diff options
author | startx2017 <vradu.startx@yandex.com> | 2017-07-07 06:55:37 -0400 |
---|---|---|
committer | startx2017 <vradu.startx@yandex.com> | 2017-07-07 06:55:37 -0400 |
commit | a8dc9a5926beedccfd79b62cd4719277c1a9f6ca (patch) | |
tree | b00d9c6e3de63fb46dea12a0c1e38f32c11ea08c /src/firejail/fs_home.c | |
parent | merges (diff) | |
download | firejail-a8dc9a5926beedccfd79b62cd4719277c1a9f6ca.tar.gz firejail-a8dc9a5926beedccfd79b62cd4719277c1a9f6ca.tar.zst firejail-a8dc9a5926beedccfd79b62cd4719277c1a9f6ca.zip |
bugfix: fix --allusers when running as root
Diffstat (limited to 'src/firejail/fs_home.c')
-rw-r--r-- | src/firejail/fs_home.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c index e5e068583..9e3678c33 100644 --- a/src/firejail/fs_home.c +++ b/src/firejail/fs_home.c | |||
@@ -284,9 +284,13 @@ void fs_private(void) { | |||
284 | // mask /home | 284 | // mask /home |
285 | if (arg_debug) | 285 | if (arg_debug) |
286 | printf("Mounting a new /home directory\n"); | 286 | printf("Mounting a new /home directory\n"); |
287 | if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 287 | if (u == 0 && arg_allusers) // allow --allusers when starting the sandbox as root |
288 | errExit("mounting home directory"); | 288 | ; |
289 | fs_logger("tmpfs /home"); | 289 | else { |
290 | if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | ||
291 | errExit("mounting home directory"); | ||
292 | fs_logger("tmpfs /home"); | ||
293 | } | ||
290 | 294 | ||
291 | // mask /root | 295 | // mask /root |
292 | if (arg_debug) | 296 | if (arg_debug) |