diff options
Diffstat (limited to 'src/firejail/main.c')
-rw-r--r-- | src/firejail/main.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/firejail/main.c b/src/firejail/main.c index e6c5b50b0..55f623138 100644 --- a/src/firejail/main.c +++ b/src/firejail/main.c | |||
@@ -1400,6 +1400,20 @@ int main(int argc, char **argv, char **envp) { | |||
1400 | else | 1400 | else |
1401 | exit_err_feature("seccomp"); | 1401 | exit_err_feature("seccomp"); |
1402 | } | 1402 | } |
1403 | else if (strcmp(argv[i], "--restrict-namespaces") == 0) { | ||
1404 | if (checkcfg(CFG_SECCOMP)) | ||
1405 | profile_list_augment(&cfg.restrict_namespaces, "cgroup,ipc,net,mnt,pid,time,user,uts"); | ||
1406 | else | ||
1407 | exit_err_feature("seccomp"); | ||
1408 | } | ||
1409 | else if (strncmp(argv[i], "--restrict-namespaces=", 22) == 0) { | ||
1410 | if (checkcfg(CFG_SECCOMP)) { | ||
1411 | const char *add = argv[i] + 22; | ||
1412 | profile_list_augment(&cfg.restrict_namespaces, add); | ||
1413 | } | ||
1414 | else | ||
1415 | exit_err_feature("seccomp"); | ||
1416 | } | ||
1403 | else if (strncmp(argv[i], "--seccomp-error-action=", 23) == 0) { | 1417 | else if (strncmp(argv[i], "--seccomp-error-action=", 23) == 0) { |
1404 | if (checkcfg(CFG_SECCOMP)) { | 1418 | if (checkcfg(CFG_SECCOMP)) { |
1405 | int config_seccomp_error_action = checkcfg(CFG_SECCOMP_ERROR_ACTION); | 1419 | int config_seccomp_error_action = checkcfg(CFG_SECCOMP_ERROR_ACTION); |