private-etc: minor timetrace fix

fixes reversed /etc and /usr/etc timetraces
author: smitsohu <smitsohu@gmail.com> 2021-03-03 16:01:04 +0100
committer: smitsohu <smitsohu@gmail.com> 2021-03-03 16:42:39 +0100
commit: 62e34d2601616313a676ca9dec78cf925b960f23 (patch)
tree: 10f8122a115ad486fa103d9330e3f6153cad0125 /src
parent: Merge pull request #4035 from Tomin1/few_fixes (diff)
download: firejail-62e34d2601616313a676ca9dec78cf925b960f23.tar.gz
firejail-62e34d2601616313a676ca9dec78cf925b960f23.tar.zst
firejail-62e34d2601616313a676ca9dec78cf925b960f23.zip
2 files changed, 8 insertions, 7 deletions
diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c
index d093d5637..abec25d45 100644
--- a/src/firejail/fs_etc.c
+++ b/src/firejail/fs_etc.c
@@ -152,8 +152,6 @@ void fs_private_dir_copy(const char *private_dir, const char *private_run_dir, c
                return;
        }
-        timetrace_start();
        // create /run/firejail/mnt/etc directory
        mkdir_attr(private_run_dir, 0755, 0, 0);
        selinux_relabel_path(private_run_dir, private_dir);
@@ -211,11 +209,11 @@ void fs_private_dir_mount(const char *private_dir, const char *private_run_dir)
        if (mount("tmpfs", private_run_dir, "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME,  "mode=755,gid=0") < 0)
                errExit("mounting tmpfs");
        fs_logger2("tmpfs", private_run_dir);
-        fmessage("Private %s installed in %0.2f ms\n", private_dir, timetrace_end());
 }
 void fs_private_dir_list(const char *private_dir, const char *private_run_dir, const char *private_list) {
+        timetrace_start();
        fs_private_dir_copy(private_dir, private_run_dir, private_list);
        fs_private_dir_mount(private_dir, private_run_dir);
+        fmessage("Private %s installed in %0.2f ms\n", private_dir, timetrace_end());
 }
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c
index a97ca0abb..058cdafbc 100644
--- a/src/firejail/sandbox.c
+++ b/src/firejail/sandbox.c
@@ -971,21 +971,24 @@ int sandbox(void* sandbox_arg) {
                         * 2. unmount bind mounts from /etc
                         * 3. mount RUN_ETC_DIR at /etc
                         */
+                        timetrace_start();
                        fs_private_dir_copy("/etc", RUN_ETC_DIR, cfg.etc_private_keep);
-                        fs_private_dir_copy("/usr/etc", RUN_USR_ETC_DIR, cfg.etc_private_keep); // openSUSE
                        if (umount2("/etc/group", MNT_DETACH) == -1)
                                fprintf(stderr, "/etc/group: unmount: %s\n", strerror(errno));
                        if (umount2("/etc/passwd", MNT_DETACH) == -1)
                                fprintf(stderr, "/etc/passwd: unmount: %s\n", strerror(errno));
                        fs_private_dir_mount("/etc", RUN_ETC_DIR);
-                        fs_private_dir_mount("/usr/etc", RUN_USR_ETC_DIR);
+                        fmessage("Private /etc installed in %0.2f ms\n", timetrace_end());
                        // create /etc/ld.so.preload file again
                        if (need_preload)
                                fs_trace_preload();
+                        // openSUSE configuration is split between /etc and /usr/etc
+                        // process private-etc a second time
+                        fs_private_dir_list("/usr/etc", RUN_USR_ETC_DIR, cfg.etc_private_keep);
                }
        }
author	smitsohu <smitsohu@gmail.com>	2021-03-03 16:01:04 +0100
committer	smitsohu <smitsohu@gmail.com>	2021-03-03 16:42:39 +0100
commit	62e34d2601616313a676ca9dec78cf925b960f23 (patch)
tree	10f8122a115ad486fa103d9330e3f6153cad0125 /src
parent	Merge pull request #4035 from Tomin1/few_fixes (diff)
download	firejail-62e34d2601616313a676ca9dec78cf925b960f23.tar.gz firejail-62e34d2601616313a676ca9dec78cf925b960f23.tar.zst firejail-62e34d2601616313a676ca9dec78cf925b960f23.zip