diff options
| author |  netblue30 <netblue30@protonmail.com> | 2022-06-18 07:20:46 -0400 |
|---|---|---|
| committer | netblue30 <netblue30@protonmail.com> | 2022-06-18 07:20:46 -0400 |
| commit | c7e4c8ed592fee7f1644152a23c3e1343b01b922 (patch) | |
| tree | f924a9aadc1a6ec9ea3f8584f898d06fa8c5065f /etc | |
| parent | remving src/fgit (diff) | |
| download | firejail-c7e4c8ed592fee7f1644152a23c3e1343b01b922.tar.gz firejail-c7e4c8ed592fee7f1644152a23c3e1343b01b922.tar.zst firejail-c7e4c8ed592fee7f1644152a23c3e1343b01b922.zip | |
seccomp-log support in firejail.config
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/firejail.config | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/etc/firejail.config b/etc/firejail.config index 7dd5fa3db..7f40eb5ed 100644 --- a/etc/firejail.config +++ b/etc/firejail.config | |||
| @@ -121,6 +121,12 @@ | |||
| 121 | # Seccomp error action, kill, log or errno (EPERM, ENOSYS etc) | 121 | # Seccomp error action, kill, log or errno (EPERM, ENOSYS etc) |
| 122 | # seccomp-error-action EPERM | 122 | # seccomp-error-action EPERM |
| 123 | 123 | ||
| 124 | # If seccomp subsystem in Linux kernel kills a program, a message is posted to syslog. | ||
| 125 | # Starting with Linux kernel version 4.14, it is possible to send seccomp violation messages | ||
| 126 | # even if the program is allowed to continue (see "seccomp-error-action EPERM" above). | ||
| 127 | # This logging feature is disabled by default in our implementation. | ||
| 128 | # seccomp-log no | ||
| 129 | |||
| 124 | # Enable or disable user namespace support, default enabled. | 130 | # Enable or disable user namespace support, default enabled. |
| 125 | # userns yes | 131 | # userns yes |
| 126 | 132 | ||