From 608386fa784e1c0c84a952c643648c2f619e5547 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Sun, 6 Aug 2017 15:27:19 -0400
Subject: private-lib fixes

---
 src/firejail/fs_lib.c | 56 ++++++++++++++++++++++++++++++---------------------
 1 file changed, 33 insertions(+), 23 deletions(-)

diff --git a/src/firejail/fs_lib.c b/src/firejail/fs_lib.c
index f39349fe6..165d5651d 100644
--- a/src/firejail/fs_lib.c
+++ b/src/firejail/fs_lib.c
@@ -227,29 +227,39 @@ void fs_private_lib(void) {
 	if (arg_debug)
 		printf("Mount-bind %s on top of /lib /lib64 /usr/lib\n", RUN_LIB_DIR);
 
-	if (mount(RUN_LIB_DIR, "/lib", NULL, MS_BIND|MS_REC, NULL) < 0 ||
-	    mount(NULL, "/lib", NULL, MS_BIND|MS_REMOUNT|MS_NOSUID|MS_NODEV|MS_REC, NULL) < 0)
-		errExit("mount bind");
-	fs_logger2("tmpfs", "/lib");
-	fs_logger("mount /lib");
-
-	if (mount(RUN_LIB_DIR, "/lib64", NULL, MS_BIND|MS_REC, NULL) < 0 ||
-	    mount(NULL, "/lib64", NULL, MS_BIND|MS_REMOUNT|MS_NOSUID|MS_NODEV|MS_REC, NULL) < 0)
-		errExit("mount bind");
-	fs_logger2("tmpfs", "/lib64");
-	fs_logger("mount /lib64");
-
-	if (mount(RUN_LIB_DIR, "/usr/lib", NULL, MS_BIND|MS_REC, NULL) < 0 ||
-	    mount(NULL, "/usr/lib", NULL, MS_BIND|MS_REMOUNT|MS_NOSUID|MS_NODEV|MS_REC, NULL) < 0)
-		errExit("mount bind");
-	fs_logger2("tmpfs", "/usr/lib");
-	fs_logger("mount /usr/lib");
+    if (is_dir("/lib")) {
+    	if (mount(RUN_LIB_DIR, "/lib", NULL, MS_BIND|MS_REC, NULL) < 0 ||
+	        mount(NULL, "/lib", NULL, MS_BIND|MS_REMOUNT|MS_NOSUID|MS_NODEV|MS_REC, NULL) < 0)
+            errExit("mount bind");
+    	fs_logger2("tmpfs", "/lib");
+	    fs_logger("mount /lib");
+    }
+
+    if (is_dir("/lib64")) {	
+        if (mount(RUN_LIB_DIR, "/lib64", NULL, MS_BIND|MS_REC, NULL) < 0 ||
+    	    mount(NULL, "/lib64", NULL, MS_BIND|MS_REMOUNT|MS_NOSUID|MS_NODEV|MS_REC, NULL) < 0)
+    		errExit("mount bind");
+    	fs_logger2("tmpfs", "/lib64");
+    	fs_logger("mount /lib64");
+    }
+
+    if (is_dir("/usr/lib")) {
+    	if (mount(RUN_LIB_DIR, "/usr/lib", NULL, MS_BIND|MS_REC, NULL) < 0 ||
+	        mount(NULL, "/usr/lib", NULL, MS_BIND|MS_REMOUNT|MS_NOSUID|MS_NODEV|MS_REC, NULL) < 0)
+            errExit("mount bind");
+       fs_logger2("tmpfs", "/usr/lib");
+    	fs_logger("mount /usr/lib");
+    }
 
 	// for amd64 only - we'll deal with i386 later
-	if (mount(RUN_RO_DIR, "/lib32", "none", MS_BIND, "mode=400,gid=0") < 0)
-		errExit("disable file");
-	fs_logger("blacklist-nolog /lib32");
-	if (mount(RUN_RO_DIR, "/libx32", "none", MS_BIND, "mode=400,gid=0") < 0)
-		errExit("disable file");
-	fs_logger("blacklist-nolog /libx32");
+    if (is_dir("/lib32")) {
+    	if (mount(RUN_RO_DIR, "/lib32", "none", MS_BIND, "mode=400,gid=0") < 0)
+    		errExit("disable file");
+    	fs_logger("blacklist-nolog /lib32");
+    }
+    if (is_dir("/libx32")) {
+    	if (mount(RUN_RO_DIR, "/libx32", "none", MS_BIND, "mode=400,gid=0") < 0)
+	    	errExit("disable file");
+	    fs_logger("blacklist-nolog /libx32");
+    }
 }
-- 
cgit v1.2.3-54-g00ecf