n"); |
281 | if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 281 | if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME, "mode=755,gid=0") < 0) |
282 | errExit("mounting home directory"); | 282 | errExit("mounting home directory"); |
283 | fs_logger("tmpfs /home"); | 283 | fs_logger("tmpfs /home"); |
284 | } | 284 | } |
@@ -313,7 +313,7 @@ void fs_private(void) { | |||
313 | else { | 313 | else { |
314 | if (arg_allusers) | 314 | if (arg_allusers) |
315 | fwarning("--allusers disabled by --private or --whitelist\n"); | 315 | fwarning("--allusers disabled by --private or --whitelist\n"); |
316 | if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 316 | if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME, "mode=755,gid=0") < 0) |
317 | errExit("mounting home directory"); | 317 | errExit("mounting home directory"); |
318 | fs_logger("tmpfs /home"); | 318 | fs_logger("tmpfs /home"); |
319 | } | 319 | } |
@@ -321,7 +321,7 @@ void fs_private(void) { | |||
321 | // mask /root | 321 | // mask /root |
322 | if (arg_debug) | 322 | if (arg_debug) |
323 | printf("Mounting a new /root directory\n"); | 323 | printf("Mounting a new /root directory\n"); |
324 | if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME | MS_REC, "mode=700,gid=0") < 0) | 324 | if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME, "mode=700,gid=0") < 0) |
325 | errExit("mounting root directory"); | 325 | errExit("mounting root directory"); |
326 | fs_logger("tmpfs /root"); | 326 | fs_logger("tmpfs /root"); |
327 | 327 | ||
@@ -517,14 +517,14 @@ void fs_private_home_list(void) { | |||
517 | // mask /root | 517 | // mask /root |
518 | if (arg_debug) | 518 | if (arg_debug) |
519 | printf("Mounting a new /root directory\n"); | 519 | printf("Mounting a new /root directory\n"); |
520 | if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=700,gid=0") < 0) | 520 | if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME, "mode=700,gid=0") < 0) |
521 | errExit("mounting home directory"); | 521 | errExit("mounting home directory"); |
522 | } | 522 | } |
523 | else { | 523 | else { |
524 | // mask /home | 524 | // mask /home |
525 | if (arg_debug) | 525 | if (arg_debug) |
526 | printf("Mounting a new /home directory\n"); | 526 | printf("Mounting a new /home directory\n"); |
527 | if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 527 | if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME, "mode=755,gid=0") < 0) |
528 | errExit("mounting home directory"); | 528 | errExit("mounting home directory"); |
529 | } | 529 | } |
530 | 530 | ||