Hi,
> Warning: allusers option disabled by private or whitelist option
Because of this, inside jails started with private or whitelist options,
/home remains masked, so files encrypted with fscrypt remain inaccessible.
在 2020/1/25 下午8:48, Reiner Herrmann 写道:
> On Sat, Jan 25, 2020 at 08:15:11PM +0800, Mad Horse wrote:
>> Sadly they have no effect, because a tmpfs is mounted on /home, masked
>> over /home/.fscrypt .
>> A case like this can usually be resolved by adding
>>> mkdir <path>
>>> whitelist <path>
>> in profiles, but unfortunately, "mkdir" only works in ${HOME} and /tmp, so
>> it seems to be still unsolvable under current version of firejail.
> I just asked on the upstream tracker about it [0] and already got a
> suggestion by rusty-snake that could help.
> Can you please try the "--allusers" option?
> (It can also be put into profiles)
>
> At least during my test all files/directories from /home
> were than available inside the jail.
>
> [0] https://github.com/netblue30/firejail/issues/3185
