POTD skeleton #66.

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
author: Toni Uhlig <matzeton@googlemail.com> 2018-05-20 16:15:17 +0200
committer: Toni Uhlig <matzeton@googlemail.com> 2018-05-20 16:15:17 +0200
commit: 50bb59a86d354f775f78198b7ecf27ce5300dacf (patch)
tree: 36bb89490d64eff22e16385a04911cc8bf9ecf62 /src/jail.c
parent: 9c8dc27ee791b24e7325fa065cb57fa9b1339d11 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/jail.c b/src/jail.c
index bcf8755..450051f 100644
--- a/src/jail.c
+++ b/src/jail.c
@@ -145,6 +145,7 @@ pid_t jail_daemonize(event_ctx **ev_ctx, jail_ctx *ctx[], size_t siz)
             E_STRERR("%s", "Jail daemonize");
 	        return -1;
         case 0:
+            caps_jail_filter();
             jail_mainloop(ev_ctx, (const jail_ctx **) ctx, siz);
             break;
     }
@@ -350,7 +351,7 @@ static int jail_childfn(prisoner_process *ctx)
             );
 
             pseccomp_set_immutable();
-            pseccomp_init(&psc);
+            pseccomp_init(&psc, 0);
             if (pseccomp_jail_rules(psc))
                 FATAL("%s", "SECCOMP: adding jail rules");
             pseccomp_free(&psc);
author	Toni Uhlig <matzeton@googlemail.com>	2018-05-20 16:15:17 +0200
committer	Toni Uhlig <matzeton@googlemail.com>	2018-05-20 16:15:17 +0200
commit	50bb59a86d354f775f78198b7ecf27ce5300dacf (patch)
tree	36bb89490d64eff22e16385a04911cc8bf9ecf62 /src/jail.c
parent	9c8dc27ee791b24e7325fa065cb57fa9b1339d11 (diff)