fix

usr/bin/remount-secure

@@ -170,13 +170,13 @@ _dev_shm() {
 }
 
 _tmp() {
-   mount_folder="/tmp"
+   mount_folder="$NEWROOT/tmp"
    intended_mount_options="nosuid,nodev${noexec_maybe}"
    remount_secure "$@"
 }
 
 _var() {
-   mount_folder="/var"
+   mount_folder="$NEWROOT/var"
    ## TODO: nodev? noexec?
    intended_mount_options="nosuid"
    remount_secure "$@"
@@ -189,20 +189,13 @@ _var_tmp() {
 }
 
 _var_log() {
-   mount_folder="/var/log"
+   mount_folder="$NEWROOT/var/log"
-   intended_mount_options="nosuid,nodev,noexec"
-   remount_secure "$@"
-}
-
-_var_log_audit() {
-   mount_folder="/var/log/audit"
    intended_mount_options="nosuid,nodev,noexec"
    remount_secure "$@"
 }
 
 ## https://forums.whonix.org/t/re-mount-home-and-other-with-noexec-and-nosuid-among-other-useful-mount-options-for-better-security/7707/25
 _lib() {
-   ## TODO: NEWROOT?
    mount_folder="$NEWROOT/lib"
    ## Not using noexec on /lib.
    intended_mount_options="nosuid,nodev"
@@ -240,10 +233,7 @@ main() {
    #_var
 
    _var_tmp
-
+   _var_log
-   ## TODO: ?
-   #_var_log
-   #_var_log_audit
 
    ## TODO: broken?
    #_lib