diff options
| -rw-r--r-- | src/utils.c | 10 | ||||
| -rw-r--r-- | src/utils.h | 2 |
2 files changed, 8 insertions, 4 deletions
diff --git a/src/utils.c b/src/utils.c index ae036de..d63edcc 100644 --- a/src/utils.c +++ b/src/utils.c @@ -286,7 +286,7 @@ void chk_chroot(void) return; } - E("%s", "Can not mount filesystem as private"); + E("%s", "Can not mount filesystem as slave"); exit(EXIT_FAILURE); } @@ -294,7 +294,7 @@ void mount_root(void) { int s; - s = mount("none", "/", "none", MS_PRIVATE|MS_REC, NULL); + s = mount("none", "/", "", MS_SLAVE|MS_NOSUID|MS_REC, NULL); if (s) chk_chroot(); } @@ -391,6 +391,7 @@ int create_device_files(const char *mount_path) return s; } +#if 0 int update_guid_map(pid_t pid, unsigned int map[3], int update_uidmap) { int s, fd; @@ -434,12 +435,13 @@ int update_setgroups_self(int allow) return 1; if (allow) { - written = write(fd, str_allow, sizeof str_allow); + written = write(fd, str_allow, sizeof(str_allow) - 1); } else { - written = write(fd, str_deny, sizeof str_deny); + written = write(fd, str_deny, sizeof(str_deny) - 1); } if (written <= 0) return 1; return 0; } +#endif diff --git a/src/utils.h b/src/utils.h index 360cc3f..8b3b230 100644 --- a/src/utils.h +++ b/src/utils.h @@ -41,8 +41,10 @@ int create_device_file_checked(const char *mount_path, const char *device_file, int create_device_files(const char *mount_path); +#if 0 int update_guid_map(pid_t pid, unsigned int uid_map[3], int update_uidmap); int update_setgroups_self(int allow); +#endif #endif |