From: Daniel Golle Date: Tue, 14 Apr 2020 14:46:03 +0000 (+0100) Subject: jail: always mount /dev as additional tmpfs X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=a4cc165a9fdcc9d76a0ba58a2e9ccde605e5f40d;p=oweals%2Fprocd.git jail: always mount /dev as additional tmpfs Signed-off-by: Daniel Golle --- diff --git a/jail/jail.c b/jail/jail.c index 87b671b..ca8b832 100644 --- a/jail/jail.c +++ b/jail/jail.c @@ -187,6 +187,7 @@ static int build_jail_fs(void) { char jail_root[] = "/tmp/ujail-XXXXXX"; char tmpovdir[] = "/tmp/ujail-overlay-XXXXXX"; + char tmpdevdir[] = "/tmp/ujail-XXXXXX/dev"; char *overlaydir = NULL; if (mkdtemp(jail_root) == NULL) { @@ -240,6 +241,11 @@ static int build_jail_fs(void) return -1; } + snprintf(tmpdevdir, sizeof(tmpdevdir), "%s/dev", jail_root); + mkdir_p(tmpdevdir, 0755); + if (mount(NULL, tmpdevdir, "tmpfs", MS_NOATIME | MS_NOEXEC | MS_NOSUID, "size=1M")) + return -1; + if (mount_all(jail_root)) { ERROR("mount_all() failed\n"); return -1;