#!/bin/sh
-########################################################################
-# Begin $rc_base/init.d/mountkernfs
-#
-# Description : Mount proc and sysfs
-#
-# Authors : Gerard Beekmans - gerard@linuxfromscratch.org
-#
-# Version : 00.00
-#
-# Notes :
-#
-########################################################################
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
. /etc/sysconfig/rc
. ${rc_functions}
if ! mountpoint /proc &> /dev/null; then
boot_mesg -n " /proc" ${NORMAL}
- mount -n -t proc /proc /proc || failed=1
+ mount -n -t proc -o nosuid,nodev,noexec /proc /proc || failed=1
fi
if ! mountpoint /sys &> /dev/null; then
boot_mesg -n " /sys" ${NORMAL}
- mount -n -t sysfs /sys /sys || failed=1
+ mount -n -t sysfs -o nosuid,nodev,noexec /sys /sys || failed=1
fi
if ! mountpoint /run &> /dev/null; then
boot_mesg -n " /run" ${NORMAL}
- mount -n -t tmpfs -o nosuid,nodev,mode=755,size=8M /run /run || failed=1
+ mount -n -t tmpfs -o nosuid,nodev,noexec,mode=755,size=8M /run /run || failed=1
fi
+ if ! mountpoint /sys/fs/cgroup &> /dev/null; then
+ boot_mesg -n " /sys/fs/cgroup" ${NORMAL}
+ mount -t cgroup2 none /sys/fs/cgroup || failed=1
+ fi
+
+ if ! mountpoint /sys/firmware/efi/efivars &>/dev/null && [ -d "/sys/firmware/efi" ]; then
+ boot_mesg -n " /sys/firmware/efi/efivars" ${NORMAL}
+ mount -t efivarfs efivarfs /sys/firmware/efi/efivars || failed=1
+ fi
+
+ # create folder for dhcpcd changeroot
+ mkdir -p /run/dhcpcd/chroot
+ chown dhcpcd:dhcpcd /run/dhcpcd/chroot
+ chmod 750 /run/dhcpcd/chroot
+
boot_mesg "" ${NORMAL}
(exit ${failed})
exit 1
;;
esac
-
-# End $rc_base/init.d/mountkernfs