Merge pull request #1284 from Lupul/fix-2020-10-21

Added error handling when remounting /proc fs

install/hst-install-debian.sh

@@ -931,8 +931,13 @@ fi
 
 # Restrict access to /proc fs
 # - Prevent unpriv users from seeing each other running processes
-mount -o remount,defaults,hidepid=2 /proc
-echo "@reboot root sleep 5 && mount -o remount,defaults,hidepid=2 /proc" > /etc/cron.d/hestia-proc
+mount -o remount,defaults,hidepid=2 /proc > /dev/null 2>&1
+if [ $? -ne 0 ]; then
+    echo "Info: Cannot remount /proc (LXC containers require additional perm added to host apparmor profile)"
+else
+    echo "@reboot root sleep 5 && mount -o remount,defaults,hidepid=2 /proc" > /etc/cron.d/hestia-proc
+fi
+
 
 #----------------------------------------------------------#
 #                     Configure Hestia                     #

install/hst-install-ubuntu.sh

@@ -988,8 +988,12 @@ fi
 
 # Restrict access to /proc fs
 # - Prevent unpriv users from seeing each other running processes
-mount -o remount,defaults,hidepid=2 /proc
-echo "@reboot root sleep 5 && mount -o remount,defaults,hidepid=2 /proc" > /etc/cron.d/hestia-proc
+mount -o remount,defaults,hidepid=2 /proc > /dev/null 2>&1
+if [ $? -ne 0 ]; then
+    echo "Info: Cannot remount /proc (LXC containers require additional perm added to host apparmor profile)"
+else
+    echo "@reboot root sleep 5 && mount -o remount,defaults,hidepid=2 /proc" > /etc/cron.d/hestia-proc
+fi
 
 
 #----------------------------------------------------------#

install/upgrade/versions/1.3.0.sh

@@ -65,6 +65,10 @@ fi
 # Restrict access to /proc fs
 if [ ! -e "/etc/cron.d/hestia-proc" ]; then
     echo "[ * ] Restrict access to /proc fs"
-    echo "@reboot root sleep 5 && mount -o remount,defaults,hidepid=2 /proc" > /etc/cron.d/hestia-proc
-    mount -o remount,defaults,hidepid=2 /proc
+    mount -o remount,defaults,hidepid=2 /proc > /dev/null 2>&1
+    if [ $? -ne 0 ]; then
+        echo "Info: Cannot remount /proc (LXC containers require additional perm added to host apparmor profile)"
+    else
+        echo "@reboot root sleep 5 && mount -o remount,defaults,hidepid=2 /proc" > /etc/cron.d/hestia-proc
+    fi
 fi