From 5a8a178290ee560caa77ef80ad12172a0c0f9ad1 Mon Sep 17 00:00:00 2001
From: Robert Swiecki <robert@swiecki.net>
Date: Fri, 27 Jul 2018 22:54:28 +0200
Subject: [PATCH] configs/bash: add noexec/nodev/nosuid to a mount

---
 configs/bash-with-fake-geteuid.cfg |  3 +++
 subproc.cc                         | 13 +++++--------
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/configs/bash-with-fake-geteuid.cfg b/configs/bash-with-fake-geteuid.cfg
index 4743619..660cb4d 100644
--- a/configs/bash-with-fake-geteuid.cfg
+++ b/configs/bash-with-fake-geteuid.cfg
@@ -121,6 +121,9 @@ mount {
 	fstype: "tmpfs"
 	rw: true
 	is_bind: false
+	noexec: true
+	nodev: true
+	nosuid: true
 }
 
 mount {
diff --git a/subproc.cc b/subproc.cc
index 1502026..339b5bf 100644
--- a/subproc.cc
+++ b/subproc.cc
@@ -301,18 +301,15 @@ static int reapProc(nsjconf_t* nsjconf, pid_t pid, bool should_wait = false) {
 		}
 
 		if (WIFEXITED(status)) {
-			LOG_I("PID: %d (%s) exited with status: %d, (PIDs left: %d)",
-			    pid, remote_txt.c_str(), WEXITSTATUS(status),
-			    countProc(nsjconf) - 1);
+			LOG_I("PID: %d (%s) exited with status: %d, (PIDs left: %d)", pid,
+			    remote_txt.c_str(), WEXITSTATUS(status), countProc(nsjconf) - 1);
 			removeProc(nsjconf, pid);
 			return WEXITSTATUS(status);
 		}
 		if (WIFSIGNALED(status)) {
-			LOG_I(
-			    "PID: %d (%s) terminated with signal: %s (%d), (PIDs left: %d)",
-			    pid, remote_txt.c_str(),
-			    util::sigName(WTERMSIG(status)).c_str(), WTERMSIG(status),
-			    countProc(nsjconf) - 1);
+			LOG_I("PID: %d (%s) terminated with signal: %s (%d), (PIDs left: %d)", pid,
+			    remote_txt.c_str(), util::sigName(WTERMSIG(status)).c_str(),
+			    WTERMSIG(status), countProc(nsjconf) - 1);
 			removeProc(nsjconf, pid);
 			return 128 + WTERMSIG(status);
 		}
-- 
2.7.4