From 3b860491e0206afbee2f3d7e32650b63a75b5117 Mon Sep 17 00:00:00 2001
From: Albert S <mail@quitesimple.org>
Date: Fri, 22 Nov 2019 19:06:36 +0100
Subject: [PATCH] sandbox: use a static path for the chroot dir

As a cgi process it creates way too many directories
if we keep the default behaviour of qssb. Another
problem at the moment is the fact that qssb does
not provide a mechanism to cleanup yet.
---
 cgit.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/cgit.c b/cgit.c
index da47f23..89896b0 100644
--- a/cgit.c
+++ b/cgit.c
@@ -1065,6 +1065,7 @@ void enable_sandbox()
 	}
 	policy->path_policies = &dev_policy;
 	policy->namespace_options |= QSSB_UNSHARE_NETWORK;
+	policy->chroot_target_path = "/tmp/.sandbox_cgit";
 	if(qssb_enable_policy(policy) != 0)
 	{
 		fprintf(stderr, "%s", "Failed to init sandbox\n");