diff options
author | Topi Miettinen <toiwoton@gmail.com> | 2021-01-31 00:15:31 +0200 |
---|---|---|
committer | Topi Miettinen <topimiettinen@users.noreply.github.com> | 2021-02-01 20:09:21 +0000 |
commit | 0040969e439dbddb76bc190900b453b71e895068 (patch) | |
tree | 3d9606b116e47f8702d86fde5194d8c8d22fdde5 /src/fseccomp/main.c | |
parent | Add profile for avidemux (#3935) (diff) | |
download | firejail-0040969e439dbddb76bc190900b453b71e895068.tar.gz firejail-0040969e439dbddb76bc190900b453b71e895068.tar.zst firejail-0040969e439dbddb76bc190900b453b71e895068.zip |
Seccomp error action fixes
fsec-optimize: Optimize BPF with current seccomp error action, not
just KILL
fseccomp: use correct BPF code for errno action
firejail: honor seccomp error action for X32 and secondary filters,
rebuild filters if the error action is changed
Closes: #3933
Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
Diffstat (limited to 'src/fseccomp/main.c')
-rw-r--r-- | src/fseccomp/main.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/fseccomp/main.c b/src/fseccomp/main.c index c8259b079..f47efb5e8 100644 --- a/src/fseccomp/main.c +++ b/src/fseccomp/main.c | |||
@@ -20,7 +20,7 @@ | |||
20 | #include "fseccomp.h" | 20 | #include "fseccomp.h" |
21 | #include "../include/seccomp.h" | 21 | #include "../include/seccomp.h" |
22 | int arg_quiet = 0; | 22 | int arg_quiet = 0; |
23 | int arg_seccomp_error_action = EPERM; // error action: errno, log or kill | 23 | int arg_seccomp_error_action = SECCOMP_RET_ERRNO | EPERM; // error action: errno, log or kill |
24 | 24 | ||
25 | static void usage(void) { | 25 | static void usage(void) { |
26 | printf("Usage:\n"); | 26 | printf("Usage:\n"); |