private-lib: check firejail libraries as root user (#4576)

users, and fldd in particular, might have no read permission on the firejail executable, make that ok by running fldd as root
netblue30 · Sep 25, 2021 · 5025f4f · 5025f4f
1 parent 05374b0
commit 5025f4f
Showing 1 changed file with 4 additions and 2 deletions.
diff --git a/src/firejail/fs_lib2.c b/src/firejail/fs_lib2.c
@@ -143,7 +143,7 @@ static void fdir(void) {
  NULL,
  };
 
- // need to parse as root user, unprivileged users have no read permission on executables
+ // need to parse as root user, unprivileged users have no read permission on some of these binaries
  int i;
  for (i = 0; fbin[i]; i++)
  fslib_mount_libs(fbin[i], 0);
@@ -153,7 +153,9 @@ void fslib_install_firejail(void) {
  timetrace_start();
  // bring in firejail executable libraries, in case we are redirected here
  // by a firejail symlink from /usr/local/bin/firejail
- fslib_mount_libs(PATH_FIREJAIL, 1); // parse as user
+ // fldd might have no read permission on the firejail executable
+ // parse as root in order to support these setups
+ fslib_mount_libs(PATH_FIREJAIL, 0);
 
  // bring in firejail directory
  fdir();