diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/fs.c | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/src/firejail/fs.c b/src/firejail/fs.c index a0a7d9342..5ddbcec34 100644 --- a/src/firejail/fs.c +++ b/src/firejail/fs.c | |||
@@ -533,17 +533,15 @@ void fs_proc_sys_dev_boot(void) { | |||
533 | // disable /boot | 533 | // disable /boot |
534 | if (stat("/boot", &s) == 0) { | 534 | if (stat("/boot", &s) == 0) { |
535 | if (arg_debug) | 535 | if (arg_debug) |
536 | printf("Mounting a new /boot directory\n"); | 536 | printf("Disable /boot directory\n"); |
537 | if (mount("tmpfs", "/boot", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) | 537 | disable_file(BLACKLIST_FILE, "/boot"); |
538 | errExit("mounting /boot directory"); | ||
539 | } | 538 | } |
540 | 539 | ||
541 | // disable /selinux | 540 | // disable /selinux |
542 | if (stat("/selinux", &s) == 0) { | 541 | if (stat("/selinux", &s) == 0) { |
543 | if (arg_debug) | 542 | if (arg_debug) |
544 | printf("Mounting a new /selinux directory\n"); | 543 | printf("Disable /selinux directory\n"); |
545 | if (mount("tmpfs", "/selinux", "tmpfs", MS_NOSUID | MS_NODEV | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0) | 544 | disable_file(BLACKLIST_FILE, "/selinux"); |
546 | errExit("mounting /selinux directory"); | ||
547 | } | 545 | } |
548 | 546 | ||
549 | // disable /dev/port | 547 | // disable /dev/port |