diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/fs_dev.c | 53 |
1 files changed, 32 insertions, 21 deletions
diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c index 7560d5fef..881f20b1f 100644 --- a/src/firejail/fs_dev.c +++ b/src/firejail/fs_dev.c | |||
@@ -62,38 +62,49 @@ errexit: | |||
62 | } | 62 | } |
63 | 63 | ||
64 | void fs_private_dev(void){ | 64 | void fs_private_dev(void){ |
65 | int rv; | ||
65 | // install a new /dev directory | 66 | // install a new /dev directory |
66 | if (arg_debug) | 67 | if (arg_debug) |
67 | printf("Mounting tmpfs on /dev\n"); | 68 | printf("Mounting tmpfs on /dev\n"); |
68 | 69 | ||
70 | int have_dri = 0; | ||
71 | struct stat s; | ||
72 | if (stat("/dev/dri", &s) == 0) | ||
73 | have_dri = 1; | ||
74 | |||
69 | // create DRI_DIR | 75 | // create DRI_DIR |
70 | fs_build_mnt_dir(); | 76 | fs_build_mnt_dir(); |
71 | int rv = mkdir(DRI_DIR, 0755); | 77 | |
72 | if (rv == -1) | 78 | if (have_dri) { |
73 | errExit("mkdir"); | 79 | rv = mkdir(DRI_DIR, 0755); |
74 | if (chown(DRI_DIR, 0, 0) < 0) | 80 | if (rv == -1) |
75 | errExit("chown"); | 81 | errExit("mkdir"); |
76 | if (chmod(DRI_DIR, 0755) < 0) | 82 | if (chown(DRI_DIR, 0, 0) < 0) |
77 | errExit("chmod"); | 83 | errExit("chown"); |
78 | 84 | if (chmod(DRI_DIR, 0755) < 0) | |
79 | // keep a copy of /dev/dri under DRI_DIR | 85 | errExit("chmod"); |
80 | if (mount("/dev/dri", DRI_DIR, NULL, MS_BIND|MS_REC, NULL) < 0) | 86 | |
81 | errExit("mounting /dev"); | 87 | // keep a copy of /dev/dri under DRI_DIR |
82 | 88 | if (mount("/dev/dri", DRI_DIR, NULL, MS_BIND|MS_REC, NULL) < 0) | |
89 | errExit("mounting /dev/dri"); | ||
90 | } | ||
91 | |||
83 | // mount tmpfs on top of /dev | 92 | // mount tmpfs on top of /dev |
84 | if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) | 93 | if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) |
85 | errExit("mounting /dev"); | 94 | errExit("mounting /dev"); |
86 | 95 | ||
87 | // bring back the /dev/dri directory | 96 | // bring back the /dev/dri directory |
88 | rv = mkdir("/dev/dri", 0755); | 97 | if (have_dri) { |
89 | if (rv == -1) | 98 | rv = mkdir("/dev/dri", 0755); |
90 | errExit("mkdir"); | 99 | if (rv == -1) |
91 | if (chown("/dev/dri", 0, 0) < 0) | 100 | errExit("mkdir"); |
92 | errExit("chown"); | 101 | if (chown("/dev/dri", 0, 0) < 0) |
93 | if (chmod("/dev/dri",0755) < 0) | 102 | errExit("chown"); |
94 | errExit("chmod"); | 103 | if (chmod("/dev/dri",0755) < 0) |
95 | if (mount(DRI_DIR, "/dev/dri", NULL, MS_BIND|MS_REC, NULL) < 0) | 104 | errExit("chmod"); |
96 | errExit("mounting /dev"); | 105 | if (mount(DRI_DIR, "/dev/dri", NULL, MS_BIND|MS_REC, NULL) < 0) |
106 | errExit("mounting /dev"); | ||
107 | } | ||
97 | 108 | ||
98 | // create /dev/shm | 109 | // create /dev/shm |
99 | if (arg_debug) | 110 | if (arg_debug) |