0.9.38-rc1 testing

author: netblue30 <netblue30@yahoo.com> 2016-01-29 09:20:19 -0500
committer: netblue30 <netblue30@yahoo.com> 2016-01-29 09:20:19 -0500
commit: cd0ecfc7a7b30abde20db6dea505cd8c58e7c046 (patch)
tree: 426cde92e5016d41ad61a98c2891d319756d959c /src
parent: Centos 6 support (diff)
download: firejail-cd0ecfc7a7b30abde20db6dea505cd8c58e7c046.tar.gz
firejail-cd0ecfc7a7b30abde20db6dea505cd8c58e7c046.tar.zst
firejail-cd0ecfc7a7b30abde20db6dea505cd8c58e7c046.zip
3 files changed, 11 insertions, 11 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c
index b0add91e2..164e3368b 100644
--- a/src/firejail/fs.c
+++ b/src/firejail/fs.c
@@ -963,7 +963,7 @@ void fs_private_tmp(void) {
        // mount tmpfs on top of /run/firejail/mnt
        if (arg_debug)
                printf("Mounting tmpfs on /tmp directory\n");
-        if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=777,gid=0") < 0)
+        if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=1777,gid=0") < 0)
                errExit("mounting /tmp/firejail/mnt");
 }
diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c
index 0407b0626..97ee9de55 100644
--- a/src/firejail/fs_dev.c
+++ b/src/firejail/fs_dev.c
@@ -105,7 +105,7 @@ void fs_private_dev(void){
        }
        // mount tmpfs on top of /dev
-        if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=777,gid=0") < 0)
+        if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=755,gid=0") < 0)
                errExit("mounting /dev");
        fs_logger("mount tmpfs on /dev");
@@ -139,12 +139,12 @@ void fs_private_dev(void){
        // create /dev/shm
        if (arg_debug)
                printf("Create /dev/shm directory\n");
-        rv = mkdir("/dev/shm", 0777);
+        rv = mkdir("/dev/shm", 01777);
        if (rv == -1)
                errExit("mkdir");
        if (chown("/dev/shm", 0, 0) < 0)
                errExit("chown");
-        if (chmod("/dev/shm", 0777) < 0)
+        if (chmod("/dev/shm", 01777) < 0)
                errExit("chmod");
        fs_logger("mkdir /dev/shm");
@@ -201,7 +201,7 @@ void fs_dev_shm(void) {
        if (is_dir("/dev/shm")) {
                if (arg_debug)
                        printf("Mounting tmpfs on /dev/shm\n");
-                if (mount("tmpfs", "/dev/shm", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=777,gid=0") < 0)
+                if (mount("tmpfs", "/dev/shm", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=1777,gid=0") < 0)
                        errExit("mounting /dev/shm");
                fs_logger("mount tmpfs on /dev/shm");
        }
@@ -210,16 +210,16 @@ void fs_dev_shm(void) {
                if (lnk) {
                        if (!is_dir(lnk)) {
                                // create directory
-                                if (mkdir(lnk, 0777))
+                                if (mkdir(lnk, 01777))
                                        errExit("mkdir");
                                if (chown(lnk, 0, 0))
                                        errExit("chown");
-                                if (chmod(lnk, 0777))
+                                if (chmod(lnk, 01777))
                                        errExit("chmod");
                        }
                        if (arg_debug)
                                printf("Mounting tmpfs on %s on behalf of /dev/shm\n", lnk);
-                        if (mount("tmpfs", lnk, "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=777,gid=0") < 0)
+                        if (mount("tmpfs", lnk, "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=1777,gid=0") < 0)
                                errExit("mounting /var/tmp");
                        fs_logger3("mount tmpfs on", lnk, "on behalf of /dev/shm");
                        free(lnk);
diff --git a/src/firejail/fs_var.c b/src/firejail/fs_var.c
index def718720..fe11bd5b5 100644
--- a/src/firejail/fs_var.c
+++ b/src/firejail/fs_var.c
@@ -268,7 +268,7 @@ void fs_var_lock(void) {
        if (is_dir("/var/lock")) {
                if (arg_debug)
                        printf("Mounting tmpfs on /var/lock\n");
-                if (mount("tmpfs", "/var/lock", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=777,gid=0") < 0)
+                if (mount("tmpfs", "/var/lock", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=1777,gid=0") < 0)
                        errExit("mounting /lock");
                fs_logger("mount tmpfs on /var/lock");
        }
@@ -286,7 +286,7 @@ void fs_var_lock(void) {
                        }
                        if (arg_debug)
                                printf("Mounting tmpfs on %s on behalf of /var/lock\n", lnk);
-                        if (mount("tmpfs", lnk, "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=777,gid=0") < 0)
+                        if (mount("tmpfs", lnk, "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=1777,gid=0") < 0)
                                errExit("mounting /var/lock");
                        free(lnk);
                        fs_logger("mount tmpfs on /var/lock");
@@ -304,7 +304,7 @@ void fs_var_tmp(void) {
                if (!is_link("/var/tmp")) {
                        if (arg_debug)
                                printf("Mounting tmpfs on /var/tmp\n");
-                        if (mount("tmpfs", "/var/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=777,gid=0") < 0)
+                        if (mount("tmpfs", "/var/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=1777,gid=0") < 0)
                                errExit("mounting /var/tmp");
                        fs_logger("mount tmpfs on /var/tmp");
                }
author	netblue30 <netblue30@yahoo.com>	2016-01-29 09:20:19 -0500
committer	netblue30 <netblue30@yahoo.com>	2016-01-29 09:20:19 -0500
commit	cd0ecfc7a7b30abde20db6dea505cd8c58e7c046 (patch)
tree	426cde92e5016d41ad61a98c2891d319756d959c /src
parent	Centos 6 support (diff)
download	firejail-cd0ecfc7a7b30abde20db6dea505cd8c58e7c046.tar.gz firejail-cd0ecfc7a7b30abde20db6dea505cd8c58e7c046.tar.zst firejail-cd0ecfc7a7b30abde20db6dea505cd8c58e7c046.zip

diff --git a/src/firejail/fs.c b/src/firejail/fs.c index b0add91e2..164e3368b 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c
@@ -963,7 +963,7 @@ void fs_private_tmp(void) {
963	// mount tmpfs on top of /run/firejail/mnt	963	// mount tmpfs on top of /run/firejail/mnt
964	if (arg_debug)	964	if (arg_debug)
965	printf("Mounting tmpfs on /tmp directory\n");	965	printf("Mounting tmpfs on /tmp directory\n");
966	if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID \| MS_STRICTATIME \| MS_REC, "mode=777,gid=0") < 0)	966	if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID \| MS_STRICTATIME \| MS_REC, "mode=1777,gid=0") < 0)
967	errExit("mounting /tmp/firejail/mnt");	967	errExit("mounting /tmp/firejail/mnt");
968	}	968	}
969		969


diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c index 0407b0626..97ee9de55 100644 --- a/src/firejail/fs_dev.c +++ b/src/firejail/fs_dev.c
@@ -105,7 +105,7 @@ void fs_private_dev(void){
105	}	105	}
106		106
107	// mount tmpfs on top of /dev	107	// mount tmpfs on top of /dev
108	if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID \| MS_STRICTATIME \| MS_REC, "mode=777,gid=0") < 0)	108	if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID \| MS_STRICTATIME \| MS_REC, "mode=755,gid=0") < 0)
109	errExit("mounting /dev");	109	errExit("mounting /dev");
110	fs_logger("mount tmpfs on /dev");	110	fs_logger("mount tmpfs on /dev");
111		111
@@ -139,12 +139,12 @@ void fs_private_dev(void){
139	// create /dev/shm	139	// create /dev/shm
140	if (arg_debug)	140	if (arg_debug)
141	printf("Create /dev/shm directory\n");	141	printf("Create /dev/shm directory\n");
142	rv = mkdir("/dev/shm", 0777);	142	rv = mkdir("/dev/shm", 01777);
143	if (rv == -1)	143	if (rv == -1)
144	errExit("mkdir");	144	errExit("mkdir");
145	if (chown("/dev/shm", 0, 0) < 0)	145	if (chown("/dev/shm", 0, 0) < 0)
146	errExit("chown");	146	errExit("chown");
147	if (chmod("/dev/shm", 0777) < 0)	147	if (chmod("/dev/shm", 01777) < 0)
148	errExit("chmod");	148	errExit("chmod");
149	fs_logger("mkdir /dev/shm");	149	fs_logger("mkdir /dev/shm");
150		150
@@ -201,7 +201,7 @@ void fs_dev_shm(void) {
201	if (is_dir("/dev/shm")) {	201	if (is_dir("/dev/shm")) {
202	if (arg_debug)	202	if (arg_debug)
203	printf("Mounting tmpfs on /dev/shm\n");	203	printf("Mounting tmpfs on /dev/shm\n");
204	if (mount("tmpfs", "/dev/shm", "tmpfs", MS_NOSUID \| MS_STRICTATIME \| MS_REC, "mode=777,gid=0") < 0)	204	if (mount("tmpfs", "/dev/shm", "tmpfs", MS_NOSUID \| MS_STRICTATIME \| MS_REC, "mode=1777,gid=0") < 0)
205	errExit("mounting /dev/shm");	205	errExit("mounting /dev/shm");
206	fs_logger("mount tmpfs on /dev/shm");	206	fs_logger("mount tmpfs on /dev/shm");
207	}	207	}
@@ -210,16 +210,16 @@ void fs_dev_shm(void) {
210	if (lnk) {	210	if (lnk) {
211	if (!is_dir(lnk)) {	211	if (!is_dir(lnk)) {
212	// create directory	212	// create directory
213	if (mkdir(lnk, 0777))	213	if (mkdir(lnk, 01777))
214	errExit("mkdir");	214	errExit("mkdir");
215	if (chown(lnk, 0, 0))	215	if (chown(lnk, 0, 0))
216	errExit("chown");	216	errExit("chown");
217	if (chmod(lnk, 0777))	217	if (chmod(lnk, 01777))
218	errExit("chmod");	218	errExit("chmod");
219	}	219	}
220	if (arg_debug)	220	if (arg_debug)
221	printf("Mounting tmpfs on %s on behalf of /dev/shm\n", lnk);	221	printf("Mounting tmpfs on %s on behalf of /dev/shm\n", lnk);
222	if (mount("tmpfs", lnk, "tmpfs", MS_NOSUID \| MS_STRICTATIME \| MS_REC, "mode=777,gid=0") < 0)	222	if (mount("tmpfs", lnk, "tmpfs", MS_NOSUID \| MS_STRICTATIME \| MS_REC, "mode=1777,gid=0") < 0)
223	errExit("mounting /var/tmp");	223	errExit("mounting /var/tmp");
224	fs_logger3("mount tmpfs on", lnk, "on behalf of /dev/shm");	224	fs_logger3("mount tmpfs on", lnk, "on behalf of /dev/shm");
225	free(lnk);	225	free(lnk);


diff --git a/src/firejail/fs_var.c b/src/firejail/fs_var.c index def718720..fe11bd5b5 100644 --- a/src/firejail/fs_var.c +++ b/src/firejail/fs_var.c
@@ -268,7 +268,7 @@ void fs_var_lock(void) {
268	if (is_dir("/var/lock")) {	268	if (is_dir("/var/lock")) {
269	if (arg_debug)	269	if (arg_debug)
270	printf("Mounting tmpfs on /var/lock\n");	270	printf("Mounting tmpfs on /var/lock\n");
271	if (mount("tmpfs", "/var/lock", "tmpfs", MS_NOSUID \| MS_STRICTATIME \| MS_REC, "mode=777,gid=0") < 0)	271	if (mount("tmpfs", "/var/lock", "tmpfs", MS_NOSUID \| MS_STRICTATIME \| MS_REC, "mode=1777,gid=0") < 0)
272	errExit("mounting /lock");	272	errExit("mounting /lock");
273	fs_logger("mount tmpfs on /var/lock");	273	fs_logger("mount tmpfs on /var/lock");
274	}	274	}
@@ -286,7 +286,7 @@ void fs_var_lock(void) {
286	}	286	}
287	if (arg_debug)	287	if (arg_debug)
288	printf("Mounting tmpfs on %s on behalf of /var/lock\n", lnk);	288	printf("Mounting tmpfs on %s on behalf of /var/lock\n", lnk);
289	if (mount("tmpfs", lnk, "tmpfs", MS_NOSUID \| MS_STRICTATIME \| MS_REC, "mode=777,gid=0") < 0)	289	if (mount("tmpfs", lnk, "tmpfs", MS_NOSUID \| MS_STRICTATIME \| MS_REC, "mode=1777,gid=0") < 0)
290	errExit("mounting /var/lock");	290	errExit("mounting /var/lock");
291	free(lnk);	291	free(lnk);
292	fs_logger("mount tmpfs on /var/lock");	292	fs_logger("mount tmpfs on /var/lock");
@@ -304,7 +304,7 @@ void fs_var_tmp(void) {
304	if (!is_link("/var/tmp")) {	304	if (!is_link("/var/tmp")) {
305	if (arg_debug)	305	if (arg_debug)
306	printf("Mounting tmpfs on /var/tmp\n");	306	printf("Mounting tmpfs on /var/tmp\n");
307	if (mount("tmpfs", "/var/tmp", "tmpfs", MS_NOSUID \| MS_STRICTATIME \| MS_REC, "mode=777,gid=0") < 0)	307	if (mount("tmpfs", "/var/tmp", "tmpfs", MS_NOSUID \| MS_STRICTATIME \| MS_REC, "mode=1777,gid=0") < 0)
308	errExit("mounting /var/tmp");	308	errExit("mounting /var/tmp");
309	fs_logger("mount tmpfs on /var/tmp");	309	fs_logger("mount tmpfs on /var/tmp");
310	}	310	}