diff options
author | Daniel Golle <daniel@makrotopia.org> | 2020-12-01 22:45:15 +0000 |
---|---|---|
committer | Daniel Golle <daniel@makrotopia.org> | 2020-12-01 23:57:31 +0000 |
commit | 09478ba23019ec5cbfc1068a7a632215c946b679 (patch) | |
tree | de8cced6fec6f92d203bc217261274adae44324d /jail/preload.c | |
parent | 4625350465744c2446ac0b0dc821699fa1695c81 (diff) | |
download | procd-09478ba23019ec5cbfc1068a7a632215c946b679.tar.gz |
jail: improve seccomp log output
Pass loglevel to preloaded seccomp handler, output generated program
along with unresolved syscalls if debugging output is requested.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Diffstat (limited to 'jail/preload.c')
-rw-r--r-- | jail/preload.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/jail/preload.c b/jail/preload.c index 24358c6..9678ab6 100644 --- a/jail/preload.c +++ b/jail/preload.c @@ -18,24 +18,33 @@ #include <string.h> #include <dlfcn.h> +#include "log.h" #include "seccomp.h" #include "../preload.h" static main_t __main__; +int debug; static int __preload_main__(int argc, char **argv, char **envp) { char *env_file = getenv("SECCOMP_FILE"); + char *env_debug = getenv("SECCOMP_DEBUG"); if (!env_file || !env_file[0]) { ERROR("SECCOMP_FILE not specified\n"); return -1; } + if (env_debug) + debug = atoi(env_debug); + else + debug = 0; + if (install_syscall_filter(*argv, env_file)) return -1; unsetenv("LD_PRELOAD"); + unsetenv("SECCOMP_DEBUG"); unsetenv("SECCOMP_FILE"); return (*__main__)(argc, argv, envp); |