void fs_private_dev(void){
// install a new /dev directory
if (arg_debug)
printf("Mounting tmpfs on /dev\n");
if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0)
errExit("mounting /dev");
// create /dev/shm
if (arg_debug)
printf("Create /dev/shm directory\n");
int rv = mkdir("/dev/shm", S_IRWXU | S_IRWXG | S_IRWXO);
if (rv == -1)
errExit("mkdir");
if (chown("/dev/shm", 0, 0) < 0)
errExit("chown");
if (chmod("/dev/shm", S_IRWXU | S_IRWXG | S_IRWXO) < 0)
errExit("chmod");
// create devices
create_char_dev("/dev/zero", 0666, 1, 5); // mknod -m 666 /dev/zero c 1 5
create_char_dev("/dev/null", 0666, 1, 3); // mknod -m 666 /dev/null c 1 3
create_char_dev("/dev/full", 0666, 1, 7); // mknod -m 666 /dev/full c 1 7
create_char_dev("/dev/random", 0666, 1, 8); // Mknod -m 666 /dev/random c 1 8
create_char_dev("/dev/urandom", 0666, 1, 9); // mknod -m 666 /dev/urandom c 1 9
create_char_dev("/dev/tty", 0666, 5, 0); // mknod -m 666 /dev/tty c 5 0
#if 0
create_dev("/dev/tty0", "mknod -m 666 /dev/tty0 c 4 0");
create_dev("/dev/console", "mknod -m 622 /dev/console c 5 1");
#endif
// pseudo-terminal
rv = mkdir("/dev/pts", 0755);
if (rv == -1)
errExit("mkdir");
if (chown("/dev/pts", 0, 0) < 0)
errExit("chown");
if (chmod("/dev/pts", 0755) < 0)
errExit("chmod");
create_char_dev("/dev/pts/ptmx", 0666, 5, 2); //"mknod -m 666 /dev/pts/ptmx c 5 2");
create_link("/dev/pts/ptmx", "/dev/ptmx");
// mount -vt devpts -o newinstance -o ptmxmode=0666 devpts //dev/pts
if (mount("devpts", "/dev/pts", "devpts", MS_MGC_VAL, "newinstance,ptmxmode=0666") < 0)
errExit("mounting /dev/pts");
#if 0
// stdin, stdout, stderr
create_link("/proc/self/fd", "/dev/fd");
create_link("/proc/self/fd/0", "/dev/stdin");
create_link("/proc/self/fd/1", "/dev/stdout");
create_link("/proc/self/fd/2", "/dev/stderr");
#endif
}
void fs_private_dev(void){
// install a new /dev directory
if (arg_debug)
printf("Mounting tmpfs on /dev\n");
// create DRI_DIR
fs_build_mnt_dir();
// keep a copy of dev directory
if (mkdir(RUN_DEV_DIR, 0755) == -1)
errExit("mkdir");
if (chmod(RUN_DEV_DIR, 0755) == -1)
errExit("chmod");
ASSERT_PERMS(RUN_DEV_DIR, 0, 0, 0755);
if (mount("/dev", RUN_DEV_DIR, NULL, MS_BIND|MS_REC, NULL) < 0)
errExit("mounting /dev/dri");
// create DEVLOG_FILE
int have_devlog = 0;
struct stat s;
if (stat("/dev/log", &s) == 0) {
have_devlog = 1;
FILE *fp = fopen(RUN_DEVLOG_FILE, "w");
if (!fp)
have_devlog = 0;
else {
fprintf(fp, "\n");
fclose(fp);
if (mount("/dev/log", RUN_DEVLOG_FILE, NULL, MS_BIND|MS_REC, NULL) < 0)
errExit("mounting /dev/log");
}
}
// mount tmpfs on top of /dev
if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0)
errExit("mounting /dev");
fs_logger("tmpfs /dev");
deventry_mount();
// bring back /dev/log
if (have_devlog) {
FILE *fp = fopen("/dev/log", "w");
if (fp) {
fprintf(fp, "\n");
fclose(fp);
if (mount(RUN_DEVLOG_FILE, "/dev/log", NULL, MS_BIND|MS_REC, NULL) < 0)
errExit("mounting /dev/log");
fs_logger("clone /dev/log");
}
}
if (mount(RUN_RO_DIR, RUN_DEV_DIR, "none", MS_BIND, "mode=400,gid=0") < 0)
errExit("disable /dev/snd");
// create /dev/shm
if (arg_debug)
printf("Create /dev/shm directory\n");
if (mkdir("/dev/shm", 01777) == -1)
errExit("mkdir");
// mkdir sets only the file permission bits
if (chmod("/dev/shm", 01777) < 0)
errExit("chmod");
ASSERT_PERMS("/dev/shm", 0, 0, 01777);
fs_logger("mkdir /dev/shm");
// create devices
create_char_dev("/dev/zero", 0666, 1, 5); // mknod -m 666 /dev/zero c 1 5
fs_logger("mknod /dev/zero");
create_char_dev("/dev/null", 0666, 1, 3); // mknod -m 666 /dev/null c 1 3
fs_logger("mknod /dev/null");
create_char_dev("/dev/full", 0666, 1, 7); // mknod -m 666 /dev/full c 1 7
fs_logger("mknod /dev/full");
create_char_dev("/dev/random", 0666, 1, 8); // Mknod -m 666 /dev/random c 1 8
fs_logger("mknod /dev/random");
create_char_dev("/dev/urandom", 0666, 1, 9); // mknod -m 666 /dev/urandom c 1 9
fs_logger("mknod /dev/urandom");
create_char_dev("/dev/tty", 0666, 5, 0); // mknod -m 666 /dev/tty c 5 0
fs_logger("mknod /dev/tty");
#if 0
create_dev("/dev/tty0", "mknod -m 666 /dev/tty0 c 4 0");
create_dev("/dev/console", "mknod -m 622 /dev/console c 5 1");
#endif
// pseudo-terminal
if (mkdir("/dev/pts", 0755) == -1)
errExit("mkdir");
if (chmod("/dev/pts", 0755) == -1)
errExit("chmod");
ASSERT_PERMS("/dev/pts", 0, 0, 0755);
fs_logger("mkdir /dev/pts");
create_char_dev("/dev/pts/ptmx", 0666, 5, 2); //"mknod -m 666 /dev/pts/ptmx c 5 2");
fs_logger("mknod /dev/pts/ptmx");
create_link("/dev/pts/ptmx", "/dev/ptmx");
// code before github issue #351
// mount -vt devpts -o newinstance -o ptmxmode=0666 devpts //dev/pts
// if (mount("devpts", "/dev/pts", "devpts", MS_MGC_VAL, "newinstance,ptmxmode=0666") < 0)
// errExit("mounting /dev/pts");
// mount /dev/pts
gid_t ttygid = get_tty_gid();
char *data;
if (asprintf(&data, "newinstance,gid=%d,mode=620,ptmxmode=0666", (int) ttygid) == -1)
errExit("asprintf");
if (mount("devpts", "/dev/pts", "devpts", MS_MGC_VAL, data) < 0)
errExit("mounting /dev/pts");
free(data);
fs_logger("clone /dev/pts");
#if 0
// stdin, stdout, stderr
create_link("/proc/self/fd", "/dev/fd");
create_link("/proc/self/fd/0", "/dev/stdin");
create_link("/proc/self/fd/1", "/dev/stdout");
create_link("/proc/self/fd/2", "/dev/stderr");
#endif
}
static void create_file(int target_fd,
const char *target_name,
exe_disk_file_t *dfile,
const char *tmpdir) {
struct stat64 *s = dfile->stat;
char tmpname[PATH_MAX];
const char *target;
int fd;
assert((target_fd == -1) ^ (target_name == NULL));
if (target_name) {
target = target_name;
} else {
sprintf(tmpname, "%s/fd%d", tmpdir, target_fd);
target = tmpname;
}
delete_file(target, 1);
// XXX get rid of me once a reasonable solution is found
s->st_uid = geteuid();
s->st_gid = getegid();
if (S_ISLNK(s->st_mode)) {
fd = create_link(target, dfile, tmpdir);
}
else if (S_ISDIR(s->st_mode)) {
fd = create_dir(target, dfile, tmpdir);
}
else if (S_ISCHR(s->st_mode)) {
fd = create_char_dev(target, dfile, tmpdir);
}
else if (S_ISFIFO(s->st_mode) ||
(target_fd==0 && (s->st_mode & S_IFMT) == 0)) { // XXX hack
fd = create_pipe(target, dfile, tmpdir);
}
else {
fd = create_reg_file(target, dfile, tmpdir);
}
if (fd >= 0) {
if (target_fd != -1) {
close(target_fd);
if (dup2(fd, target_fd) < 0) {
fprintf(stderr, "note: dup2 failed for target: %d\n", target_fd);
perror("dup2");
}
close(fd);
} else {
// Only worry about 1 vs !1
if (s->st_nlink > 1) {
char tmp2[PATH_MAX];
sprintf(tmp2, "%s/%s.link2", tmpdir, target_name);
if (link(target_name, tmp2) < 0) {
perror("link");
exit(1);
}
}
close(fd);
}
}
}
void fs_private_dev(void){
// install a new /dev directory
if (arg_debug)
printf("Mounting tmpfs on /dev\n");
// create DRI_DIR
// keep a copy of dev directory
mkdir_attr(RUN_DEV_DIR, 0755, 0, 0);
if (mount("/dev", RUN_DEV_DIR, NULL, MS_BIND|MS_REC, NULL) < 0)
errExit("mounting /dev");
// create DEVLOG_FILE
int have_devlog = 0;
struct stat s;
if (stat("/dev/log", &s) == 0) {
have_devlog = 1;
FILE *fp = fopen(RUN_DEVLOG_FILE, "w");
if (!fp)
have_devlog = 0;
else {
fprintf(fp, "\n");
fclose(fp);
if (mount("/dev/log", RUN_DEVLOG_FILE, NULL, MS_BIND|MS_REC, NULL) < 0)
errExit("mounting /dev/log");
}
}
// mount tmpfs on top of /dev
if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=755,gid=0") < 0)
errExit("mounting /dev");
fs_logger("tmpfs /dev");
// optional devices: sound, video cards etc...
deventry_mount();
// bring back /dev/log
if (have_devlog) {
FILE *fp = fopen("/dev/log", "w");
if (fp) {
fprintf(fp, "\n");
fclose(fp);
if (mount(RUN_DEVLOG_FILE, "/dev/log", NULL, MS_BIND|MS_REC, NULL) < 0)
errExit("mounting /dev/log");
fs_logger("clone /dev/log");
}
}
// bring forward the current /dev/shm directory if necessary
if (arg_debug)
printf("Process /dev/shm directory\n");
process_dev_shm();
if (mount(RUN_RO_DIR, RUN_DEV_DIR, "none", MS_BIND, "mode=400,gid=0") < 0)
errExit("disable run dev directory");
// create default devices
create_char_dev("/dev/zero", 0666, 1, 5); // mknod -m 666 /dev/zero c 1 5
fs_logger("mknod /dev/zero");
create_char_dev("/dev/null", 0666, 1, 3); // mknod -m 666 /dev/null c 1 3
fs_logger("mknod /dev/null");
create_char_dev("/dev/full", 0666, 1, 7); // mknod -m 666 /dev/full c 1 7
fs_logger("mknod /dev/full");
create_char_dev("/dev/random", 0666, 1, 8); // Mknod -m 666 /dev/random c 1 8
fs_logger("mknod /dev/random");
create_char_dev("/dev/urandom", 0666, 1, 9); // mknod -m 666 /dev/urandom c 1 9
fs_logger("mknod /dev/urandom");
create_char_dev("/dev/tty", 0666, 5, 0); // mknod -m 666 /dev/tty c 5 0
fs_logger("mknod /dev/tty");
#if 0
create_dev("/dev/tty0", "mknod -m 666 /dev/tty0 c 4 0");
create_dev("/dev/console", "mknod -m 622 /dev/console c 5 1");
#endif
// pseudo-terminal
mkdir_attr("/dev/pts", 0755, 0, 0);
fs_logger("mkdir /dev/pts");
fs_logger("create /dev/pts");
create_char_dev("/dev/pts/ptmx", 0666, 5, 2); //"mknod -m 666 /dev/pts/ptmx c 5 2");
fs_logger("mknod /dev/pts/ptmx");
create_link("/dev/pts/ptmx", "/dev/ptmx");
// code before github issue #351
// mount -vt devpts -o newinstance -o ptmxmode=0666 devpts //dev/pts
// if (mount("devpts", "/dev/pts", "devpts", MS_MGC_VAL, "newinstance,ptmxmode=0666") < 0)
// errExit("mounting /dev/pts");
// mount /dev/pts
gid_t ttygid = get_group_id("tty");
char *data;
if (asprintf(&data, "newinstance,gid=%d,mode=620,ptmxmode=0666", (int) ttygid) == -1)
errExit("asprintf");
if (mount("devpts", "/dev/pts", "devpts", MS_MGC_VAL, data) < 0)
errExit("mounting /dev/pts");
free(data);
fs_logger("clone /dev/pts");
// stdin, stdout, stderr
#if 0
create_link("/proc/self/fd", "/dev/fd");
create_link("/proc/self/fd/0", "/dev/stdin");
create_link("/proc/self/fd/1", "/dev/stdout");
create_link("/proc/self/fd/2", "/dev/stderr");
#endif
// symlinks for DVD/CD players
if (stat("/dev/sr0", &s) == 0) {
create_link("/dev/sr0", "/dev/cdrom");
create_link("/dev/sr0", "/dev/cdrw");
create_link("/dev/sr0", "/dev/dvd");
create_link("/dev/sr0", "/dev/dvdrw");
}
}
void fs_private_dev(void){
int rv;
// install a new /dev directory
if (arg_debug)
printf("Mounting tmpfs on /dev\n");
int have_dri = 0;
struct stat s;
if (stat("/dev/dri", &s) == 0)
have_dri = 1;
// create DRI_DIR
fs_build_mnt_dir();
if (have_dri) {
/* coverity[toctou] */
rv = mkdir(RUN_DRI_DIR, 0755);
if (rv == -1)
errExit("mkdir");
if (chown(RUN_DRI_DIR, 0, 0) < 0)
errExit("chown");
if (chmod(RUN_DRI_DIR, 0755) < 0)
errExit("chmod");
// keep a copy of /dev/dri under DRI_DIR
if (mount("/dev/dri", RUN_DRI_DIR, NULL, MS_BIND|MS_REC, NULL) < 0)
errExit("mounting /dev/dri");
}
// restore /dev/log
int have_devlog = 0;
if (stat("/dev/log", &s) == 0) {
have_devlog = 1;
FILE *fp = fopen(RUN_DEVLOG_FILE, "w");
if (!fp)
have_devlog = 0;
else {
fprintf(fp, "\n");
fclose(fp);
if (mount("/dev/log", RUN_DEVLOG_FILE, NULL, MS_BIND|MS_REC, NULL) < 0)
errExit("mounting /dev/log");
}
}
// mount tmpfs on top of /dev
if (mount("tmpfs", "/dev", "tmpfs", MS_NOSUID | MS_STRICTATIME | MS_REC, "mode=777,gid=0") < 0)
errExit("mounting /dev");
fs_logger("mount tmpfs on /dev");
// bring back /dev/log
if (have_devlog) {
FILE *fp = fopen("/dev/log", "w");
if (fp) {
fprintf(fp, "\n");
fclose(fp);
if (mount(RUN_DEVLOG_FILE, "/dev/log", NULL, MS_BIND|MS_REC, NULL) < 0)
errExit("mounting /dev/log");
fs_logger("clone /dev/log");
}
}
// bring back the /dev/dri directory
if (have_dri) {
/* coverity[toctou] */
rv = mkdir("/dev/dri", 0755);
if (rv == -1)
errExit("mkdir");
if (chown("/dev/dri", 0, 0) < 0)
errExit("chown");
if (chmod("/dev/dri",0755) < 0)
errExit("chmod");
if (mount(RUN_DRI_DIR, "/dev/dri", NULL, MS_BIND|MS_REC, NULL) < 0)
errExit("mounting /dev/dri");
fs_logger("clone /dev/dri");
}
// create /dev/shm
if (arg_debug)
printf("Create /dev/shm directory\n");
rv = mkdir("/dev/shm", 0777);
if (rv == -1)
errExit("mkdir");
if (chown("/dev/shm", 0, 0) < 0)
errExit("chown");
if (chmod("/dev/shm", 0777) < 0)
errExit("chmod");
fs_logger("mkdir /dev/shm");
// create devices
create_char_dev("/dev/zero", 0666, 1, 5); // mknod -m 666 /dev/zero c 1 5
fs_logger("mknod /dev/zero");
create_char_dev("/dev/null", 0666, 1, 3); // mknod -m 666 /dev/null c 1 3
fs_logger("mknod /dev/null");
create_char_dev("/dev/full", 0666, 1, 7); // mknod -m 666 /dev/full c 1 7
fs_logger("mknod /dev/full");
create_char_dev("/dev/random", 0666, 1, 8); // Mknod -m 666 /dev/random c 1 8
fs_logger("mknod /dev/random");
create_char_dev("/dev/urandom", 0666, 1, 9); // mknod -m 666 /dev/urandom c 1 9
fs_logger("mknod /dev/urandom");
create_char_dev("/dev/tty", 0666, 5, 0); // mknod -m 666 /dev/tty c 5 0
fs_logger("mknod /dev/tty");
#if 0
create_dev("/dev/tty0", "mknod -m 666 /dev/tty0 c 4 0");
create_dev("/dev/console", "mknod -m 622 /dev/console c 5 1");
#endif
// pseudo-terminal
rv = mkdir("/dev/pts", 0755);
if (rv == -1)
errExit("mkdir");
if (chown("/dev/pts", 0, 0) < 0)
errExit("chown");
if (chmod("/dev/pts", 0755) < 0)
errExit("chmod");
fs_logger("mkdir /dev/pts");
create_char_dev("/dev/pts/ptmx", 0666, 5, 2); //"mknod -m 666 /dev/pts/ptmx c 5 2");
fs_logger("mknod /dev/pts/ptmx");
create_link("/dev/pts/ptmx", "/dev/ptmx");
// mount -vt devpts -o newinstance -o ptmxmode=0666 devpts //dev/pts
if (mount("devpts", "/dev/pts", "devpts", MS_MGC_VAL, "newinstance,ptmxmode=0666") < 0)
errExit("mounting /dev/pts");
fs_logger("mount devpts");
#if 0
// stdin, stdout, stderr
create_link("/proc/self/fd", "/dev/fd");
create_link("/proc/self/fd/0", "/dev/stdin");
create_link("/proc/self/fd/1", "/dev/stdout");
create_link("/proc/self/fd/2", "/dev/stderr");
#endif
}