From b0dd967611c27f5b8e2472bb74a664aead7a229e Mon Sep 17 00:00:00 2001
From: Patrick Schleizer <adrelanos@whonix.org>
Date: Mon, 25 Dec 2023 09:27:45 -0500
Subject: [PATCH] usrmerge

https://github.com/Kicksecure/security-misc/issues/157
---
 usr/bin/remount-secure               | 11 -----------
 usr/share/doc/security-misc/fstab-vm |  2 --
 2 files changed, 13 deletions(-)

diff --git a/usr/bin/remount-secure b/usr/bin/remount-secure
index a81f43f..0a0c38e 100755
--- a/usr/bin/remount-secure
+++ b/usr/bin/remount-secure
@@ -255,17 +255,6 @@ _var() {
    remount_secure
 }
 
-_lib() {
-   mount_folder="$NEWROOT/lib"
-   ## Cannot use noexec on /lib as per:
-   ## https://forums.whonix.org/t/re-mount-home-and-other-with-noexec-and-nosuid-among-other-useful-mount-options-for-better-security/7707/25
-   ## There are many executables in /lib. To check:
-   ## sudo find /var/lib -type f -executable
-   ## sudo find /var/lib -type f -executable ! -type l
-   intended_mount_options="nosuid,nodev"
-   remount_secure
-}
-
 _home() {
    mount_folder="$NEWROOT/home"
    intended_mount_options="nosuid,nodev${home_noexec_maybe}"
diff --git a/usr/share/doc/security-misc/fstab-vm b/usr/share/doc/security-misc/fstab-vm
index 15c6228..25c9593 100644
--- a/usr/share/doc/security-misc/fstab-vm
+++ b/usr/share/doc/security-misc/fstab-vm
@@ -13,8 +13,6 @@ proc                                                         /proc            pr
 
 /boot                                                        /boot            none      bind,remount,nosuid,nodev,noexec 0      0
 
-/lib                                                         /lib             none      bind,remount,nosuid,nodev        0      0
-
 ## noexec optional
 /tmp                                                         /tmp             none      bind,remount,nosuid,nodev,noexec 0      0