fix /sys handling for overlayfs and chroot

author: netblue30 <netblue30@yahoo.com> 2017-04-13 07:02:44 -0400
committer: netblue30 <netblue30@yahoo.com> 2017-04-13 07:02:44 -0400
commit: 3813d1c47e6ac48b23c2a401e65b7a412f5de5f6 (patch)
tree: 3056838d37fceba7fdcff5f6158087fa4c603331 /src
parent: fix gimp profile (diff)
download: firejail-3813d1c47e6ac48b23c2a401e65b7a412f5de5f6.tar.gz
firejail-3813d1c47e6ac48b23c2a401e65b7a412f5de5f6.tar.zst
firejail-3813d1c47e6ac48b23c2a401e65b7a412f5de5f6.zip
1 files changed, 4 insertions, 6 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c
index 71cefffe0..f6aba7048 100644
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -502,12 +502,10 @@ void fs_proc_sys_dev_boot(void) {
                printf("Remounting /sys directory\n");
        if (umount2("/sys", MNT_DETACH) < 0)
                fprintf(stderr, "Warning: failed to unmount /sys\n");
-        else {
+        if (mount("sysfs", "/sys", "sysfs", MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REC, NULL) < 0)
-                if (mount("sysfs", "/sys", "sysfs", MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REC, NULL) < 0)
+                fprintf(stderr, "Warning: failed to mount /sys\n");
-                        fprintf(stderr, "Warning: failed to mount /sys\n");
+        else
-                else
+                fs_logger("remount /sys");
-                        fs_logger("remount /sys");
-        }
                
        disable_file(BLACKLIST_FILE, "/sys/firmware");
        disable_file(BLACKLIST_FILE, "/sys/hypervisor");
author	netblue30 <netblue30@yahoo.com>	2017-04-13 07:02:44 -0400
committer	netblue30 <netblue30@yahoo.com>	2017-04-13 07:02:44 -0400
commit	3813d1c47e6ac48b23c2a401e65b7a412f5de5f6 (patch)
tree	3056838d37fceba7fdcff5f6158087fa4c603331 /src
parent	fix gimp profile (diff)
download	firejail-3813d1c47e6ac48b23c2a401e65b7a412f5de5f6.tar.gz firejail-3813d1c47e6ac48b23c2a401e65b7a412f5de5f6.tar.zst firejail-3813d1c47e6ac48b23c2a401e65b7a412f5de5f6.zip