Created
March 14, 2020 11:29
-
-
Save glitsj16/6bb4b8b6537f056232890f78e1a22c82 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ pacman -Q firejail | |
| firejail-git 0.9.63.r5986.4b1d2b95-1 | |
| $ firejail --noprofile --noexec='$RUNUSER' --debug | |
| Autoselecting /bin/bash as shell | |
| Command name #/bin/bash# | |
| Using the local network stack | |
| Autoselecting /bin/bash as shell | |
| Command name #/bin/bash# | |
| Using the local network stack | |
| Initializing child process | |
| PID namespace installed | |
| Mounting tmpfs on /run/firejail/mnt directory | |
| Creating empty /run/firejail/mnt/seccomp directory | |
| Creating empty /run/firejail/mnt/seccomp/seccomp.protocol file | |
| Creating empty /run/firejail/mnt/seccomp/seccomp.postexec file | |
| Mounting /proc filesystem representing the PID namespace | |
| Basic read-only filesystem: | |
| Mounting read-only /etc | |
| 978 927 8:4 /etc /etc ro,relatime master:1 - ext4 /dev/sda4 rw | |
| mountid=978 fsname=/etc dir=/etc fstype=ext4 | |
| Mounting noexec /etc | |
| 979 978 8:4 /etc /etc ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda4 rw | |
| mountid=979 fsname=/etc dir=/etc fstype=ext4 | |
| Mounting read-only /var | |
| 980 927 8:4 /var /var ro,relatime master:1 - ext4 /dev/sda4 rw | |
| mountid=980 fsname=/var dir=/var fstype=ext4 | |
| Mounting noexec /var | |
| 981 980 8:4 /var /var ro,nosuid,nodev,noexec,relatime master:1 - ext4 /dev/sda4 rw | |
| mountid=981 fsname=/var dir=/var fstype=ext4 | |
| Mounting read-only /usr | |
| 982 927 8:4 /usr /usr ro,relatime master:1 - ext4 /dev/sda4 rw | |
| mountid=982 fsname=/usr dir=/usr fstype=ext4 | |
| Mounting tmpfs on /var/lock | |
| Mounting tmpfs on /var/tmp | |
| Mounting tmpfs on /var/log | |
| Create the new utmp file | |
| Mount the new utmp file | |
| Cleaning /home directory | |
| Cleaning /run/user directory | |
| Sanitizing /etc/passwd, UID_MIN 1000 | |
| Sanitizing /etc/group, GID_MIN 1000 | |
| Disable /run/firejail/network | |
| Disable /run/firejail/bandwidth | |
| Disable /run/firejail/name | |
| Disable /run/firejail/profile | |
| Disable /run/firejail/x11 | |
| Mounting read-only /proc/sys | |
| Remounting /sys directory | |
| Disable /sys/firmware | |
| Disable /sys/hypervisor | |
| Disable /sys/power | |
| Disable /sys/kernel/debug | |
| Disable /sys/kernel/vmcoreinfo | |
| Disable /proc/sys/fs/binfmt_misc | |
| Disable /proc/sys/kernel/core_pattern | |
| Disable /proc/sys/kernel/modprobe | |
| Disable /proc/sysrq-trigger | |
| Disable /proc/sys/vm/panic_on_oom | |
| Disable /proc/irq | |
| Disable /proc/bus | |
| Disable /proc/timer_list | |
| Disable /proc/kcore | |
| Disable /proc/kallsyms | |
| Disable /usr/lib/modules (requested /lib/modules) | |
| Disable /boot | |
| Disable /dev/port | |
| Disable /run/user/1001/gnupg | |
| Disable /run/user/1001/systemd | |
| Disable /dev/kmsg | |
| Disable /proc/kmsg | |
| Disable /sys/fs | |
| Disable /sys/module | |
| Mounting noexec /run/firejail/mnt/pulse | |
| 1960 975 0:75 /pulse /run/firejail/mnt/pulse rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755 | |
| mountid=1960 fsname=/pulse dir=/run/firejail/mnt/pulse fstype=tmpfs | |
| Mounting /run/firejail/mnt/pulse on /home/glitsj16/.config/pulse | |
| 1961 992 0:75 /pulse /home/glitsj16/.config/pulse rw,nosuid,nodev,noexec - tmpfs tmpfs rw,mode=755 | |
| mountid=1961 fsname=/pulse dir=/home/glitsj16/.config/pulse fstype=tmpfs | |
| Current directory: /home/glitsj16/Downloads | |
| Mounting read-only /run/firejail/mnt/seccomp | |
| 1962 975 0:75 /seccomp /run/firejail/mnt/seccomp ro,nosuid - tmpfs tmpfs rw,mode=755 | |
| mountid=1962 fsname=/seccomp dir=/run/firejail/mnt/seccomp fstype=tmpfs | |
| Drop privileges: pid 1, uid 1001, gid 1001, nogroups 0 | |
| firejail /bin/bash | |
| starting application | |
| LD_PRELOAD=(null) | |
| Running /bin/bash command through /bin/bash | |
| execvp argument 0: /bin/bash | |
| execvp argument 1: -c | |
| execvp argument 2: /bin/bash | |
| glitsj16@lab:~/Downloads | |
| TARGET SOURCE FSTYPE OPTIONS | |
| /run run tmpfs rw,nosuid,nodev,relatime,mode=755 | |
| ├─/run/user/1001 tmpfs tmpfs rw,nosuid,nodev,relatime,size=399672k,mode=700,uid=1001,gid=1001 | |
| │ └─/run/user/1001/gvfs gvfsd-fuse fuse.gvfsd-fuse rw,nosuid,nodev,relatime,user_id=1001,group_id=1001 | |
| ├─/run/firejail/mnt tmpfs tmpfs rw,nosuid,mode=755 | |
| │ ├─/run/firejail/mnt/orig-home /dev/sda4[/home/glitsj16] ext4 rw,relatime | |
| │ │ ├─/run/firejail/mnt/orig-home/.buildzone/00.tmpfs tmpfs tmpfs rw,noatime,uid=1001,gid=1001 | |
| │ │ ├─/run/firejail/mnt/orig-home/.ccache tmpfs tmpfs rw,noatime,uid=1001,gid=1001 | |
| │ │ ├─/run/firejail/mnt/orig-home/.sccache.sda4 tmpfs tmpfs rw,noatime,uid=1001,gid=1001 | |
| │ │ └─/run/firejail/mnt/orig-home tmpfs tmpfs rw,nosuid,nodev,mode=755 | |
| │ ├─/run/firejail/mnt/orig-run tmpfs tmpfs rw,nosuid,nodev,relatime,size=399672k,mode=700,uid=1001,gid=1001 | |
| │ │ ├─/run/firejail/mnt/orig-run/gvfs gvfsd-fuse fuse.gvfsd-fuse rw,nosuid,nodev,relatime,user_id=1001,group_id=1001 | |
| │ │ └─/run/firejail/mnt/orig-run tmpfs tmpfs rw,nosuid,nodev,mode=755 | |
| │ ├─/run/firejail/mnt/pulse tmpfs[/pulse] tmpfs rw,nosuid,nodev,noexec,mode=755 | |
| │ └─/run/firejail/mnt/seccomp tmpfs[/seccomp] tmpfs ro,nosuid,mode=755 | |
| ├─/run/firejail/lib /dev/sda4[/usr/lib/firejail] ext4 rw,relatime | |
| ├─/run/lock tmpfs tmpfs rw,nosuid,nodev,noexec | |
| ├─/run/utmp tmpfs[/utmp] tmpfs rw,nosuid,mode=755 | |
| ├─/run/user tmpfs tmpfs rw,nosuid,nodev,mode=755 | |
| │ └─/run/user/1001 tmpfs tmpfs rw,nosuid,nodev,relatime,size=399672k,mode=700,uid=1001,gid=1001 | |
| │ ├─/run/user/1001/gnupg run[/firejail/firejail.ro.dir] tmpfs rw,nosuid,nodev,relatime,mode=755 | |
| │ ├─/run/user/1001/systemd run[/firejail/firejail.ro.dir] tmpfs rw,nosuid,nodev,relatime,mode=755 | |
| │ └─/run/user/1001/gvfs gvfsd-fuse fuse.gvfsd-fuse rw,nosuid,nodev,relatime,user_id=1001,group_id=1001 | |
| ├─/run/firejail/network run[/firejail/firejail.ro.dir] tmpfs rw,nosuid,nodev,relatime,mode=755 | |
| ├─/run/firejail/bandwidth run[/firejail/firejail.ro.dir] tmpfs rw,nosuid,nodev,relatime,mode=755 | |
| ├─/run/firejail/name run[/firejail/firejail.ro.dir] tmpfs rw,nosuid,nodev,relatime,mode=755 | |
| ├─/run/firejail/profile run[/firejail/firejail.ro.dir] tmpfs rw,nosuid,nodev,relatime,mode=755 | |
| └─/run/firejail/x11 run[/firejail/firejail.ro.dir] tmpfs rw,nosuid,nodev,relatime,mode=755 | |
| TARGET SOURCE FSTYPE OPTIONS | |
| /run run tmpfs rw,nosuid,nodev,relatime,mode=755 | |
| ├─/run/user/1001 tmpfs tmpfs rw,nosuid,nodev,relatime,size=399672k,mode=700,uid=1001,gid=1001 | |
| │ └─/run/user/1001/gvfs gvfsd-fuse fuse.gvfsd-fuse rw,nosuid,nodev,relatime,user_id=1001,group_id=1001 | |
| ├─/run/firejail/mnt tmpfs tmpfs rw,nosuid,mode=755 | |
| │ ├─/run/firejail/mnt/orig-home /dev/sda4[/home/glitsj16] ext4 rw,relatime | |
| │ │ ├─/run/firejail/mnt/orig-home/.buildzone/00.tmpfs tmpfs tmpfs rw,noatime,uid=1001,gid=1001 | |
| │ │ ├─/run/firejail/mnt/orig-home/.ccache tmpfs tmpfs rw,noatime,uid=1001,gid=1001 | |
| │ │ ├─/run/firejail/mnt/orig-home/.sccache.sda4 tmpfs tmpfs rw,noatime,uid=1001,gid=1001 | |
| │ │ └─/run/firejail/mnt/orig-home tmpfs tmpfs rw,nosuid,nodev,mode=755 | |
| │ ├─/run/firejail/mnt/orig-run tmpfs tmpfs rw,nosuid,nodev,relatime,size=399672k,mode=700,uid=1001,gid=1001 | |
| │ │ ├─/run/firejail/mnt/orig-run/gvfs gvfsd-fuse fuse.gvfsd-fuse rw,nosuid,nodev,relatime,user_id=1001,group_id=1001 | |
| │ │ └─/run/firejail/mnt/orig-run tmpfs tmpfs rw,nosuid,nodev,mode=755 | |
| │ ├─/run/firejail/mnt/pulse tmpfs[/pulse] tmpfs rw,nosuid,nodev,noexec,mode=755 | |
| │ └─/run/firejail/mnt/seccomp tmpfs[/seccomp] tmpfs ro,nosuid,mode=755 | |
| ├─/run/firejail/lib /dev/sda4[/usr/lib/firejail] ext4 rw,relatime | |
| ├─/run/lock tmpfs tmpfs rw,nosuid,nodev,noexec | |
| ├─/run/utmp tmpfs[/utmp] tmpfs rw,nosuid,mode=755 | |
| ├─/run/user tmpfs tmpfs rw,nosuid,nodev,mode=755 | |
| │ └─/run/user/1001 tmpfs tmpfs rw,nosuid,nodev,relatime,size=399672k,mode=700,uid=1001,gid=1001 | |
| │ ├─/run/user/1001/gnupg run[/firejail/firejail.ro.dir] tmpfs rw,nosuid,nodev,relatime,mode=755 | |
| │ ├─/run/user/1001/systemd run[/firejail/firejail.ro.dir] tmpfs rw,nosuid,nodev,relatime,mode=755 | |
| │ └─/run/user/1001/gvfs gvfsd-fuse fuse.gvfsd-fuse rw,nosuid,nodev,relatime,user_id=1001,group_id=1001 | |
| ├─/run/firejail/network run[/firejail/firejail.ro.dir] tmpfs rw,nosuid,nodev,relatime,mode=755 | |
| ├─/run/firejail/bandwidth run[/firejail/firejail.ro.dir] tmpfs rw,nosuid,nodev,relatime,mode=755 | |
| ├─/run/firejail/name run[/firejail/firejail.ro.dir] tmpfs rw,nosuid,nodev,relatime,mode=755 | |
| ├─/run/firejail/profile run[/firejail/firejail.ro.dir] tmpfs rw,nosuid,nodev,relatime,mode=755 | |
| └─/run/firejail/x11 run[/firejail/firejail.ro.dir] tmpfs rw,nosuid,nodev,relatime,mode=755 | |
| glitsj16@lab:~/Downloads |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment