diff options
author | smitsohu <smitsohu@gmail.com> | 2019-03-02 17:59:32 +0100 |
---|---|---|
committer | smitsohu <smitsohu@gmail.com> | 2019-03-02 17:59:32 +0100 |
commit | 10726a0601e0622b21e8f94ca033b0745ed49229 (patch) | |
tree | 90064b2647119ef09e040e5699e7ade2c0e266ec /src | |
parent | profile.c: errout with too many dns args (diff) | |
download | firejail-10726a0601e0622b21e8f94ca033b0745ed49229.tar.gz firejail-10726a0601e0622b21e8f94ca033b0745ed49229.tar.zst firejail-10726a0601e0622b21e8f94ca033b0745ed49229.zip |
more cleanup: remove MS_REC from tmpfs mounts
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/fs_dev.c | 2 | ||||
-rw-r--r-- | src/firejail/fs_home.c | 12 | ||||
-rw-r--r-- | src/firejail/fs_var.c | 18 | ||||
-rw-r--r-- | src/firejail/preproc.c | 2 | ||||
-rw-r--r-- | src/firejail/restrict_users.c | 10 | ||||
-rw-r--r-- | src/firejail/x11.c | 4 |
6 files changed, 24 insertions, 24 deletions
diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c index 4872d6cd9..bd036908a 100644 --- a/src/firejail/fs_dev.c +++ b/src/firejail/fs_dev.c | |||
@@ -228,7 +228,7 @@ void fs_private_dev(void){ | |||
228 | } | 228 | } |
229 | 229 | ||
230 | // mount tmpfs on top of /dev | 230 | // mount tmpfs on top of /dev |
231 | if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 231 | if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID | MS_STRICTATIME, "mode=755,gid=0") < 0) |
232 | errExit("mounting /dev"); | 232 | errExit("mounting /dev"); |
233 | fs_logger("tmpfs /dev"); | 233 | fs_logger("tmpfs /dev"); |
234 | 234 | ||
diff --git a/src/firejail/fs_home.c b/src/firejail/fs_home.c index 7746aa44b..e35bf073d 100644 --- a/src/firejail/fs_home.c +++ b/src/firejail/fs_home.c | |||
@@ -270,7 +270,7 @@ void fs_private_homedir(void) { | |||
270 | // mask /root | 270 | // mask /root |
271 | if (arg_debug) | 271 | if (arg_debug) |
272 | printf("Mounting a new /root directory\n"); | 272 | printf("Mounting a new /root directory\n"); |
273 | if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME | MS_REC, "mode=700,gid=0") < 0) | 273 | if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME, "mode=700,gid=0") < 0) |
274 | errExit("mounting home directory"); | 274 | errExit("mounting home directory"); |
275 | fs_logger("tmpfs /root"); | 275 | fs_logger("tmpfs /root"); |
276 | } | 276 | } |
@@ -278,7 +278,7 @@ void fs_private_homedir(void) { | |||
278 | // mask /home | 278 | // mask /home |
279 | if (arg_debug) | 279 | if (arg_debug) |
280 | printf("Mounting a new /home directory\n"); | 280 | printf("Mounting a new /home directory\n"); |
281 | if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 281 | if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME, "mode=755,gid=0") < 0) |
282 | errExit("mounting home directory"); | 282 | errExit("mounting home directory"); |
283 | fs_logger("tmpfs /home"); | 283 | fs_logger("tmpfs /home"); |
284 | } | 284 | } |
@@ -313,7 +313,7 @@ void fs_private(void) { | |||
313 | else { | 313 | else { |
314 | if (arg_allusers) | 314 | if (arg_allusers) |
315 | fwarning("--allusers disabled by --private or --whitelist\n"); | 315 | fwarning("--allusers disabled by --private or --whitelist\n"); |
316 | if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 316 | if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME, "mode=755,gid=0") < 0) |
317 | errExit("mounting home directory"); | 317 | errExit("mounting home directory"); |
318 | fs_logger("tmpfs /home"); | 318 | fs_logger("tmpfs /home"); |
319 | } | 319 | } |
@@ -321,7 +321,7 @@ void fs_private(void) { | |||
321 | // mask /root | 321 | // mask /root |
322 | if (arg_debug) | 322 | if (arg_debug) |
323 | printf("Mounting a new /root directory\n"); | 323 | printf("Mounting a new /root directory\n"); |
324 | if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME | MS_REC, "mode=700,gid=0") < 0) | 324 | if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID | MS_NODEV | MS_NOEXEC | MS_STRICTATIME, "mode=700,gid=0") < 0) |
325 | errExit("mounting root directory"); | 325 | errExit("mounting root directory"); |
326 | fs_logger("tmpfs /root"); | 326 | fs_logger("tmpfs /root"); |
327 | 327 | ||
@@ -517,14 +517,14 @@ void fs_private_home_list(void) { | |||
517 | // mask /root | 517 | // mask /root |
518 | if (arg_debug) | 518 | if (arg_debug) |
519 | printf("Mounting a new /root directory\n"); | 519 | printf("Mounting a new /root directory\n"); |
520 | if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=700,gid=0") < 0) | 520 | if (mount("tmpfs", "/root", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME, "mode=700,gid=0") < 0) |
521 | errExit("mounting home directory"); | 521 | errExit("mounting home directory"); |
522 | } | 522 | } |
523 | else { | 523 | else { |
524 | // mask /home | 524 | // mask /home |
525 | if (arg_debug) | 525 | if (arg_debug) |
526 | printf("Mounting a new /home directory\n"); | 526 | printf("Mounting a new /home directory\n"); |
527 | if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 527 | if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME, "mode=755,gid=0") < 0) |
528 | errExit("mounting home directory"); | 528 | errExit("mounting home directory"); |
529 | } | 529 | } |
530 | 530 | ||
diff --git a/src/firejail/fs_var.c b/src/firejail/fs_var.c index 5b872ad75..75369b47c 100644 --- a/src/firejail/fs_var.c +++ b/src/firejail/fs_var.c | |||
@@ -118,7 +118,7 @@ void fs_var_log(void) { | |||
118 | // mount a tmpfs on top of /var/log | 118 | // mount a tmpfs on top of /var/log |
119 | if (arg_debug) | 119 | if (arg_debug) |
120 | printf("Mounting tmpfs on /var/log\n"); | 120 | printf("Mounting tmpfs on /var/log\n"); |
121 | if (mount("tmpfs", "/var/log", "tmpfs", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 121 | if (mount("tmpfs", "/var/log", "tmpfs", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME, "mode=755,gid=0") < 0) |
122 | errExit("mounting /var/log"); | 122 | errExit("mounting /var/log"); |
123 | fs_logger("tmpfs /var/log"); | 123 | fs_logger("tmpfs /var/log"); |
124 | 124 | ||
@@ -153,7 +153,7 @@ void fs_var_lib(void) { | |||
153 | if (stat("/var/lib/dhcp", &s) == 0) { | 153 | if (stat("/var/lib/dhcp", &s) == 0) { |
154 | if (arg_debug) | 154 | if (arg_debug) |
155 | printf("Mounting tmpfs on /var/lib/dhcp\n"); | 155 | printf("Mounting tmpfs on /var/lib/dhcp\n"); |
156 | if (mount("tmpfs", "/var/lib/dhcp", "tmpfs", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 156 | if (mount("tmpfs", "/var/lib/dhcp", "tmpfs", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME, "mode=755,gid=0") < 0) |
157 | errExit("mounting /var/lib/dhcp"); | 157 | errExit("mounting /var/lib/dhcp"); |
158 | fs_logger("tmpfs /var/lib/dhcp"); | 158 | fs_logger("tmpfs /var/lib/dhcp"); |
159 | 159 | ||
@@ -172,7 +172,7 @@ void fs_var_lib(void) { | |||
172 | if (stat("/var/lib/nginx", &s) == 0) { | 172 | if (stat("/var/lib/nginx", &s) == 0) { |
173 | if (arg_debug) | 173 | if (arg_debug) |
174 | printf("Mounting tmpfs on /var/lib/nginx\n"); | 174 | printf("Mounting tmpfs on /var/lib/nginx\n"); |
175 | if (mount("tmpfs", "/var/lib/nginx", "tmpfs", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 175 | if (mount("tmpfs", "/var/lib/nginx", "tmpfs", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME, "mode=755,gid=0") < 0) |
176 | errExit("mounting /var/lib/nginx"); | 176 | errExit("mounting /var/lib/nginx"); |
177 | fs_logger("tmpfs /var/lib/nginx"); | 177 | fs_logger("tmpfs /var/lib/nginx"); |
178 | } | 178 | } |
@@ -181,7 +181,7 @@ void fs_var_lib(void) { | |||
181 | if (stat("/var/lib/snmp", &s) == 0) { | 181 | if (stat("/var/lib/snmp", &s) == 0) { |
182 | if (arg_debug) | 182 | if (arg_debug) |
183 | printf("Mounting tmpfs on /var/lib/snmp\n"); | 183 | printf("Mounting tmpfs on /var/lib/snmp\n"); |
184 | if (mount("tmpfs", "/var/lib/snmp", "tmpfs", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 184 | if (mount("tmpfs", "/var/lib/snmp", "tmpfs", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME, "mode=755,gid=0") < 0) |
185 | errExit("mounting /var/lib/snmp"); | 185 | errExit("mounting /var/lib/snmp"); |
186 | fs_logger("tmpfs /var/lib/snmp"); | 186 | fs_logger("tmpfs /var/lib/snmp"); |
187 | } | 187 | } |
@@ -190,7 +190,7 @@ void fs_var_lib(void) { | |||
190 | if (stat("/var/lib/sudo", &s) == 0) { | 190 | if (stat("/var/lib/sudo", &s) == 0) { |
191 | if (arg_debug) | 191 | if (arg_debug) |
192 | printf("Mounting tmpfs on /var/lib/sudo\n"); | 192 | printf("Mounting tmpfs on /var/lib/sudo\n"); |
193 | if (mount("tmpfs", "/var/lib/sudo", "tmpfs", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 193 | if (mount("tmpfs", "/var/lib/sudo", "tmpfs", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME, "mode=755,gid=0") < 0) |
194 | errExit("mounting /var/lib/sudo"); | 194 | errExit("mounting /var/lib/sudo"); |
195 | fs_logger("tmpfs /var/lib/sudo"); | 195 | fs_logger("tmpfs /var/lib/sudo"); |
196 | } | 196 | } |
@@ -202,7 +202,7 @@ void fs_var_cache(void) { | |||
202 | if (stat("/var/cache/apache2", &s) == 0) { | 202 | if (stat("/var/cache/apache2", &s) == 0) { |
203 | if (arg_debug) | 203 | if (arg_debug) |
204 | printf("Mounting tmpfs on /var/cache/apache2\n"); | 204 | printf("Mounting tmpfs on /var/cache/apache2\n"); |
205 | if (mount("tmpfs", "/var/cache/apache2", "tmpfs", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 205 | if (mount("tmpfs", "/var/cache/apache2", "tmpfs", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME, "mode=755,gid=0") < 0) |
206 | errExit("mounting /var/cache/apache2"); | 206 | errExit("mounting /var/cache/apache2"); |
207 | fs_logger("tmpfs /var/cache/apache2"); | 207 | fs_logger("tmpfs /var/cache/apache2"); |
208 | } | 208 | } |
@@ -210,7 +210,7 @@ void fs_var_cache(void) { | |||
210 | if (stat("/var/cache/lighttpd", &s) == 0) { | 210 | if (stat("/var/cache/lighttpd", &s) == 0) { |
211 | if (arg_debug) | 211 | if (arg_debug) |
212 | printf("Mounting tmpfs on /var/cache/lighttpd\n"); | 212 | printf("Mounting tmpfs on /var/cache/lighttpd\n"); |
213 | if (mount("tmpfs", "/var/cache/lighttpd", "tmpfs", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 213 | if (mount("tmpfs", "/var/cache/lighttpd", "tmpfs", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME, "mode=755,gid=0") < 0) |
214 | errExit("mounting /var/cache/lighttpd"); | 214 | errExit("mounting /var/cache/lighttpd"); |
215 | fs_logger("tmpfs /var/cache/lighttpd"); | 215 | fs_logger("tmpfs /var/cache/lighttpd"); |
216 | 216 | ||
@@ -250,7 +250,7 @@ void fs_var_lock(void) { | |||
250 | if (is_dir("/var/lock")) { | 250 | if (is_dir("/var/lock")) { |
251 | if (arg_debug) | 251 | if (arg_debug) |
252 | printf("Mounting tmpfs on /var/lock\n"); | 252 | printf("Mounting tmpfs on /var/lock\n"); |
253 | if (mount("tmpfs", "/var/lock", "tmpfs", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=1777,gid=0") < 0) | 253 | if (mount("tmpfs", "/var/lock", "tmpfs", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME, "mode=1777,gid=0") < 0) |
254 | errExit("mounting /lock"); | 254 | errExit("mounting /lock"); |
255 | fs_logger("tmpfs /var/lock"); | 255 | fs_logger("tmpfs /var/lock"); |
256 | } | 256 | } |
@@ -266,7 +266,7 @@ void fs_var_tmp(void) { | |||
266 | if (!is_link("/var/tmp")) { | 266 | if (!is_link("/var/tmp")) { |
267 | if (arg_debug) | 267 | if (arg_debug) |
268 | printf("Mounting tmpfs on /var/tmp\n"); | 268 | printf("Mounting tmpfs on /var/tmp\n"); |
269 | if (mount("tmpfs", "/var/tmp", "tmpfs", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=1777,gid=0") < 0) | 269 | if (mount("tmpfs", "/var/tmp", "tmpfs", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME, "mode=1777,gid=0") < 0) |
270 | errExit("mounting /var/tmp"); | 270 | errExit("mounting /var/tmp"); |
271 | fs_logger("tmpfs /var/tmp"); | 271 | fs_logger("tmpfs /var/tmp"); |
272 | } | 272 | } |
diff --git a/src/firejail/preproc.c b/src/firejail/preproc.c index 905cc0f15..2effebbaa 100644 --- a/src/firejail/preproc.c +++ b/src/firejail/preproc.c | |||
@@ -80,7 +80,7 @@ void preproc_mount_mnt_dir(void) { | |||
80 | if (!tmpfs_mounted) { | 80 | if (!tmpfs_mounted) { |
81 | if (arg_debug) | 81 | if (arg_debug) |
82 | printf("Mounting tmpfs on %s directory\n", RUN_MNT_DIR); | 82 | printf("Mounting tmpfs on %s directory\n", RUN_MNT_DIR); |
83 | if (mount("tmpfs", RUN_MNT_DIR, "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 83 | if (mount("tmpfs", RUN_MNT_DIR, "tmpfs", MS_NOSUID | MS_STRICTATIME, "mode=755,gid=0") < 0) |
84 | errExit("mounting /run/firejail/mnt"); | 84 | errExit("mounting /run/firejail/mnt"); |
85 | tmpfs_mounted = 1; | 85 | tmpfs_mounted = 1; |
86 | fs_logger2("tmpfs", RUN_MNT_DIR); | 86 | fs_logger2("tmpfs", RUN_MNT_DIR); |
diff --git a/src/firejail/restrict_users.c b/src/firejail/restrict_users.c index 7778d7ed8..5c5ace90b 100644 --- a/src/firejail/restrict_users.c +++ b/src/firejail/restrict_users.c | |||
@@ -83,7 +83,7 @@ static void sanitize_home(void) { | |||
83 | errExit("mount bind"); | 83 | errExit("mount bind"); |
84 | 84 | ||
85 | // mount tmpfs in the new home | 85 | // mount tmpfs in the new home |
86 | if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 86 | if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME, "mode=755,gid=0") < 0) |
87 | errExit("mount tmpfs"); | 87 | errExit("mount tmpfs"); |
88 | fs_logger("tmpfs /home"); | 88 | fs_logger("tmpfs /home"); |
89 | 89 | ||
@@ -105,7 +105,7 @@ static void sanitize_home(void) { | |||
105 | errExit("mount bind"); | 105 | errExit("mount bind"); |
106 | 106 | ||
107 | // mask home dir under /run | 107 | // mask home dir under /run |
108 | if (mount("tmpfs", RUN_WHITELIST_HOME_DIR, "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 108 | if (mount("tmpfs", RUN_WHITELIST_HOME_DIR, "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME, "mode=755,gid=0") < 0) |
109 | errExit("mount tmpfs"); | 109 | errExit("mount tmpfs"); |
110 | fs_logger2("tmpfs", RUN_WHITELIST_HOME_DIR); | 110 | fs_logger2("tmpfs", RUN_WHITELIST_HOME_DIR); |
111 | if (!arg_private) | 111 | if (!arg_private) |
@@ -138,7 +138,7 @@ static void sanitize_run(void) { | |||
138 | errExit("mount bind"); | 138 | errExit("mount bind"); |
139 | 139 | ||
140 | // mount tmpfs on /run/user | 140 | // mount tmpfs on /run/user |
141 | if (mount("tmpfs", "/run/user", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 141 | if (mount("tmpfs", "/run/user", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME, "mode=755,gid=0") < 0) |
142 | errExit("mount tmpfs"); | 142 | errExit("mount tmpfs"); |
143 | fs_logger("tmpfs /run/user"); | 143 | fs_logger("tmpfs /run/user"); |
144 | 144 | ||
@@ -156,7 +156,7 @@ static void sanitize_run(void) { | |||
156 | errExit("mount bind"); | 156 | errExit("mount bind"); |
157 | 157 | ||
158 | // mask mirrored /run/user/$UID directory | 158 | // mask mirrored /run/user/$UID directory |
159 | if (mount("tmpfs", RUN_WHITELIST_RUN_DIR, "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 159 | if (mount("tmpfs", RUN_WHITELIST_RUN_DIR, "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME, "mode=755,gid=0") < 0) |
160 | errExit("mount tmpfs"); | 160 | errExit("mount tmpfs"); |
161 | fs_logger2("tmpfs", RUN_WHITELIST_RUN_DIR); | 161 | fs_logger2("tmpfs", RUN_WHITELIST_RUN_DIR); |
162 | 162 | ||
@@ -398,7 +398,7 @@ void restrict_users(void) { | |||
398 | else { | 398 | else { |
399 | // user has the home directory outside /home | 399 | // user has the home directory outside /home |
400 | // mount tmpfs on top of /home in order to hide it | 400 | // mount tmpfs on top of /home in order to hide it |
401 | if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 401 | if (mount("tmpfs", "/home", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME, "mode=755,gid=0") < 0) |
402 | errExit("mount tmpfs"); | 402 | errExit("mount tmpfs"); |
403 | fs_logger("tmpfs /home"); | 403 | fs_logger("tmpfs /home"); |
404 | } | 404 | } |
diff --git a/src/firejail/x11.c b/src/firejail/x11.c index 63b36053b..b0ed10b30 100644 --- a/src/firejail/x11.c +++ b/src/firejail/x11.c | |||
@@ -1099,7 +1099,7 @@ void x11_xorg(void) { | |||
1099 | } | 1099 | } |
1100 | 1100 | ||
1101 | // temporarily mount a tempfs on top of /tmp directory | 1101 | // temporarily mount a tempfs on top of /tmp directory |
1102 | if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=1777,gid=0") < 0) | 1102 | if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME, "mode=1777,gid=0") < 0) |
1103 | errExit("mounting /tmp"); | 1103 | errExit("mounting /tmp"); |
1104 | 1104 | ||
1105 | // create the temporary .Xauthority file | 1105 | // create the temporary .Xauthority file |
@@ -1253,7 +1253,7 @@ void fs_x11(void) { | |||
1253 | 1253 | ||
1254 | // This directory must be mode 1777, or Xlib will barf. | 1254 | // This directory must be mode 1777, or Xlib will barf. |
1255 | if (mount("tmpfs", "/tmp/.X11-unix", "tmpfs", | 1255 | if (mount("tmpfs", "/tmp/.X11-unix", "tmpfs", |
1256 | MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME | MS_REC, | 1256 | MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_STRICTATIME, |
1257 | "mode=1777,uid=0,gid=0") < 0) | 1257 | "mode=1777,uid=0,gid=0") < 0) |
1258 | errExit("mounting tmpfs on /tmp/.X11-unix"); | 1258 | errExit("mounting tmpfs on /tmp/.X11-unix"); |
1259 | fs_logger("tmpfs /tmp/.X11-unix"); | 1259 | fs_logger("tmpfs /tmp/.X11-unix"); |