From b05f7f3bd9d0264a6e143e10269e3eca5416b048 Mon Sep 17 00:00:00 2001 From: startx2017 Date: Mon, 10 Apr 2017 09:24:00 -0400 Subject: --quiet fixes --- src/fseccomp/fseccomp.h | 3 +++ src/fseccomp/main.c | 5 +++++ src/fseccomp/protocol.c | 6 ++++-- src/fseccomp/syscall.c | 6 ++++-- 4 files changed, 16 insertions(+), 4 deletions(-) (limited to 'src/fseccomp') diff --git a/src/fseccomp/fseccomp.h b/src/fseccomp/fseccomp.h index e0d423b4a..1e4881e9c 100644 --- a/src/fseccomp/fseccomp.h +++ b/src/fseccomp/fseccomp.h @@ -25,6 +25,9 @@ #include #include "../include/common.h" +// main.c +extern int arg_quiet; + // syscall.c void syscall_print(void); int syscall_check_list(const char *slist, void (*callback)(int fd, int syscall, int arg), int fd, int arg); diff --git a/src/fseccomp/main.c b/src/fseccomp/main.c index 134b840f2..7e0239a5f 100644 --- a/src/fseccomp/main.c +++ b/src/fseccomp/main.c @@ -18,6 +18,7 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ #include "fseccomp.h" +int arg_quiet = 0; static void usage(void) { printf("Usage:\n"); @@ -51,6 +52,10 @@ printf("\n"); usage(); return 1; } + + char *quiet = getenv("FIREJAIL_QUIET"); + if (quiet && strcmp(quiet, "yes") == 0) + arg_quiet = 1; if (strcmp(argv[1], "-h") == 0 || strcmp(argv[1], "--help") == 0 || strcmp(argv[1], "-?") ==0) { usage(); diff --git a/src/fseccomp/protocol.c b/src/fseccomp/protocol.c index e9f65e7e8..57ce2f8e0 100644 --- a/src/fseccomp/protocol.c +++ b/src/fseccomp/protocol.c @@ -89,7 +89,8 @@ static struct sock_filter *find_protocol_domain(const char *p) { void protocol_print(void) { #ifndef SYS_socket - fprintf(stderr, "Warning fseccomp: firejail --protocol not supported on this platform\n"); + if (!arg_quiet) + fprintf(stderr, "Warning fseccomp: firejail --protocol not supported on this platform\n"); return; #endif @@ -107,7 +108,8 @@ void protocol_build_filter(const char *prlist, const char *fname) { assert(fname); #ifndef SYS_socket - fprintf(stderr, "Warning fseccomp: --protocol not supported on this platform\n"); + if (!arg_quiet) + fprintf(stderr, "Warning fseccomp: --protocol not supported on this platform\n"); return; #else // build the filter diff --git a/src/fseccomp/syscall.c b/src/fseccomp/syscall.c index 398a49578..b86c1c489 100644 --- a/src/fseccomp/syscall.c +++ b/src/fseccomp/syscall.c @@ -130,8 +130,10 @@ int syscall_check_list(const char *slist, void (*callback)(int fd, int syscall, int syscall_nr; int error_nr; syscall_process_name(ptr, &syscall_nr, &error_nr); - if (syscall_nr == -1) - fprintf(stderr, "Warning fseccomp: syscall %s not found\n", ptr); + if (syscall_nr == -1) { + if (!arg_quiet) + fprintf(stderr, "Warning fseccomp: syscall \"%s\" not available on this platform\n", ptr); + } else if (callback != NULL) { if (error_nr != -1) filter_add_errno(fd, syscall_nr, error_nr); -- cgit v1.2.3-54-g00ecf