diff options
| author |  netblue30 <netblue30@yahoo.com> | 2017-03-11 08:51:04 -0500 |
|---|---|---|
| committer | netblue30 <netblue30@yahoo.com> | 2017-03-11 08:51:04 -0500 |
| commit | e4ec2956367134a003eb9f1cf0f5e58a4c1f9cfc (patch) | |
| tree | b85c2a7de410a4bee6b0f006de7cdd4c02dfc3f3 /src | |
| parent | mount a tmpfs on top of ~/.cache directory by default (diff) | |
| download | firejail-e4ec2956367134a003eb9f1cf0f5e58a4c1f9cfc.tar.gz firejail-e4ec2956367134a003eb9f1cf0f5e58a4c1f9cfc.tar.zst firejail-e4ec2956367134a003eb9f1cf0f5e58a4c1f9cfc.zip | |
mount a tmpfs on top of ~/.cache directory by default
Diffstat (limited to 'src')
| -rw-r--r-- | src/firejail/fs.c | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index cf96a01e4..3413febcb 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
| @@ -237,7 +237,6 @@ static void globbing(OPERATION op, const char *pattern, const char *noblacklist[ | |||
| 237 | 237 | ||
| 238 | // blacklist files or directories by mounting empty files on top of them | 238 | // blacklist files or directories by mounting empty files on top of them |
| 239 | void fs_blacklist(void) { | 239 | void fs_blacklist(void) { |
| 240 | printf("here: start fs_blacklist\n"); | ||
| 241 | char *homedir = cfg.homedir; | 240 | char *homedir = cfg.homedir; |
| 242 | assert(homedir); | 241 | assert(homedir); |
| 243 | ProfileEntry *entry = cfg.profile; | 242 | ProfileEntry *entry = cfg.profile; |
| @@ -482,7 +481,8 @@ void fs_mnt(void) { | |||
| 482 | 481 | ||
| 483 | 482 | ||
| 484 | void fs_cache(void) { | 483 | void fs_cache(void) { |
| 485 | printf("here: deploy ~/.cache tmpfs\n"); | 484 | if (arg_debug) |
| 485 | printf("Deploy ~/.cache tmpfs\n"); | ||
| 486 | char *cache; | 486 | char *cache; |
| 487 | if (asprintf(&cache, "%s/.cache", cfg.homedir) == -1) | 487 | if (asprintf(&cache, "%s/.cache", cfg.homedir) == -1) |
| 488 | errExit("asprintf"); | 488 | errExit("asprintf"); |
| @@ -492,7 +492,6 @@ printf("here: deploy ~/.cache tmpfs\n"); | |||
| 492 | 492 | ||
| 493 | // mount /proc and /sys directories | 493 | // mount /proc and /sys directories |
| 494 | void fs_proc_sys_dev_boot(void) { | 494 | void fs_proc_sys_dev_boot(void) { |
| 495 | printf("here: fs_proc_sys_boot\n"); | ||
| 496 | if (arg_debug) | 495 | if (arg_debug) |
| 497 | printf("Remounting /proc and /proc/sys filesystems\n"); | 496 | printf("Remounting /proc and /proc/sys filesystems\n"); |
| 498 | if (mount("proc", "/proc", "proc", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_REC, NULL) < 0) | 497 | if (mount("proc", "/proc", "proc", MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_REC, NULL) < 0) |
| @@ -630,7 +629,6 @@ static void disable_config(void) { | |||
| 630 | 629 | ||
| 631 | // build a basic read-only filesystem | 630 | // build a basic read-only filesystem |
| 632 | void fs_basic_fs(void) { | 631 | void fs_basic_fs(void) { |
| 633 | printf("here: start fs_basic_fs\n"); | ||
| 634 | uid_t uid = getuid(); | 632 | uid_t uid = getuid(); |
| 635 | 633 | ||
| 636 | if (arg_debug) | 634 | if (arg_debug) |