This commit is contained in:
Patrick Schleizer 2023-10-22 14:44:58 -04:00
parent 7c0ea4324a
commit c85db586ca
No known key found for this signature in database
GPG Key ID: CB8D50BB77BB3C48

View File

@ -188,6 +188,18 @@ _var_tmp() {
remount_secure "$@" remount_secure "$@"
} }
_var_log() {
mount_folder="/var/log"
intended_mount_options="nosuid,nodev,noexec"
remount_secure "$@"
}
_var_log_audit() {
mount_folder="/var/log/audit"
intended_mount_options="nosuid,nodev,noexec"
remount_secure "$@"
}
## https://forums.whonix.org/t/re-mount-home-and-other-with-noexec-and-nosuid-among-other-useful-mount-options-for-better-security/7707/25 ## https://forums.whonix.org/t/re-mount-home-and-other-with-noexec-and-nosuid-among-other-useful-mount-options-for-better-security/7707/25
_lib() { _lib() {
## TODO: NEWROOT? ## TODO: NEWROOT?
@ -230,6 +242,10 @@ main() {
_var_tmp "$@" _var_tmp "$@"
## TODO: ?
#_var_log
#_var_log_audit
## TODO: broken? ## TODO: broken?
#_lib "$@" #_lib "$@"