diff options
| author |  netblue30 <netblue30@yahoo.com> | 2015-11-22 15:12:47 -0500 |
|---|---|---|
| committer | netblue30 <netblue30@yahoo.com> | 2015-11-22 15:13:26 -0500 |
| commit | d8bcb4583cdffeefb052dbacb2441cd545ccf9eb (patch) | |
| tree | 69096f63d0a8ac3adf6c7a442fa625cb3d4c7c18 /src | |
| parent | feature testing (diff) | |
| download | firejail-d8bcb4583cdffeefb052dbacb2441cd545ccf9eb.tar.gz firejail-d8bcb4583cdffeefb052dbacb2441cd545ccf9eb.tar.zst firejail-d8bcb4583cdffeefb052dbacb2441cd545ccf9eb.zip | |
feature testing
Diffstat (limited to 'src')
| -rw-r--r-- | src/firejail/fs.c | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index a0a7d9342..5ddbcec34 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
| @@ -533,17 +533,15 @@ void fs_proc_sys_dev_boot(void) { | |||
| 533 | // disable /boot | 533 | // disable /boot |
| 534 | if (stat("/boot", &s) == 0) { | 534 | if (stat("/boot", &s) == 0) { |
| 535 | if (arg_debug) | 535 | if (arg_debug) |
| 536 | printf("Mounting a new /boot directory\n"); | 536 | printf("Disable /boot directory\n"); |
| 537 | if (mount("tmpfs", "/boot", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) | 537 | disable_file(BLACKLIST_FILE, "/boot"); |
| 538 | errExit("mounting /boot directory"); | ||
| 539 | } | 538 | } |
| 540 | 539 | ||
| 541 | // disable /selinux | 540 | // disable /selinux |
| 542 | if (stat("/selinux", &s) == 0) { | 541 | if (stat("/selinux", &s) == 0) { |
| 543 | if (arg_debug) | 542 | if (arg_debug) |
| 544 | printf("Mounting a new /selinux directory\n"); | 543 | printf("Disable /selinux directory\n"); |
| 545 | if (mount("tmpfs", "/selinux", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) | 544 | disable_file(BLACKLIST_FILE, "/selinux"); |
| 546 | errExit("mounting /selinux directory"); | ||
| 547 | } | 545 | } |
| 548 | 546 | ||
| 549 | // disable /dev/port | 547 | // disable /dev/port |