diff options
Diffstat (limited to 'src/firejail/sandbox.c')
| -rw-r--r-- | src/firejail/sandbox.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index a33c81937..0818bf450 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
| @@ -208,6 +208,12 @@ static int monitor_application(pid_t app_pid) { | |||
| 208 | if (arg_debug) | 208 | if (arg_debug) |
| 209 | printf("Sandbox monitor: waitpid %u retval %d status %d\n", monitored_pid, rv, status); | 209 | printf("Sandbox monitor: waitpid %u retval %d status %d\n", monitored_pid, rv, status); |
| 210 | 210 | ||
| 211 | // if /proc is not remounted, we cannot check /proc directory, | ||
| 212 | // for now we just get out of here | ||
| 213 | // todo: find another way of checking child processes! | ||
| 214 | if (!checkcfg(CFG_REMOUNT_PROC_SYS)) | ||
| 215 | break; | ||
| 216 | |||
| 211 | DIR *dir; | 217 | DIR *dir; |
| 212 | if (!(dir = opendir("/proc"))) { | 218 | if (!(dir = opendir("/proc"))) { |
| 213 | // sleep 2 seconds and try again | 219 | // sleep 2 seconds and try again |
| @@ -551,7 +557,8 @@ int sandbox(void* sandbox_arg) { | |||
| 551 | //**************************** | 557 | //**************************** |
| 552 | // update /proc, /sys, /dev, /boot directorymy | 558 | // update /proc, /sys, /dev, /boot directorymy |
| 553 | //**************************** | 559 | //**************************** |
| 554 | fs_proc_sys_dev_boot(); | 560 | if (checkcfg(CFG_REMOUNT_PROC_SYS)) |
| 561 | fs_proc_sys_dev_boot(); | ||
| 555 | 562 | ||
| 556 | //**************************** | 563 | //**************************** |
| 557 | // apply the profile file | 564 | // apply the profile file |