From accdd534b1eba072e77589a35e9b49f6c8b63858 Mon Sep 17 00:00:00 2001
From: root <root@debian>
Date: Mon, 9 Nov 2015 12:13:22 -0500
Subject: added /dev/log to private-dev

---
 src/firejail/firejail.h |  1 +
 src/firejail/fs_dev.c   | 29 +++++++++++++++++++++++++++--
 2 files changed, 28 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index e3a56704f..5a917fd1f 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -38,6 +38,7 @@
 #define BIN_DIR	"/run/firejail/mnt/bin"
 #define DRI_DIR	"/run/firejail/mnt/dri"
 #define PULSE_DIR	"/run/firejail/mnt/pulse"
+#define DEVLOG_FILE	"/run/firejail/mnt/devlog"
 #define WHITELIST_HOME_DIR	"/run/firejail/mnt/whome"
 #define XAUTHORITY_FILE	"/run/firejail/mnt/.Xauthority"
 #define HOSTNAME_FILE	"/run/firejail/mnt/hostname"
diff --git a/src/firejail/fs_dev.c b/src/firejail/fs_dev.c
index ec7126ffd..469cf48ab 100644
--- a/src/firejail/fs_dev.c
+++ b/src/firejail/fs_dev.c
@@ -74,7 +74,6 @@ void fs_private_dev(void){
 
 	// create DRI_DIR
 	fs_build_mnt_dir();
-	
 	if (have_dri) {
 		/* coverity[toctou] */
 		rv = mkdir(DRI_DIR, 0755);
@@ -90,10 +89,36 @@ void fs_private_dev(void){
 			errExit("mounting /dev/dri");
 	}
 	
+	// restore /dev/log
+	int have_devlog = 0;
+	if (stat("/dev/log", &s) == 0) {
+		have_devlog = 1;
+		FILE *fp = fopen(DEVLOG_FILE, "w");
+		if (!fp)
+			have_devlog = 0;
+		else {
+			fprintf(fp, "\n");
+			fclose(fp);
+			if (mount("/dev/log", DEVLOG_FILE, NULL, MS_BIND|MS_REC, NULL) < 0)
+				errExit("mounting /dev/log");
+		}
+	}
+
 	// mount tmpfs on top of /dev
 	if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC,  "mode=777,gid=0") < 0)
 		errExit("mounting /dev");
 
+	// bring back /dev/log
+	if (have_devlog) {
+		FILE *fp = fopen("/dev/log", "w");
+		if (fp) {
+			fprintf(fp, "\n");
+			fclose(fp);
+			if (mount(DEVLOG_FILE, "/dev/log", NULL, MS_BIND|MS_REC, NULL) < 0)
+				errExit("mounting /dev/log");
+		}
+	}		
+
 	// bring back the /dev/dri directory
 	if (have_dri) {
 		/* coverity[toctou] */
@@ -105,7 +130,7 @@ void fs_private_dev(void){
 		if (chmod("/dev/dri",0755) < 0)
 			errExit("chmod");
 		if (mount(DRI_DIR, "/dev/dri", NULL, MS_BIND|MS_REC, NULL) < 0)
-			errExit("mounting /dev");
+			errExit("mounting /dev/dri");
 	}
 	
 	// create /dev/shm
-- 
cgit v1.2.3-54-g00ecf