diff options
author | Simon McVittie <smcv@collabora.com> | 2023-02-17 09:30:19 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-02-17 09:30:19 +0000 |
commit | a319fd5dc323e9cc5988922c8d8a5efdfbb2160b (patch) | |
tree | d06eaaf91bb8e0b7d4a277aab1e7640b0b95dc51 | |
parent | 41fd02ad147907cedf88a7f7488ac18667adc919 (diff) | |
parent | 2f873fa8ae7b36f2d12974363d488fbc2baee51b (diff) | |
download | bubblewrap-a319fd5dc323e9cc5988922c8d8a5efdfbb2160b.tar.gz |
Merge pull request #550 from smcv/seccomp-einval-hint
Attempt to clarify error message for missing CONFIG_SECCOMP_FILTER
-rw-r--r-- | bubblewrap.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/bubblewrap.c b/bubblewrap.c index be02004..8322ea0 100644 --- a/bubblewrap.c +++ b/bubblewrap.c @@ -288,7 +288,15 @@ seccomp_programs_apply (void) for (program = seccomp_programs; program != NULL; program = program->next) { if (prctl (PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &program->program) != 0) - die_with_error ("prctl(PR_SET_SECCOMP)"); + { + if (errno == EINVAL) + die ("Unable to set up system call filtering as requested: " + "prctl(PR_SET_SECCOMP) reported EINVAL. " + "(Hint: this requires a kernel configured with " + "CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER.)"); + + die_with_error ("prctl(PR_SET_SECCOMP)"); + } } } |