From ca98f1488a3d01df23c5415b1480b4e2df131e83 Mon Sep 17 00:00:00 2001
From: netblue30 <netblue30@yahoo.com>
Date: Wed, 31 May 2017 15:26:13 -0400
Subject: bug: print whitelist seccomp filter for --debug option

---
 src/firejail/seccomp.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/firejail/seccomp.c b/src/firejail/seccomp.c
index 72a5874f8..15379215c 100644
--- a/src/firejail/seccomp.c
+++ b/src/firejail/seccomp.c
@@ -68,7 +68,7 @@ int seccomp_load(const char *fname) {
 		goto errexit;
 	unsigned short entries = (unsigned short) size / (unsigned short) sizeof(struct sock_filter);
 	if (arg_debug)
-		printf("reading %d seccomp entries from %s\n", entries, fname);
+		printf("configuring %d seccomp entries from %s\n", entries, fname);
 
 	// read filter
 	struct sock_filter *filter = malloc(size);
@@ -205,6 +205,8 @@ int seccomp_filter_keep(void) {
 		printf("seccomp filter configured\n");
 
 
+	if (arg_debug && access(PATH_FSECCOMP, X_OK) == 0)
+		sbox_run(SBOX_ROOT | SBOX_SECCOMP, 3, PATH_FSECCOMP, "print", RUN_SECCOMP_CFG);
 	return seccomp_load(RUN_SECCOMP_CFG);
 }
 
-- 
cgit v1.2.3-54-g00ecf