Mount /dev/mqueue if missing and set sticky bit to /dev/shm

Inspired by Alpine Linux, add /dev/mqueue if missing. We should check the /proc/filesystems first, but this is quicker. The sticky bit ensures only the owner of files in /dev/shm can delete or rename files. This is also what Alpine Linux use. Signed-off-by: Joachim Wiberg <[email protected]>
troglobit · Jan 6, 2024 · 337ee00 · 337ee00
1 parent 791df0c
commit 337ee00
Showing 1 changed file with 11 additions and 3 deletions.
diff --git a/src/finit.c b/src/finit.c
@@ -355,15 +355,17 @@ static void fs_remount_root(int fsckerr)
  */
 static void fs_finalize(void)
 {
+	int flags = MS_NOEXEC | MS_NOSUID;
+
 	/*
 	 * Some systems rely on us to both create /dev/shm and, to mount
 	 * a tmpfs there.  Any system with dbus needs shared memory, so
 	 * mount it, unless its already mounted, but not if listed in
 	 * the /etc/fstab file already.
 	 */
 	if (!fismnt("/dev/shm")) {
-		makedir("/dev/shm", 0777);
-		fs_mount("shm", "/dev/shm", "tmpfs", 0, "mode=0777");
+		makedir("/dev/shm", 1777);
+		fs_mount("shm", "/dev/shm", "tmpfs", flags | MS_NODEV, "mode=1777");
 	}
 
 	/* Modern systems use /dev/pts */
@@ -381,7 +383,13 @@ static void fs_finalize(void)
 		snprintf(opts, sizeof(opts), "gid=%d,mode=%d,ptmxmode=0666", gid, mode);
 
 		makedir("/dev/pts", 0755);
-		fs_mount("devpts", "/dev/pts", "devpts", MS_NOSUID | MS_NOEXEC, opts);
+		fs_mount("devpts", "/dev/pts", "devpts", flags, opts);
+	}
+
+	/* Needed on systems like Alpine Linux */
+	if (!fismnt("/dev/mqueue")) {
+		makedir("/dev/mqueue", 1777);
+		fs_mount("mqueue", "/dev/mqueue", "tmpfs", flags | MS_NODEV, NULL);
 	}
 
 	/*