From patchwork Mon Jul 20 20:42:33 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Etienne Champetier <champetier.etienne@gmail.com>
X-Patchwork-Id: 497901
Return-Path: <openwrt-devel-bounces@lists.openwrt.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from arrakis.dune.hu (arrakis.dune.hu [78.24.191.176])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id DC32E14076E
	for <incoming@patchwork.ozlabs.org>;
	Tue, 21 Jul 2015 06:43:57 +1000 (AEST)
Received: from arrakis.dune.hu (localhost [127.0.0.1])
	by arrakis.dune.hu (Postfix) with ESMTP id D8D4628BEA5;
	Mon, 20 Jul 2015 22:42:43 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on arrakis.dune.hu
X-Spam-Level: 
X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00,FREEMAIL_FROM,
	T_RP_MATCHES_RCVD autolearn=unavailable version=3.3.2
Received: from arrakis.dune.hu (localhost [127.0.0.1])
	by arrakis.dune.hu (Postfix) with ESMTP id 5986128BC85
	for <openwrt-devel@lists.openwrt.org>;
	Mon, 20 Jul 2015 22:42:29 +0200 (CEST)
X-policyd-weight: using cached result; rate: -8.5
Received: from ns3354555.champetier.me (ns3354555.champetier.me
	[37.187.20.53]) by arrakis.dune.hu (Postfix) with ESMTP
	for <openwrt-devel@lists.openwrt.org>;
	Mon, 20 Jul 2015 22:42:29 +0200 (CEST)
Received: by ns3354555.champetier.me (Postfix, from userid 1000)
	id 1AE283C74180; Mon, 20 Jul 2015 22:42:55 +0200 (CEST)
From: Etienne CHAMPETIER <champetier.etienne@gmail.com>
To: OpenWrt Development List <openwrt-devel@lists.openwrt.org>
Date: Mon, 20 Jul 2015 22:42:33 +0200
Message-Id: <1437424953-29575-2-git-send-email-champetier.etienne@gmail.com>
X-Mailer: git-send-email 2.4.3
In-Reply-To: <1437424953-29575-1-git-send-email-champetier.etienne@gmail.com>
References: <1437424953-29575-1-git-send-email-champetier.etienne@gmail.com>
Subject: [OpenWrt-Devel] [PATCH 2/2] dnsmasq: add some missing files to the
	jail
X-BeenThere: openwrt-devel@lists.openwrt.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OpenWrt Development List <openwrt-devel.lists.openwrt.org>
List-Unsubscribe: 
 <https://lists.openwrt.org/cgi-bin/mailman/options/openwrt-devel>,
	<mailto:openwrt-devel-request@lists.openwrt.org?subject=unsubscribe>
List-Archive: <http://lists.openwrt.org/pipermail/openwrt-devel/>
List-Post: <mailto:openwrt-devel@lists.openwrt.org>
List-Help: <mailto:openwrt-devel-request@lists.openwrt.org?subject=help>
List-Subscribe: 
 <https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel>,
	<mailto:openwrt-devel-request@lists.openwrt.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: openwrt-devel-bounces@lists.openwrt.org
Sender: "openwrt-devel" <openwrt-devel-bounces@lists.openwrt.org>

found with strace, not sure we got all of them though

Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
---
 package/network/services/dnsmasq/files/dnsmasq.init | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package/network/services/dnsmasq/files/dnsmasq.init b/package/network/services/dnsmasq/files/dnsmasq.init
index b0a5fbc..676c4b7 100644
--- a/package/network/services/dnsmasq/files/dnsmasq.init
+++ b/package/network/services/dnsmasq/files/dnsmasq.init
@@ -556,7 +556,7 @@ start_service() {
 	procd_set_param respawn
 
 	procd_add_jail dnsmasq ubus log
-	procd_add_jail_mount $CONFIGFILE $TRUSTANCHORSFILE $HOSTFILE /etc/passwd /dev/urandom /etc/dnsmasq.conf /tmp/dnsmasq.d /tmp/resolv.conf.auto /etc/hosts /etc/ethers
+	procd_add_jail_mount $CONFIGFILE $TRUSTANCHORSFILE $HOSTFILE /etc/passwd /etc/group /etc/TZ /dev/null /dev/urandom /etc/dnsmasq.conf /tmp/dnsmasq.d /tmp/resolv.conf.auto /etc/hosts /etc/ethers
 	procd_add_jail_mount_rw /var/run/dnsmasq/ /tmp/dhcp.leases $TIMESTAMPFILE
 	
 	procd_close_instance