diff options
| author |  smitsohu <smitsohu@gmail.com> | 2021-10-28 15:21:19 +0200 |
|---|---|---|
| committer | smitsohu <smitsohu@gmail.com> | 2021-10-28 15:23:57 +0200 |
| commit | 0f06da6d5cb59b7d4820b59b78d88cbe1a18d38e (patch) | |
| tree | b5816ba680a92381af34fd814245a7cfcadc150b /src | |
| parent | more cleanup (diff) | |
| download | firejail-0f06da6d5cb59b7d4820b59b78d88cbe1a18d38e.tar.gz firejail-0f06da6d5cb59b7d4820b59b78d88cbe1a18d38e.tar.zst firejail-0f06da6d5cb59b7d4820b59b78d88cbe1a18d38e.zip | |
private-bin fixup (#4646)
cannot create fslogger file as user,
so raise privs and create it as root
Diffstat (limited to 'src')
| -rw-r--r-- | src/firejail/fs_bin.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/firejail/fs_bin.c b/src/firejail/fs_bin.c index a4c1ff822..4c9dac0c2 100644 --- a/src/firejail/fs_bin.c +++ b/src/firejail/fs_bin.c | |||
| @@ -285,24 +285,25 @@ void fs_private_bin_list(void) { | |||
| 285 | while ((ptr = strtok(NULL, ",")) != NULL) | 285 | while ((ptr = strtok(NULL, ",")) != NULL) |
| 286 | globbing(ptr); | 286 | globbing(ptr); |
| 287 | free(dlist); | 287 | free(dlist); |
| 288 | fs_logger_print(); | ||
| 289 | 288 | ||
| 290 | // mount-bind | 289 | // mount-bind |
| 290 | EUID_ROOT(); | ||
| 291 | int i = 0; | 291 | int i = 0; |
| 292 | while (paths[i]) { | 292 | while (paths[i]) { |
| 293 | struct stat s; | 293 | struct stat s; |
| 294 | if (stat(paths[i], &s) == 0) { | 294 | if (stat(paths[i], &s) == 0) { |
| 295 | if (arg_debug) | 295 | if (arg_debug) |
| 296 | printf("Mount-bind %s on top of %s\n", RUN_BIN_DIR, paths[i]); | 296 | printf("Mount-bind %s on top of %s\n", RUN_BIN_DIR, paths[i]); |
| 297 | EUID_ROOT(); | ||
| 298 | if (mount(RUN_BIN_DIR, paths[i], NULL, MS_BIND|MS_REC, NULL) < 0) | 297 | if (mount(RUN_BIN_DIR, paths[i], NULL, MS_BIND|MS_REC, NULL) < 0) |
| 299 | errExit("mount bind"); | 298 | errExit("mount bind"); |
| 300 | EUID_USER(); | ||
| 301 | fs_logger2("tmpfs", paths[i]); | 299 | fs_logger2("tmpfs", paths[i]); |
| 302 | fs_logger2("mount", paths[i]); | 300 | fs_logger2("mount", paths[i]); |
| 303 | } | 301 | } |
| 304 | i++; | 302 | i++; |
| 305 | } | 303 | } |
| 304 | fs_logger_print(); | ||
| 305 | EUID_USER(); | ||
| 306 | |||
| 306 | selinux_relabel_path(RUN_BIN_DIR, "/bin"); | 307 | selinux_relabel_path(RUN_BIN_DIR, "/bin"); |
| 307 | fmessage("%d %s installed in %0.2f ms\n", prog_cnt, (prog_cnt == 1)? "program": "programs", timetrace_end()); | 308 | fmessage("%d %s installed in %0.2f ms\n", prog_cnt, (prog_cnt == 1)? "program": "programs", timetrace_end()); |
| 308 | } | 309 | } |