f9402ea965
We should have no symlinks in the jail whatsoever, except those we create to files known to exist in the jail. Unfortunately, some systems have some of the /etc files as symlinks. When we create hard-links to these files, they can't be accessed from the jail, since the path they point to isn't replicated in systemplate and jails. First change here is to always link to the source file or, when copying, to copy the source rather than a symlink. Next, to detect modifications, we compare not just the size and timestamp, but also the contents. This way we can be certain that any modification will be detected. Finally, when we copy at least one file in the systemplate/etc directory, we flag it by creating the 'copied' file. This way we have a reliable indicator and don't need to second guess if the files are hard-linked or copied. We also avoid some noisy errors when we fail to update systemplate when it's read-only by first checking if systemplate is writable or not and insue a friendly log instead. Change-Id: Ie8c3e70ea4ec19ee098309f8666c00639fa7319b |
||
---|---|---|
.. | ||
Authorization.cpp | ||
Authorization.hpp | ||
Clipboard.hpp | ||
Common.hpp | ||
Crypto.cpp | ||
Crypto.hpp | ||
FileUtil.cpp | ||
FileUtil.hpp | ||
JailUtil.cpp | ||
JailUtil.hpp | ||
JsonUtil.hpp | ||
Log.cpp | ||
Log.hpp | ||
LOOLWebSocket.hpp | ||
Message.hpp | ||
MessageQueue.cpp | ||
MessageQueue.hpp | ||
MobileApp.cpp | ||
MobileApp.hpp | ||
Png.hpp | ||
Protocol.cpp | ||
Protocol.hpp | ||
Rectangle.hpp | ||
RenderTiles.hpp | ||
Seccomp.cpp | ||
Seccomp.hpp | ||
security.h | ||
Session.cpp | ||
Session.hpp | ||
SigUtil.cpp | ||
SigUtil.hpp | ||
SpookyV2.cpp | ||
SpookyV2.h | ||
StringVector.cpp | ||
StringVector.hpp | ||
Unit.cpp | ||
Unit.hpp | ||
UnitHTTP.hpp | ||
Util.cpp | ||
Util.hpp |