From 4bc4a786e8a4107494070d033cec0550bfd08085 Mon Sep 17 00:00:00 2001
From: Toni Uhlig <matzeton@googlemail.com>
Date: Mon, 25 Jun 2018 02:02:56 +0200
Subject: libseccomp is now optional but still recommended

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
---
 src/main.c | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'src/main.c')

diff --git a/src/main.c b/src/main.c
index 235a0f5..7fe4884 100644
--- a/src/main.c
+++ b/src/main.c
@@ -7,7 +7,9 @@
 #include <sys/types.h>
 #include <sys/wait.h>
 
+#ifdef HAVE_SECCOMP
 #include "pseccomp.h"
+#endif
 #include "capabilities.h"
 #include "log.h"
 #include "log_colored.h"
@@ -285,7 +287,9 @@ int main(int argc, char *argv[])
     char *value;
     int proc_status;
     pid_t daemon_pid, child_pid;
+#ifdef HAVE_SECCOMP
     pseccomp_ctx *psc = NULL;
+#endif
 
     (void) argc;
     (void) argv;
@@ -341,11 +345,15 @@ int main(int argc, char *argv[])
     }
 
     caps_default_filter();
+#ifdef HAVE_SECCOMP
     pseccomp_init(&psc,
         (getopt_used(OPT_SECCOMP_MINIMAL) ? PS_MINIMUM : 0));
     if (pseccomp_default_rules(psc))
         FATAL("%s", "SECCOMP: adding default rules");
     pseccomp_free(&psc);
+#else
+    W("%s", "Compiled without libseccomp, this may have a security impact.");
+#endif
 
     D("%s", "Forking into background/foreground");
     daemon_pid = daemonize(!getopt_used(OPT_DAEMON));
-- 
cgit v1.2.3