aboutsummaryrefslogtreecommitdiffstats
path: root/src/firejail/fs_dev.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/firejail/fs_dev.c')
-rw-r--r--src/firejail/fs_dev.c15
1 files changed, 15 insertions, 0 deletions
diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c
index 86e0918e1..c0cb49db7 100644
--- a/src/firejail/fs_dev.c
+++ b/src/firejail/fs_dev.c
@@ -107,6 +107,7 @@ void fs_private_dev(void){
107 // mount tmpfs on top of /dev 107 // mount tmpfs on top of /dev
108 if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) 108 if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0)
109 errExit("mounting /dev"); 109 errExit("mounting /dev");
110 fs_logger("mount tmpfs on /dev");
110 111
111 // bring back /dev/log 112 // bring back /dev/log
112 if (have_devlog) { 113 if (have_devlog) {
@@ -116,6 +117,7 @@ void fs_private_dev(void){
116 fclose(fp); 117 fclose(fp);
117 if (mount(RUN_DEVLOG_FILE, "/dev/log", NULL, MS_BIND|MS_REC, NULL) < 0) 118 if (mount(RUN_DEVLOG_FILE, "/dev/log", NULL, MS_BIND|MS_REC, NULL) < 0)
118 errExit("mounting /dev/log"); 119 errExit("mounting /dev/log");
120 fs_logger("clone /dev/log");
119 } 121 }
120 } 122 }
121 123
@@ -131,6 +133,7 @@ void fs_private_dev(void){
131 errExit("chmod"); 133 errExit("chmod");
132 if (mount(RUN_DRI_DIR, "/dev/dri", NULL, MS_BIND|MS_REC, NULL) < 0) 134 if (mount(RUN_DRI_DIR, "/dev/dri", NULL, MS_BIND|MS_REC, NULL) < 0)
133 errExit("mounting /dev/dri"); 135 errExit("mounting /dev/dri");
136 fs_logger("clone /dev/dri");
134 } 137 }
135 138
136 // create /dev/shm 139 // create /dev/shm
@@ -143,14 +146,21 @@ void fs_private_dev(void){
143 errExit("chown"); 146 errExit("chown");
144 if (chmod("/dev/shm", 0777) < 0) 147 if (chmod("/dev/shm", 0777) < 0)
145 errExit("chmod"); 148 errExit("chmod");
149 fs_logger("mkdir /dev/shm");
146 150
147 // create devices 151 // create devices
148 create_char_dev("/dev/zero", 0666, 1, 5); // mknod -m 666 /dev/zero c 1 5 152 create_char_dev("/dev/zero", 0666, 1, 5); // mknod -m 666 /dev/zero c 1 5
153 fs_logger("mknod /dev/zero");
149 create_char_dev("/dev/null", 0666, 1, 3); // mknod -m 666 /dev/null c 1 3 154 create_char_dev("/dev/null", 0666, 1, 3); // mknod -m 666 /dev/null c 1 3
155 fs_logger("mknod /dev/null");
150 create_char_dev("/dev/full", 0666, 1, 7); // mknod -m 666 /dev/full c 1 7 156 create_char_dev("/dev/full", 0666, 1, 7); // mknod -m 666 /dev/full c 1 7
157 fs_logger("mknod /dev/full");
151 create_char_dev("/dev/random", 0666, 1, 8); // Mknod -m 666 /dev/random c 1 8 158 create_char_dev("/dev/random", 0666, 1, 8); // Mknod -m 666 /dev/random c 1 8
159 fs_logger("mknod /dev/random");
152 create_char_dev("/dev/urandom", 0666, 1, 9); // mknod -m 666 /dev/urandom c 1 9 160 create_char_dev("/dev/urandom", 0666, 1, 9); // mknod -m 666 /dev/urandom c 1 9
161 fs_logger("mknod /dev/urandom");
153 create_char_dev("/dev/tty", 0666, 5, 0); // mknod -m 666 /dev/tty c 5 0 162 create_char_dev("/dev/tty", 0666, 5, 0); // mknod -m 666 /dev/tty c 5 0
163 fs_logger("mknod /dev/tty");
154#if 0 164#if 0
155 create_dev("/dev/tty0", "mknod -m 666 /dev/tty0 c 4 0"); 165 create_dev("/dev/tty0", "mknod -m 666 /dev/tty0 c 4 0");
156 create_dev("/dev/console", "mknod -m 622 /dev/console c 5 1"); 166 create_dev("/dev/console", "mknod -m 622 /dev/console c 5 1");
@@ -164,11 +174,14 @@ void fs_private_dev(void){
164 errExit("chown"); 174 errExit("chown");
165 if (chmod("/dev/pts", 0755) < 0) 175 if (chmod("/dev/pts", 0755) < 0)
166 errExit("chmod"); 176 errExit("chmod");
177 fs_logger("mkdir /dev/pts");
167 create_char_dev("/dev/pts/ptmx", 0666, 5, 2); //"mknod -m 666 /dev/pts/ptmx c 5 2"); 178 create_char_dev("/dev/pts/ptmx", 0666, 5, 2); //"mknod -m 666 /dev/pts/ptmx c 5 2");
179 fs_logger("mknod /dev/pts/ptmx");
168 create_link("/dev/pts/ptmx", "/dev/ptmx"); 180 create_link("/dev/pts/ptmx", "/dev/ptmx");
169 // mount -vt devpts -o newinstance -o ptmxmode=0666 devpts //dev/pts 181 // mount -vt devpts -o newinstance -o ptmxmode=0666 devpts //dev/pts
170 if (mount("devpts", "/dev/pts", "devpts", MS_MGC_VAL, "newinstance,ptmxmode=0666") < 0) 182 if (mount("devpts", "/dev/pts", "devpts", MS_MGC_VAL, "newinstance,ptmxmode=0666") < 0)
171 errExit("mounting /dev/pts"); 183 errExit("mounting /dev/pts");
184 fs_logger("mount devpts");
172 185
173#if 0 186#if 0
174 // stdin, stdout, stderr 187 // stdin, stdout, stderr
@@ -190,6 +203,7 @@ void fs_dev_shm(void) {
190 printf("Mounting tmpfs on /dev/shm\n"); 203 printf("Mounting tmpfs on /dev/shm\n");
191 if (mount("tmpfs", "/dev/shm", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) 204 if (mount("tmpfs", "/dev/shm", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0)
192 errExit("mounting /dev/shm"); 205 errExit("mounting /dev/shm");
206 fs_logger("mount tmpfs on /dev/shm");
193 } 207 }
194 else { 208 else {
195 char *lnk = realpath("/dev/shm", NULL); 209 char *lnk = realpath("/dev/shm", NULL);
@@ -207,6 +221,7 @@ void fs_dev_shm(void) {
207 printf("Mounting tmpfs on %s on behalf of /dev/shm\n", lnk); 221 printf("Mounting tmpfs on %s on behalf of /dev/shm\n", lnk);
208 if (mount("tmpfs", lnk, "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) 222 if (mount("tmpfs", lnk, "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0)
209 errExit("mounting /var/tmp"); 223 errExit("mounting /var/tmp");
224 fs_logger3("mount tmpfs on", lnk, "on behalf of /dev/shm");
210 free(lnk); 225 free(lnk);
211 } 226 }
212 else { 227 else {
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-09-04 03:27:28 +0000