configs/bash: add noexec/nodev/nosuid to a mount

diff --git a/configs/bash-with-fake-geteuid.cfg b/configs/bash-with-fake-geteuid.cfg
index 4743619..660cb4d 100644 (file)
--- a/configs/bash-with-fake-geteuid.cfg
+++ b/configs/bash-with-fake-geteuid.cfg
@@ -121,6 +121,9 @@ mount {
        fstype: "tmpfs"
        rw: true
        is_bind: false
+       noexec: true
+       nodev: true
+       nosuid: true
 }
 
 mount {

diff --git a/subproc.cc b/subproc.cc
index 1502026..339b5bf 100644 (file)
--- a/subproc.cc
+++ b/subproc.cc
@@ -301,18 +301,15 @@ static int reapProc(nsjconf_t* nsjconf, pid_t pid, bool should_wait = false) {
                }
 
                if (WIFEXITED(status)) {
-                       LOG_I("PID: %d (%s) exited with status: %d, (PIDs left: %d)",
-                           pid, remote_txt.c_str(), WEXITSTATUS(status),
-                           countProc(nsjconf) - 1);
+                       LOG_I("PID: %d (%s) exited with status: %d, (PIDs left: %d)", pid,
+                           remote_txt.c_str(), WEXITSTATUS(status), countProc(nsjconf) - 1);
                        removeProc(nsjconf, pid);
                        return WEXITSTATUS(status);
                }
                if (WIFSIGNALED(status)) {
-                       LOG_I(
-                           "PID: %d (%s) terminated with signal: %s (%d), (PIDs left: %d)",
-                           pid, remote_txt.c_str(),
-                           util::sigName(WTERMSIG(status)).c_str(), WTERMSIG(status),
-                           countProc(nsjconf) - 1);
+                       LOG_I("PID: %d (%s) terminated with signal: %s (%d), (PIDs left: %d)", pid,
+                           remote_txt.c_str(), util::sigName(WTERMSIG(status)).c_str(),
+                           WTERMSIG(status), countProc(nsjconf) - 1);
                        removeProc(nsjconf, pid);
                        return 128 + WTERMSIG(status);
                }