- if [ -z "$fastboot" -a "$_ROOTFS_TYPE" != "aufs" -a "$_ROOTFS_TYPE" != "nfs" -a "$_ROOTFS_TYPE" != "romfs" -a "$_ROOTFS_TYPE" != "squashfs" -a "$_ROOTFS_PASSNO" != 0 -a -e $_ROOTFS_DEVICE ] && [[ "$container" != lxc* ]]; then
+ if [ -z "$fastboot" -a "$_ROOTFS_TYPE" != "aufs" -a "$_ROOTFS_TYPE" != "nfs" -a "$_ROOTFS_TYPE" != "romfs" -a "$_ROOTFS_TYPE" != "tmpfs" -a "$_ROOTFS_TYPE" != "squashfs" -a "$_ROOTFS_PASSNO" != 0 -a -e $_ROOTFS_DEVICE ] && [[ "$container" != lxc* ]]; then
check_root_fs
fi
check_root_fs
fi
@@ -643,7+641,7 @@ if ! is_yes "$VSERVER" && [[ "$container" != lxc* ]]; then
mount -f -t devtmpfs devtmpfs /dev 2> /dev/null
fi
if is_fsmounted tmpfs /run; then
mount -f -t devtmpfs devtmpfs /dev 2> /dev/null
fi
if is_fsmounted tmpfs /run; then
- mount -f -t tmpfs run /run 2> /dev/null
+ mount -f -t tmpfs run /run -o mode=0755,noexec,nosuid,nodev 2> /dev/null
fi
if is_fsmounted usbfs /proc/bus/usb; then
fi
if is_fsmounted usbfs /proc/bus/usb; then
@@ -655,6+653,9 @@ if ! is_yes "$VSERVER" && [[ "$container" != lxc* ]]; then
if is_fsmounted securityfs /sys/kernel/security ; then
mount -f -t securityfs securityfs /sys/kernel/security 2> /dev/null
fi
if is_fsmounted securityfs /sys/kernel/security ; then
mount -f -t securityfs securityfs /sys/kernel/security 2> /dev/null
fi
+ if [ -d /sys/firmware/efi ] && is_fsmounted efivarfs /sys/firmware/efi/efivars ; then
+ mount -f -t efivarfs efivarfs /sys/firmware/efi/efivars 2> /dev/null