diff options
author | netblue30 <netblue30@yahoo.com> | 2016-01-29 09:20:19 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-01-29 09:20:19 -0500 |
commit | cd0ecfc7a7b30abde20db6dea505cd8c58e7c046 (patch) | |
tree | 426cde92e5016d41ad61a98c2891d319756d959c /src | |
parent | Centos 6 support (diff) | |
download | firejail-cd0ecfc7a7b30abde20db6dea505cd8c58e7c046.tar.gz firejail-cd0ecfc7a7b30abde20db6dea505cd8c58e7c046.tar.zst firejail-cd0ecfc7a7b30abde20db6dea505cd8c58e7c046.zip |
0.9.38-rc1 testing
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/fs.c | 2 | ||||
-rw-r--r-- | src/firejail/fs_dev.c | 14 | ||||
-rw-r--r-- | src/firejail/fs_var.c | 6 |
3 files changed, 11 insertions, 11 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index b0add91e2..164e3368b 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
@@ -963,7 +963,7 @@ void fs_private_tmp(void) { | |||
963 | // mount tmpfs on top of /run/firejail/mnt | 963 | // mount tmpfs on top of /run/firejail/mnt |
964 | if (arg_debug) | 964 | if (arg_debug) |
965 | printf("Mounting tmpfs on /tmp directory\n"); | 965 | printf("Mounting tmpfs on /tmp directory\n"); |
966 | if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) | 966 | if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=1777,gid=0") < 0) |
967 | errExit("mounting /tmp/firejail/mnt"); | 967 | errExit("mounting /tmp/firejail/mnt"); |
968 | } | 968 | } |
969 | 969 | ||
diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c index 0407b0626..97ee9de55 100644 --- a/src/firejail/fs_dev.c +++ b/src/firejail/fs_dev.c | |||
@@ -105,7 +105,7 @@ void fs_private_dev(void){ | |||
105 | } | 105 | } |
106 | 106 | ||
107 | // mount tmpfs on top of /dev | 107 | // mount tmpfs on top of /dev |
108 | if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) | 108 | if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) |
109 | errExit("mounting /dev"); | 109 | errExit("mounting /dev"); |
110 | fs_logger("mount tmpfs on /dev"); | 110 | fs_logger("mount tmpfs on /dev"); |
111 | 111 | ||
@@ -139,12 +139,12 @@ void fs_private_dev(void){ | |||
139 | // create /dev/shm | 139 | // create /dev/shm |
140 | if (arg_debug) | 140 | if (arg_debug) |
141 | printf("Create /dev/shm directory\n"); | 141 | printf("Create /dev/shm directory\n"); |
142 | rv = mkdir("/dev/shm", 0777); | 142 | rv = mkdir("/dev/shm", 01777); |
143 | if (rv == -1) | 143 | if (rv == -1) |
144 | errExit("mkdir"); | 144 | errExit("mkdir"); |
145 | if (chown("/dev/shm", 0, 0) < 0) | 145 | if (chown("/dev/shm", 0, 0) < 0) |
146 | errExit("chown"); | 146 | errExit("chown"); |
147 | if (chmod("/dev/shm", 0777) < 0) | 147 | if (chmod("/dev/shm", 01777) < 0) |
148 | errExit("chmod"); | 148 | errExit("chmod"); |
149 | fs_logger("mkdir /dev/shm"); | 149 | fs_logger("mkdir /dev/shm"); |
150 | 150 | ||
@@ -201,7 +201,7 @@ void fs_dev_shm(void) { | |||
201 | if (is_dir("/dev/shm")) { | 201 | if (is_dir("/dev/shm")) { |
202 | if (arg_debug) | 202 | if (arg_debug) |
203 | printf("Mounting tmpfs on /dev/shm\n"); | 203 | printf("Mounting tmpfs on /dev/shm\n"); |
204 | if (mount("tmpfs", "/dev/shm", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) | 204 | if (mount("tmpfs", "/dev/shm", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=1777,gid=0") < 0) |
205 | errExit("mounting /dev/shm"); | 205 | errExit("mounting /dev/shm"); |
206 | fs_logger("mount tmpfs on /dev/shm"); | 206 | fs_logger("mount tmpfs on /dev/shm"); |
207 | } | 207 | } |
@@ -210,16 +210,16 @@ void fs_dev_shm(void) { | |||
210 | if (lnk) { | 210 | if (lnk) { |
211 | if (!is_dir(lnk)) { | 211 | if (!is_dir(lnk)) { |
212 | // create directory | 212 | // create directory |
213 | if (mkdir(lnk, 0777)) | 213 | if (mkdir(lnk, 01777)) |
214 | errExit("mkdir"); | 214 | errExit("mkdir"); |
215 | if (chown(lnk, 0, 0)) | 215 | if (chown(lnk, 0, 0)) |
216 | errExit("chown"); | 216 | errExit("chown"); |
217 | if (chmod(lnk, 0777)) | 217 | if (chmod(lnk, 01777)) |
218 | errExit("chmod"); | 218 | errExit("chmod"); |
219 | } | 219 | } |
220 | if (arg_debug) | 220 | if (arg_debug) |
221 | printf("Mounting tmpfs on %s on behalf of /dev/shm\n", lnk); | 221 | printf("Mounting tmpfs on %s on behalf of /dev/shm\n", lnk); |
222 | if (mount("tmpfs", lnk, "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) | 222 | if (mount("tmpfs", lnk, "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=1777,gid=0") < 0) |
223 | errExit("mounting /var/tmp"); | 223 | errExit("mounting /var/tmp"); |
224 | fs_logger3("mount tmpfs on", lnk, "on behalf of /dev/shm"); | 224 | fs_logger3("mount tmpfs on", lnk, "on behalf of /dev/shm"); |
225 | free(lnk); | 225 | free(lnk); |
diff --git a/src/firejail/fs_var.c b/src/firejail/fs_var.c index def718720..fe11bd5b5 100644 --- a/src/firejail/fs_var.c +++ b/src/firejail/fs_var.c | |||
@@ -268,7 +268,7 @@ void fs_var_lock(void) { | |||
268 | if (is_dir("/var/lock")) { | 268 | if (is_dir("/var/lock")) { |
269 | if (arg_debug) | 269 | if (arg_debug) |
270 | printf("Mounting tmpfs on /var/lock\n"); | 270 | printf("Mounting tmpfs on /var/lock\n"); |
271 | if (mount("tmpfs", "/var/lock", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) | 271 | if (mount("tmpfs", "/var/lock", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=1777,gid=0") < 0) |
272 | errExit("mounting /lock"); | 272 | errExit("mounting /lock"); |
273 | fs_logger("mount tmpfs on /var/lock"); | 273 | fs_logger("mount tmpfs on /var/lock"); |
274 | } | 274 | } |
@@ -286,7 +286,7 @@ void fs_var_lock(void) { | |||
286 | } | 286 | } |
287 | if (arg_debug) | 287 | if (arg_debug) |
288 | printf("Mounting tmpfs on %s on behalf of /var/lock\n", lnk); | 288 | printf("Mounting tmpfs on %s on behalf of /var/lock\n", lnk); |
289 | if (mount("tmpfs", lnk, "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) | 289 | if (mount("tmpfs", lnk, "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=1777,gid=0") < 0) |
290 | errExit("mounting /var/lock"); | 290 | errExit("mounting /var/lock"); |
291 | free(lnk); | 291 | free(lnk); |
292 | fs_logger("mount tmpfs on /var/lock"); | 292 | fs_logger("mount tmpfs on /var/lock"); |
@@ -304,7 +304,7 @@ void fs_var_tmp(void) { | |||
304 | if (!is_link("/var/tmp")) { | 304 | if (!is_link("/var/tmp")) { |
305 | if (arg_debug) | 305 | if (arg_debug) |
306 | printf("Mounting tmpfs on /var/tmp\n"); | 306 | printf("Mounting tmpfs on /var/tmp\n"); |
307 | if (mount("tmpfs", "/var/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) | 307 | if (mount("tmpfs", "/var/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=1777,gid=0") < 0) |
308 | errExit("mounting /var/tmp"); | 308 | errExit("mounting /var/tmp"); |
309 | fs_logger("mount tmpfs on /var/tmp"); | 309 | fs_logger("mount tmpfs on /var/tmp"); |
310 | } | 310 | } |