diff options
author | netblue30 <netblue30@yahoo.com> | 2016-01-21 12:03:16 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-01-21 12:03:16 -0500 |
commit | dfdf8603e231b73e502e080176dd763d4ecb43d2 (patch) | |
tree | a1736a0cd98392a97d96d5832545f87ed9decb20 /src | |
parent | whitelist fix (diff) | |
download | firejail-dfdf8603e231b73e502e080176dd763d4ecb43d2.tar.gz firejail-dfdf8603e231b73e502e080176dd763d4ecb43d2.tar.zst firejail-dfdf8603e231b73e502e080176dd763d4ecb43d2.zip |
fix gvfs bug
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/fs.c | 31 |
1 files changed, 30 insertions, 1 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index cef1cc68b..50e55f868 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
@@ -181,11 +181,40 @@ static void disable_file(OPERATION op, const char *filename) { | |||
181 | 181 | ||
182 | // Resolve all symlinks | 182 | // Resolve all symlinks |
183 | char* fname = realpath(filename, NULL); | 183 | char* fname = realpath(filename, NULL); |
184 | if (fname == NULL) { | 184 | if (fname == NULL && errno != EACCES) { |
185 | if (arg_debug) | 185 | if (arg_debug) |
186 | printf("Warning: %s is an invalid file, skipping...\n", filename); | 186 | printf("Warning: %s is an invalid file, skipping...\n", filename); |
187 | return; | 187 | return; |
188 | } | 188 | } |
189 | if (fname == NULL && errno == EACCES) { | ||
190 | if (arg_debug) | ||
191 | printf("Debug: no access to file %s, forcing mount\n", filename); | ||
192 | // realpath and stat funtions will fail on FUSE filesystems | ||
193 | // they don't seem to like a uid of 0 | ||
194 | // force mounting | ||
195 | int rv = mount(RUN_RO_DIR, filename, "none", MS_BIND, "mode=400,gid=0"); | ||
196 | if (rv == 0) | ||
197 | last_disable = SUCCESSFUL; | ||
198 | else { | ||
199 | rv = mount(RUN_RO_FILE, filename, "none", MS_BIND, "mode=400,gid=0"); | ||
200 | if (rv == 0) | ||
201 | last_disable = SUCCESSFUL; | ||
202 | } | ||
203 | if (last_disable == SUCCESSFUL) { | ||
204 | if (arg_debug) | ||
205 | printf("Disable %s\n", filename); | ||
206 | if (op == BLACKLIST_FILE) | ||
207 | fs_logger2("blacklist", filename); | ||
208 | else | ||
209 | fs_logger2("blacklist-nolog", filename); | ||
210 | } | ||
211 | else { | ||
212 | if (arg_debug) | ||
213 | printf("Warning: %s is an invalid file, skipping...\n", filename); | ||
214 | } | ||
215 | |||
216 | return; | ||
217 | } | ||
189 | 218 | ||
190 | // if the file is not present, do nothing | 219 | // if the file is not present, do nothing |
191 | struct stat s; | 220 | struct stat s; |