colin/bubblewrap
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #550 from smcv/seccomp-einval-hint

Browse Source 
Attempt to clarify error message for missing CONFIG_SECCOMP_FILTER
This commit is contained in:
Simon McVittie
2023-02-17 09:30:19 +00:00
committed by GitHub
parent 41fd02ad14 2f873fa8ae
commit a319fd5dc3
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
bubblewrap.c
View File

@@ -288,7 +288,15 @@ seccomp_programs_apply (void)
for (program = seccomp_programs; program != NULL; program = program->next) for (program = seccomp_programs; program != NULL; program = program->next)
{ {
if (prctl (PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &program->program) != 0) if (prctl (PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &program->program) != 0)
die_with_error ("prctl(PR_SET_SECCOMP)"); {
if (errno == EINVAL)
die ("Unable to set up system call filtering as requested: "
"prctl(PR_SET_SECCOMP) reported EINVAL. "
"(Hint: this requires a kernel configured with "
"CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER.)");
die_with_error ("prctl(PR_SET_SECCOMP)");
}
} }
} }