From: Kunhoon Baik <knhoon.baik@samsung.com>
Date: Wed, 21 Jul 2021 08:44:08 +0000 (+0900)
Subject: Add /dev and /tmp for Testing
X-Git-Tag: submit/tizen/20210825.085400~6
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=bb579d5a4c1c889a1547f228b006bdd281ee307f;p=platform%2Fupstream%2Fnsjail.git

Add /dev and /tmp for Testing

 - some program may access to /dev/random by using random function
   For that, add /dev bind mount until finding better way

 - Tizen application cannot write some volatile data to /opt/var
   For that, provide /tmp mount until finding better way
---

diff --git a/test/runner-sandbox.cfg b/test/runner-sandbox.cfg
index f5767af..1d11ac4 100644
--- a/test/runner-sandbox.cfg
+++ b/test/runner-sandbox.cfg
@@ -88,14 +88,50 @@ mount {
 }
 
 mount {
-    src: "/usr"
-    dst: "/usr"
+    src: "/usr/share"
+    dst: "/usr/share"
     is_bind: true
     nosuid: true
     nodev: true
     rw: false
 }
 
+mount {
+    src: "/usr/lib"
+    dst: "/usr/lib"
+    is_bind: true
+    nosuid: true
+    nodev: true
+    rw: false
+}
+
+mount {
+    src: "/usr/bin"
+    dst: "/usr/bin"
+    is_bind: true
+    nosuid: true
+    nodev: true
+    rw: false
+}
+
+mount {
+    src: "/tmp"
+    dst: "/tmp"
+    is_bind: true
+    nosuid: true
+    nodev: true
+    rw: true
+}
+
+mount {
+    src: "/dev"
+    dst: "/dev"
+    is_bind: true
+    nosuid: true
+    nodev: false
+    rw: false
+}
+
 # Seccomp settings
 seccomp_string: "ALLOW {"
 seccomp_string: "    SYSCALL[1]," #exit