diff options
author | netblue30 <netblue30@yahoo.com> | 2017-01-04 08:13:01 -0500 |
---|---|---|
committer | netblue30 <netblue30@yahoo.com> | 2017-01-04 08:13:01 -0500 |
commit | 18f015fbf39341611ad407908f295842cda8b17a (patch) | |
tree | 674eae4ae314876caf91d11a323356c32baffcc1 /src | |
parent | FossaMail (diff) | |
download | firejail-18f015fbf39341611ad407908f295842cda8b17a.tar.gz firejail-18f015fbf39341611ad407908f295842cda8b17a.tar.zst firejail-18f015fbf39341611ad407908f295842cda8b17a.zip |
allow non-seccomp setup for OverlayFS sandboxes
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/sandbox.c | 11 |
1 files changed, 1 insertions, 10 deletions
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index 50fcd6ed0..493877db3 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
@@ -616,19 +616,10 @@ int sandbox(void* sandbox_arg) { | |||
616 | fs_trace_preload(); | 616 | fs_trace_preload(); |
617 | } | 617 | } |
618 | else | 618 | else |
619 | #endif | 619 | #endif |
620 | #ifdef HAVE_OVERLAYFS | 620 | #ifdef HAVE_OVERLAYFS |
621 | if (arg_overlay) { | 621 | if (arg_overlay) { |
622 | fs_overlayfs(); | 622 | fs_overlayfs(); |
623 | // force caps and seccomp if not started as root | ||
624 | if (getuid() != 0) { | ||
625 | enforce_filters(); | ||
626 | #ifdef HAVE_SECCOMP | ||
627 | enforce_seccomp = 1; | ||
628 | #endif | ||
629 | } | ||
630 | else | ||
631 | arg_seccomp = 1; | ||
632 | } | 623 | } |
633 | else | 624 | else |
634 | #endif | 625 | #endif |