diff options
author | netblue30 <netblue30@protonmail.com> | 2022-06-18 07:20:46 -0400 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2022-06-18 07:20:46 -0400 |
commit | c7e4c8ed592fee7f1644152a23c3e1343b01b922 (patch) | |
tree | f924a9aadc1a6ec9ea3f8584f898d06fa8c5065f /etc | |
parent | remving src/fgit (diff) | |
download | firejail-c7e4c8ed592fee7f1644152a23c3e1343b01b922.tar.gz firejail-c7e4c8ed592fee7f1644152a23c3e1343b01b922.tar.zst firejail-c7e4c8ed592fee7f1644152a23c3e1343b01b922.zip |
seccomp-log support in firejail.config
Diffstat (limited to 'etc')
-rw-r--r-- | etc/firejail.config | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/etc/firejail.config b/etc/firejail.config index 7dd5fa3db..7f40eb5ed 100644 --- a/etc/firejail.config +++ b/etc/firejail.config | |||
@@ -121,6 +121,12 @@ | |||
121 | # Seccomp error action, kill, log or errno (EPERM, ENOSYS etc) | 121 | # Seccomp error action, kill, log or errno (EPERM, ENOSYS etc) |
122 | # seccomp-error-action EPERM | 122 | # seccomp-error-action EPERM |
123 | 123 | ||
124 | # If seccomp subsystem in Linux kernel kills a program, a message is posted to syslog. | ||
125 | # Starting with Linux kernel version 4.14, it is possible to send seccomp violation messages | ||
126 | # even if the program is allowed to continue (see "seccomp-error-action EPERM" above). | ||
127 | # This logging feature is disabled by default in our implementation. | ||
128 | # seccomp-log no | ||
129 | |||
124 | # Enable or disable user namespace support, default enabled. | 130 | # Enable or disable user namespace support, default enabled. |
125 | # userns yes | 131 | # userns yes |
126 | 132 | ||