minimalistic-mountns: Add /dev/log. am: 7394b9060c
am: e94d30cb0c
Change-Id: Ie03ce27a7149e135c2e6e8f42bdab864f97df8b6
diff --git a/minijail0.1 b/minijail0.1
index 6f85f87..0fbf38e 100644
--- a/minijail0.1
+++ b/minijail0.1
@@ -299,7 +299,7 @@
.TP
\fBminimalistic-mountns\fR
Set up a minimalistic mount namespace. Equivalent to \fB-v -P /var/empty
--b /,/ -b /proc,/proc -t -r --mount-dev\fR.
+-b / -b /proc -b /dev/log -t -r --mount-dev\fR.
.SH IMPLEMENTATION
This program is broken up into two parts: \fBminijail0\fR (the frontend) and a helper
library called \fBlibminijailpreload\fR. Some jailings can only be achieved
diff --git a/minijail0_cli.c b/minijail0_cli.c
index d5b09f7..807e567 100644
--- a/minijail0_cli.c
+++ b/minijail0_cli.c
@@ -372,11 +372,15 @@
if (!strcmp(profile, "minimalistic-mountns")) {
minijail_namespace_vfs(j);
if (minijail_bind(j, "/", "/", 0)) {
- fprintf(stderr, "minijail_bind failed.\n");
+ fprintf(stderr, "minijail_bind(/) failed.\n");
exit(1);
}
if (minijail_bind(j, "/proc", "/proc", 0)) {
- fprintf(stderr, "minijail_bind failed.\n");
+ fprintf(stderr, "minijail_bind(/proc) failed.\n");
+ exit(1);
+ }
+ if (minijail_bind(j, "/dev/log", "/dev/log", 0)) {
+ fprintf(stderr, "minijail_bind(/dev/log) failed.\n");
exit(1);
}
minijail_mount_dev(j);
