diff options
| -rw-r--r-- | src/firejail/fs.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index 98efb5e41..08b268d93 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
| @@ -571,8 +571,11 @@ void fs_proc_sys_dev_boot(void) { | |||
| 571 | /* Mount a version of /sys that describes the network namespace */ | 571 | /* Mount a version of /sys that describes the network namespace */ |
| 572 | if (arg_debug) | 572 | if (arg_debug) |
| 573 | printf("Remounting /sys directory\n"); | 573 | printf("Remounting /sys directory\n"); |
| 574 | if (umount2("/sys", MNT_DETACH) < 0) | 574 | // if this is an overlay, just mount a new /sys on top of the upper layer |
| 575 | fwarning("failed to unmount /sys\n"); | 575 | if (!arg_overlay) { |
| 576 | if (umount2("/sys", MNT_DETACH) < 0) | ||
| 577 | fwarning("failed to unmount /sys\n"); | ||
| 578 | } | ||
| 576 | if (mount("sysfs", "/sys", "sysfs", MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REC, NULL) < 0) | 579 | if (mount("sysfs", "/sys", "sysfs", MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_REC, NULL) < 0) |
| 577 | fwarning("failed to mount /sys\n"); | 580 | fwarning("failed to mount /sys\n"); |
| 578 | else | 581 | else |