[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/master] Better error on failure to load seccomp2 sandbox
commit ab18e5e5fcff7fbdbf0905e6dd2585b7e4a10108
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Wed Sep 6 14:23:47 2017 -0400
Better error on failure to load seccomp2 sandbox
There are two reasons this is likeliest to happen -- no kernel
support, and some bug in Tor. We'll ask people to check the former
before they report. Closes 23090.
---
changes/feature23090 | 3 +++
src/common/sandbox.c | 4 +++-
2 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/changes/feature23090 b/changes/feature23090
new file mode 100644
index 000000000..44cdac5ca
--- /dev/null
+++ b/changes/feature23090
@@ -0,0 +1,3 @@
+ o Minor features (linux seccomp2 sandbox):
+ - If the sandbox filter fails to load, suggest to the user that their
+ kernel might not support seccomp2. Closes ticket 23090.
diff --git a/src/common/sandbox.c b/src/common/sandbox.c
index 18beaabe1..a85b1406f 100644
--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@ -1638,7 +1638,9 @@ install_syscall_filter(sandbox_cfg_t* cfg)
// loading the seccomp2 filter
if ((rc = seccomp_load(ctx))) {
- log_err(LD_BUG, "(Sandbox) failed to load: %d (%s)!", rc,
+ log_err(LD_BUG, "(Sandbox) failed to load: %d (%s)! "
+ "Are you sure that your kernel has seccomp2 support? The "
+ "sandbox won't work without it.", rc,
strerror(-rc));
goto end;
}
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits