Overview

File firejail-0.9.62-fix-usr-etc.patch of Package firejail

From 609be4fda2dda5557de864eba814c42fe2f40dca Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Sun, 9 Feb 2020 11:30:31 +0100
Subject: [PATCH] openSUSE fix: mount private-etc on /usr/etc as well

see issue #3145
---
 src/firejail/fs_etc.c  | 3 ++-
 src/firejail/sandbox.c | 1 +
 src/include/rundefs.h  | 1 +
 3 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/firejail/fs_etc.c b/src/firejail/fs_etc.c
index 7b7813926..76bcb751e 100644
--- a/src/firejail/fs_etc.c
+++ b/src/firejail/fs_etc.c
@@ -145,7 +145,8 @@ void fs_private_dir_list(const char *private_dir, const char *private_run_dir, c
 	// nothing to do if directory does not exist
 	struct stat s;
 	if (stat(private_dir, &s) == -1) {
-		fmessage("Cannot find %s\n", private_dir);
+		if (arg_debug)
+			printf("Cannot find %s\n", private_dir);
 		return;
 	}
 
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c
index 96ad30bed..4f53cafcc 100644
--- a/src/firejail/sandbox.c
+++ b/src/firejail/sandbox.c
@@ -855,6 +855,7 @@ int sandbox(void* sandbox_arg) {
 			fwarning("private-etc feature is disabled in overlay\n");
 		else {
 			fs_private_dir_list("/etc", RUN_ETC_DIR, cfg.etc_private_keep);
+			fs_private_dir_list("/usr/etc", RUN_USR_ETC_DIR, cfg.etc_private_keep); // openSUSE
 			// create /etc/ld.so.preload file again
 			if (need_preload)
 				fs_trace_preload();
diff --git a/src/include/rundefs.h b/src/include/rundefs.h
index 7f9c68be2..1cfeee28d 100644
--- a/src/include/rundefs.h
+++ b/src/include/rundefs.h
@@ -42,6 +42,7 @@
 #define RUN_NONEWPRIVS_CFG		RUN_MNT_DIR "/nonewprivs"
 #define RUN_HOME_DIR			RUN_MNT_DIR "/home"
 #define RUN_ETC_DIR			RUN_MNT_DIR "/etc"
+#define RUN_USR_ETC_DIR		RUN_MNT_DIR "/usretc"
 #define RUN_OPT_DIR			RUN_MNT_DIR "/opt"
 #define RUN_SRV_DIR			RUN_MNT_DIR "/srv"
 #define RUN_BIN_DIR			RUN_MNT_DIR "/bin"
From cd184e9919bb67fb88ee6208c395682f5f0ba764 Mon Sep 17 00:00:00 2001
From: smitsohu <smitsohu@gmail.com>
Date: Sun, 9 Feb 2020 11:33:57 +0100
Subject: [PATCH] openSUSE fix: search login.defs in /usr/etc, too

see issue #3145
---
 src/lib/firejail_user.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/lib/firejail_user.c b/src/lib/firejail_user.c
index dbf2ca94b..2e03ce0e0 100644
--- a/src/lib/firejail_user.c
+++ b/src/lib/firejail_user.c
@@ -43,8 +43,11 @@ static void init_uid_gid_min(void) {
 
 	// read the real values from login.def
 	FILE *fp = fopen("/etc/login.defs", "r");
-	if (!fp)
-		goto errexit;
+	if (!fp) {
+		fp = fopen("/usr/etc/login.defs", "r"); // openSUSE
+		if (!fp)
+			goto errexit;
+	}
 
 	char buf[MAXBUF];
 	while (fgets(buf, MAXBUF, fp)) {
openSUSE Build Service is sponsored by
Places