diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/sandbox.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index d6d7d3887..e56526f34 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c | |||
@@ -386,7 +386,7 @@ static void enforce_filters(void) { | |||
386 | } | 386 | } |
387 | 387 | ||
388 | // disable all capabilities | 388 | // disable all capabilities |
389 | if (arg_caps_default_filter || arg_caps_list) | 389 | if (arg_caps_default_filter || arg_caps_list && !arg_quiet) |
390 | fprintf(stderr, "Warning: all capabilities disabled for a regular user in chroot\n"); | 390 | fprintf(stderr, "Warning: all capabilities disabled for a regular user in chroot\n"); |
391 | arg_caps_drop_all = 1; | 391 | arg_caps_drop_all = 1; |
392 | 392 | ||
@@ -520,7 +520,8 @@ int sandbox(void* sandbox_arg) { | |||
520 | if (cfg.defaultgw) { | 520 | if (cfg.defaultgw) { |
521 | // set the default route | 521 | // set the default route |
522 | if (net_add_route(0, 0, cfg.defaultgw)) { | 522 | if (net_add_route(0, 0, cfg.defaultgw)) { |
523 | fprintf(stderr, "Warning: cannot configure default route\n"); | 523 | if (!arg_quiet) |
524 | fprintf(stderr, "Warning: cannot configure default route\n"); | ||
524 | gw_cfg_failed = 1; | 525 | gw_cfg_failed = 1; |
525 | } | 526 | } |
526 | } | 527 | } |
@@ -847,7 +848,8 @@ int sandbox(void* sandbox_arg) { | |||
847 | int rv = nice(cfg.nice); | 848 | int rv = nice(cfg.nice); |
848 | (void) rv; | 849 | (void) rv; |
849 | if (errno) { | 850 | if (errno) { |
850 | fprintf(stderr, "Warning: cannot set nice value\n"); | 851 | if (!arg_quiet) |
852 | fprintf(stderr, "Warning: cannot set nice value\n"); | ||
851 | errno = 0; | 853 | errno = 0; |
852 | } | 854 | } |
853 | } | 855 | } |
@@ -903,7 +905,8 @@ int sandbox(void* sandbox_arg) { | |||
903 | if (arg_noroot) { | 905 | if (arg_noroot) { |
904 | int rv = unshare(CLONE_NEWUSER); | 906 | int rv = unshare(CLONE_NEWUSER); |
905 | if (rv == -1) { | 907 | if (rv == -1) { |
906 | fprintf(stderr, "Warning: cannot create a new user namespace, going forward without it...\n"); | 908 | if (!arg_quiet) |
909 | fprintf(stderr, "Warning: cannot create a new user namespace, going forward without it...\n"); | ||
907 | drop_privs(arg_nogroups); | 910 | drop_privs(arg_nogroups); |
908 | arg_noroot = 0; | 911 | arg_noroot = 0; |
909 | } | 912 | } |
@@ -934,7 +937,7 @@ int sandbox(void* sandbox_arg) { | |||
934 | if (arg_nonewprivs) { | 937 | if (arg_nonewprivs) { |
935 | int no_new_privs = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); | 938 | int no_new_privs = prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); |
936 | 939 | ||
937 | if(no_new_privs != 0) | 940 | if(no_new_privs != 0 && !arg_quiet) |
938 | fprintf(stderr, "Warning: NO_NEW_PRIVS disabled, it requires a Linux kernel version 3.5 or newer.\n"); | 941 | fprintf(stderr, "Warning: NO_NEW_PRIVS disabled, it requires a Linux kernel version 3.5 or newer.\n"); |
939 | else if (arg_debug) | 942 | else if (arg_debug) |
940 | printf("NO_NEW_PRIVS set\n"); | 943 | printf("NO_NEW_PRIVS set\n"); |