diff options
| author |  netblue30 <netblue30@yahoo.com> | 2018-06-12 07:58:38 -0400 |
|---|---|---|
| committer | netblue30 <netblue30@yahoo.com> | 2018-06-12 07:58:38 -0400 |
| commit | 2b4afcfb0ae77ffd40e665efdada274d804678bc (patch) | |
| tree | 239818c4699d2484e2eef8597817f03794478041 /src | |
| parent | mounting a tmpfs on ~/.cache directory (private-cache) by default (diff) | |
| download | firejail-2b4afcfb0ae77ffd40e665efdada274d804678bc.tar.gz firejail-2b4afcfb0ae77ffd40e665efdada274d804678bc.tar.zst firejail-2b4afcfb0ae77ffd40e665efdada274d804678bc.zip | |
potential fix for Yubikey devices
Diffstat (limited to 'src')
| -rw-r--r-- | src/firejail/fs_dev.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c index 152ddf5f7..947dc1364 100644 --- a/src/firejail/fs_dev.c +++ b/src/firejail/fs_dev.c | |||
| @@ -39,6 +39,7 @@ typedef enum { | |||
| 39 | DEV_VIDEO, | 39 | DEV_VIDEO, |
| 40 | DEV_TV, | 40 | DEV_TV, |
| 41 | DEV_DVD, | 41 | DEV_DVD, |
| 42 | DEV_USB, | ||
| 42 | } DEV_TYPE; | 43 | } DEV_TYPE; |
| 43 | 44 | ||
| 44 | 45 | ||
| @@ -76,6 +77,7 @@ static DevEntry dev[] = { | |||
| 76 | {"/dev/video9", RUN_DEV_DIR "/video9", DEV_VIDEO}, | 77 | {"/dev/video9", RUN_DEV_DIR "/video9", DEV_VIDEO}, |
| 77 | {"/dev/dvb", RUN_DEV_DIR "/dvb", DEV_TV}, // DVB (Digital Video Broadcasting) - TV device | 78 | {"/dev/dvb", RUN_DEV_DIR "/dvb", DEV_TV}, // DVB (Digital Video Broadcasting) - TV device |
| 78 | {"/dev/sr0", RUN_DEV_DIR "/sr0", DEV_DVD}, // for DVD and audio CD players | 79 | {"/dev/sr0", RUN_DEV_DIR "/sr0", DEV_DVD}, // for DVD and audio CD players |
| 80 | {"/dev/usb", RUN_DEV_DIR "/usb", DEV_USB}, // USB devices such as Yubikey, U2F | ||
| 79 | {NULL, NULL, DEV_NONE} | 81 | {NULL, NULL, DEV_NONE} |
| 80 | }; | 82 | }; |
| 81 | 83 | ||
| @@ -84,13 +86,13 @@ static void deventry_mount(void) { | |||
| 84 | while (dev[i].dev_fname != NULL) { | 86 | while (dev[i].dev_fname != NULL) { |
| 85 | struct stat s; | 87 | struct stat s; |
| 86 | if (stat(dev[i].run_fname, &s) == 0) { | 88 | if (stat(dev[i].run_fname, &s) == 0) { |
| 87 | |||
| 88 | // check device type and subsystem configuration | 89 | // check device type and subsystem configuration |
| 89 | if ((dev[i].type == DEV_SOUND && arg_nosound == 0) || | 90 | if ((dev[i].type == DEV_SOUND && arg_nosound == 0) || |
| 90 | (dev[i].type == DEV_3D && arg_no3d == 0) || | 91 | (dev[i].type == DEV_3D && arg_no3d == 0) || |
| 91 | (dev[i].type == DEV_VIDEO && arg_novideo == 0) || | 92 | (dev[i].type == DEV_VIDEO && arg_novideo == 0) || |
| 92 | (dev[i].type == DEV_TV && arg_notv == 0) || | 93 | (dev[i].type == DEV_TV && arg_notv == 0) || |
| 93 | (dev[i].type == DEV_DVD && arg_nodvd == 0)) { | 94 | (dev[i].type == DEV_DVD && arg_nodvd == 0) || |
| 95 | (dev[i].type == DEV_USB)) { | ||
| 94 | 96 | ||
| 95 | int dir = is_dir(dev[i].run_fname); | 97 | int dir = is_dir(dev[i].run_fname); |
| 96 | if (arg_debug) | 98 | if (arg_debug) |