more simplification of fs_check_chroot_dir

author: smitsohu <smitsohu@gmail.com> 2019-07-08 16:37:00 +0200
committer: GitHub <noreply@github.com> 2019-07-08 16:37:00 +0200
commit: 704ab975cbfe99404a73de31479fac55d02dd967 (patch)
tree: 63f9937bfb6089880f69b727d1e9d7946e17d349 /src
parent: Fix #2840 (diff)
download: firejail-704ab975cbfe99404a73de31479fac55d02dd967.tar.gz
firejail-704ab975cbfe99404a73de31479fac55d02dd967.tar.zst
firejail-704ab975cbfe99404a73de31479fac55d02dd967.zip
1 files changed, 5 insertions, 17 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c
index 13f01a51b..fe0427466 100644
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -1188,23 +1188,11 @@ void fs_check_chroot_dir(const char *rootdir) {
        }
        // check subdirectories in rootdir
-        typedef struct {
+        fs_check_chroot_subdir("dev", parentfd, 0);
-                char *dname;
+        fs_check_chroot_subdir("etc", parentfd, 1);
-                int check_writable;
+        fs_check_chroot_subdir("proc", parentfd, 0);
-        } chrootsubdir;
+        fs_check_chroot_subdir("tmp", parentfd, 0);
-        chrootsubdir dirs[] = {
+        fs_check_chroot_subdir("var/tmp", parentfd, 0);
-                {"dev", 0},
-                {"etc", 1},
-                {"proc", 0},
-                {"tmp", 0},
-                {"var/tmp", 0},
-                {NULL, 0}
-        };
-        chrootsubdir *tmp = dirs;
-        while (tmp->dname) {
-                fs_check_chroot_subdir(tmp->dname, parentfd, tmp->check_writable);
-                tmp++;
-        }
        // there should be no checking on <chrootdir>/etc/resolv.conf
        // the file is replaced with the real /etc/resolv.conf anyway
author	smitsohu <smitsohu@gmail.com>	2019-07-08 16:37:00 +0200
committer	GitHub <noreply@github.com>	2019-07-08 16:37:00 +0200
commit	704ab975cbfe99404a73de31479fac55d02dd967 (patch)
tree	63f9937bfb6089880f69b727d1e9d7946e17d349 /src
parent	Fix #2840 (diff)
download	firejail-704ab975cbfe99404a73de31479fac55d02dd967.tar.gz firejail-704ab975cbfe99404a73de31479fac55d02dd967.tar.zst firejail-704ab975cbfe99404a73de31479fac55d02dd967.zip

diff --git a/src/firejail/fs.c b/src/firejail/fs.c index 13f01a51b..fe0427466 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c
@@ -1188,23 +1188,11 @@ void fs_check_chroot_dir(const char *rootdir) {
1188	}	1188	}
1189		1189
1190	// check subdirectories in rootdir	1190	// check subdirectories in rootdir
1191	typedef struct {	1191	fs_check_chroot_subdir("dev", parentfd, 0);
1192	char *dname;	1192	fs_check_chroot_subdir("etc", parentfd, 1);
1193	int check_writable;	1193	fs_check_chroot_subdir("proc", parentfd, 0);
1194	} chrootsubdir;	1194	fs_check_chroot_subdir("tmp", parentfd, 0);
1195	chrootsubdir dirs[] = {	1195	fs_check_chroot_subdir("var/tmp", parentfd, 0);
1196	{"dev", 0},
1197	{"etc", 1},
1198	{"proc", 0},
1199	{"tmp", 0},
1200	{"var/tmp", 0},
1201	{NULL, 0}
1202	};
1203	chrootsubdir *tmp = dirs;
1204	while (tmp->dname) {
1205	fs_check_chroot_subdir(tmp->dname, parentfd, tmp->check_writable);
1206	tmp++;
1207	}
1208		1196
1209	// there should be no checking on <chrootdir>/etc/resolv.conf	1197	// there should be no checking on <chrootdir>/etc/resolv.conf
1210	// the file is replaced with the real /etc/resolv.conf anyway	1198	// the file is replaced with the real /etc/resolv.conf anyway