diff options
Diffstat (limited to 'src/firejail/fs.c')
-rw-r--r-- | src/firejail/fs.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index d63ed104f..a5f12c7df 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
@@ -77,14 +77,15 @@ void fs_build_firejail_dir(void) { | |||
77 | if (stat(RUN_FIREJAIL_BASEDIR, &s)) { | 77 | if (stat(RUN_FIREJAIL_BASEDIR, &s)) { |
78 | create_dir_as_root(RUN_FIREJAIL_BASEDIR, 0755); | 78 | create_dir_as_root(RUN_FIREJAIL_BASEDIR, 0755); |
79 | } | 79 | } |
80 | else { // check /tmp/firejail directory belongs to root end exit if doesn't! | 80 | |
81 | // check /run/firejail directory belongs to root end exit if doesn't! | ||
82 | if (stat(RUN_FIREJAIL_DIR, &s) == 0) { | ||
81 | if (s.st_uid != 0 || s.st_gid != 0) { | 83 | if (s.st_uid != 0 || s.st_gid != 0) { |
82 | fprintf(stderr, "Error: non-root %s directory, exiting...\n", RUN_FIREJAIL_DIR); | 84 | fprintf(stderr, "Error: non-root %s directory, exiting...\n", RUN_FIREJAIL_DIR); |
83 | exit(1); | 85 | exit(1); |
84 | } | 86 | } |
85 | } | 87 | } |
86 | 88 | else { | |
87 | if (stat(RUN_FIREJAIL_DIR, &s)) { | ||
88 | create_dir_as_root(RUN_FIREJAIL_DIR, 0755); | 89 | create_dir_as_root(RUN_FIREJAIL_DIR, 0755); |
89 | } | 90 | } |
90 | 91 | ||
@@ -113,7 +114,7 @@ void fs_build_firejail_dir(void) { | |||
113 | } | 114 | } |
114 | 115 | ||
115 | 116 | ||
116 | // build /tmp/firejail/mnt directory | 117 | // build /run/firejail/mnt directory |
117 | static int tmpfs_mounted = 0; | 118 | static int tmpfs_mounted = 0; |
118 | #ifdef HAVE_CHROOT | 119 | #ifdef HAVE_CHROOT |
119 | static void fs_build_remount_mnt_dir(void) { | 120 | static void fs_build_remount_mnt_dir(void) { |
@@ -137,7 +138,7 @@ void fs_build_mnt_dir(void) { | |||
137 | if (arg_debug) | 138 | if (arg_debug) |
138 | printf("Mounting tmpfs on %s directory\n", RUN_MNT_DIR); | 139 | printf("Mounting tmpfs on %s directory\n", RUN_MNT_DIR); |
139 | if (mount("tmpfs", RUN_MNT_DIR, "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) | 140 | if (mount("tmpfs", RUN_MNT_DIR, "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0) |
140 | errExit("mounting /tmp/firejail/mnt"); | 141 | errExit("mounting /run/firejail/mnt"); |
141 | tmpfs_mounted = 1; | 142 | tmpfs_mounted = 1; |
142 | fs_logger2("tmpfs", RUN_MNT_DIR); | 143 | fs_logger2("tmpfs", RUN_MNT_DIR); |
143 | } | 144 | } |
@@ -1254,7 +1255,7 @@ void fs_private_tmp(void) { | |||
1254 | if (arg_debug) | 1255 | if (arg_debug) |
1255 | printf("Mounting tmpfs on /tmp directory\n"); | 1256 | printf("Mounting tmpfs on /tmp directory\n"); |
1256 | if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=1777,gid=0") < 0) | 1257 | if (mount("tmpfs", "/tmp", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=1777,gid=0") < 0) |
1257 | errExit("mounting /tmp/firejail/mnt"); | 1258 | errExit("mounting tmpfs on /tmp directory"); |
1258 | fs_logger2("tmpfs", "/tmp"); | 1259 | fs_logger2("tmpfs", "/tmp"); |
1259 | } | 1260 | } |
1260 | 1261 | ||