Fixed --sandbox-server active ulimit(2) if being executed by mount(8).

diff --git a/src/libcaptive/sandbox/split.c b/src/libcaptive/sandbox/split.c
index b902a58..c2fdd07 100644 (file)
--- a/src/libcaptive/sandbox/split.c
+++ b/src/libcaptive/sandbox/split.c
@@ -657,6 +657,11 @@ struct dirent *dirent;
                child_chroot_parent_own_orbit_dir=captive_printf_alloca("%s/%s",child_chroot_pid_hashkey_dir,sandbox_parent_own_orbit_dir);
                errint=mkdir(child_chroot_parent_own_orbit_dir,0777);
                g_assert(errint==0);
+               /* chmod(2) it to prevent mode limitation by
+                * active ulimit(2) of being executed by mount(8).
+                */
+               errint=chmod(child_chroot_parent_own_orbit_dir,0777);
+               g_assert(errint==0);
                child_chroot_parent_own_orbit_socket=captive_printf_alloca("%s/%s",
                                child_chroot_pid_hashkey_dir,sandbox_parent_own_orbit_socket);
                errint=link(sandbox_parent_own_orbit_socket,child_chroot_parent_own_orbit_socket);