libseccomp is now optional but still recommended

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
author: Toni Uhlig <matzeton@googlemail.com> 2018-06-25 02:02:56 +0200
committer: Toni Uhlig <matzeton@googlemail.com> 2018-06-25 10:51:24 +0200
commit: 4bc4a786e8a4107494070d033cec0550bfd08085 (patch)
tree: f673d33fd0895b587456278a84580f9a1c5a1151 /src/main.c
parent: 51e041fddb5f00bde2001fca8ff6b8cf3e728a89 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/src/main.c b/src/main.c
index 235a0f5..7fe4884 100644
--- a/src/main.c
+++ b/src/main.c
@@ -7,7 +7,9 @@
 #include <sys/types.h>
 #include <sys/wait.h>
 
+#ifdef HAVE_SECCOMP
 #include "pseccomp.h"
+#endif
 #include "capabilities.h"
 #include "log.h"
 #include "log_colored.h"
@@ -285,7 +287,9 @@ int main(int argc, char *argv[])
     char *value;
     int proc_status;
     pid_t daemon_pid, child_pid;
+#ifdef HAVE_SECCOMP
     pseccomp_ctx *psc = NULL;
+#endif
 
     (void) argc;
     (void) argv;
@@ -341,11 +345,15 @@ int main(int argc, char *argv[])
     }
 
     caps_default_filter();
+#ifdef HAVE_SECCOMP
     pseccomp_init(&psc,
         (getopt_used(OPT_SECCOMP_MINIMAL) ? PS_MINIMUM : 0));
     if (pseccomp_default_rules(psc))
         FATAL("%s", "SECCOMP: adding default rules");
     pseccomp_free(&psc);
+#else
+    W("%s", "Compiled without libseccomp, this may have a security impact.");
+#endif
 
     D("%s", "Forking into background/foreground");
     daemon_pid = daemonize(!getopt_used(OPT_DAEMON));
author	Toni Uhlig <matzeton@googlemail.com>	2018-06-25 02:02:56 +0200
committer	Toni Uhlig <matzeton@googlemail.com>	2018-06-25 10:51:24 +0200
commit	4bc4a786e8a4107494070d033cec0550bfd08085 (patch)
tree	f673d33fd0895b587456278a84580f9a1c5a1151 /src/main.c
parent	51e041fddb5f00bde2001fca8ff6b8cf3e728a89 (diff)