diff options
author | netblue30 <netblue30@yahoo.com> | 2016-07-05 07:24:10 -0400 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2016-07-05 07:24:10 -0400 |
commit | 3f8d6787b7ccff3ed7ff77a3b474856ae1be6a9b (patch) | |
tree | 15b9f2e7810b0812eaa9827a4ee668ee29b6551f /src/faudit/seccomp.c | |
parent | src/faudit/dbus.c (diff) | |
download | firejail-3f8d6787b7ccff3ed7ff77a3b474856ae1be6a9b.tar.gz firejail-3f8d6787b7ccff3ed7ff77a3b474856ae1be6a9b.tar.zst firejail-3f8d6787b7ccff3ed7ff77a3b474856ae1be6a9b.zip |
faudit: dbus
Diffstat (limited to 'src/faudit/seccomp.c')
-rw-r--r-- | src/faudit/seccomp.c | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/src/faudit/seccomp.c b/src/faudit/seccomp.c index 9cc1a20f6..099e0e420 100644 --- a/src/faudit/seccomp.c +++ b/src/faudit/seccomp.c | |||
@@ -46,18 +46,17 @@ void seccomp_test(void) { | |||
46 | int rv = extract_seccomp(&seccomp_status); | 46 | int rv = extract_seccomp(&seccomp_status); |
47 | 47 | ||
48 | if (rv) { | 48 | if (rv) { |
49 | printf("SKIP: cannot extract seccomp configuration on this platform\n"); | 49 | printf("INFO: cannot extract seccomp configuration on this platform.\n"); |
50 | return; | 50 | return; |
51 | } | 51 | } |
52 | 52 | ||
53 | if (seccomp_status == 0) { | 53 | if (seccomp_status == 0) { |
54 | printf("BAD: seccomp disabled\n"); | 54 | printf("BAD: seccomp disabled. Use \"firejail --seccomp\" to enable it.\n"); |
55 | printf("Use \"firejail --seccomp\" to fix it.\n"); | ||
56 | } | 55 | } |
57 | else if (seccomp_status == 1) | 56 | else if (seccomp_status == 1) |
58 | printf("GOOD: seccomp strict mode - only read, write, _exit, and sigreturn are allowd\n"); | 57 | printf("GOOD: seccomp strict mode - only read, write, _exit, and sigreturn are allowd.\n"); |
59 | else if (seccomp_status == 2) { | 58 | else if (seccomp_status == 2) { |
60 | printf("GOOD: seccomp BPF enababled\n"); | 59 | printf("GOOD: seccomp BPF enabled.\n"); |
61 | 60 | ||
62 | printf("checking syscalls: "); fflush(0); | 61 | printf("checking syscalls: "); fflush(0); |
63 | printf("mount... "); fflush(0); | 62 | printf("mount... "); fflush(0); |