From b2260f48f4ab978b531d8ca9df2dc1a787b6666f Mon Sep 17 00:00:00 2001
From: Patrick Schleizer <adrelanos@riseup.net>
Date: Sat, 21 Dec 2019 08:03:33 -0500
Subject: [PATCH] add support for /etc/exec / /usr/local/etc/exec

to allow enabling exec on a per VM basis
---
 usr/lib/security-misc/remount-secure | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/usr/lib/security-misc/remount-secure b/usr/lib/security-misc/remount-secure
index cb1b3a3..f2bc696 100755
--- a/usr/lib/security-misc/remount-secure
+++ b/usr/lib/security-misc/remount-secure
@@ -23,11 +23,16 @@ if [ -e /etc/remount-disable ] || [ -e /usr/local/etc/remount-disable ]; then
    exit 0
 fi
 
-if [ -e /etc/noexec ] || [ -e /usr/local/etc/noexec ]; then
-   noexec=true
-   echo "INFO: Will remount with noexec because file /etc/noexec exists."
+if [ -e /etc/exec ] || [ -e /usr/local/etc/exec ]; then
+   noexec=false
+   echo "INFO: Will remount with exec because file /etc/exec or /usr/local/etc/exec exists."
 else
-   echo "INFO: Will not remount with noexec because file /etc/noexec does not exist."
+   if [ -e /etc/noexec ] || [ -e /usr/local/etc/noexec ]; then
+      noexec=true
+      echo "INFO: Will remount with noexec because file /etc/noexec or /usr/local/etc/noexec exists."
+   else
+      echo "INFO: Will not remount with noexec because file /etc/noexec or /usr/local/etc/noexec does not exist."
+   fi
 fi
 
 mkdir --parents "/var/run/remount-secure"