private-lib: check firejail libraries as root user (#4576)

users, and fldd in particular, might have no read permission
on the firejail executable, make that ok by running fldd
as root

1 files changed, 4 insertions, 2 deletions

diff --git a/src/firejail/fs_lib2.c b/src/firejail/fs_lib2.c
index c69bf7c98..a347b380c 100644
--- a/src/firejail/fs_lib2.c
+++ b/src/firejail/fs_lib2.c
@@ -143,7 +143,7 @@ static void fdir(void) {
                 NULL,
         };
 
-        // need to parse as root user, unprivileged users have no read permission on executables
+        // need to parse as root user, unprivileged users have no read permission on some of these binaries
         int i;
         for (i = 0; fbin[i]; i++)
                 fslib_mount_libs(fbin[i], 0);
@@ -153,7 +153,9 @@ void fslib_install_firejail(void) {
         timetrace_start();
         // bring in firejail executable libraries, in case we are redirected here
         // by a firejail symlink from /usr/local/bin/firejail
-        fslib_mount_libs(PATH_FIREJAIL, 1); // parse as user
+        // fldd might have no read permission on the firejail executable
+        // parse as root in order to support these setups
+        fslib_mount_libs(PATH_FIREJAIL, 0);
 
         // bring in firejail directory
         fdir();