[tor-commits] [tor/master] Improved message when running sandbox on Linux without libseccomp

nickm at torproject.org nickm at torproject.org
Fri Apr 18 18:54:38 UTC 2014 

commit b8fe8ee7486f43b33ccd5cfad99a5e87a7d246f6
Author: Nick Mathewson <nickm at torproject.org>
Date:   Fri Apr 18 14:49:39 2014 -0400

    Improved message when running sandbox on Linux without libseccomp
    
    Previously we said "Sandbox is not implemented on this platform" on
    Linux boxes without libseccomp.  Now we say that you need to build
    Tor built with libseccomp. Fixes bug 11543; bugfix on 0.2.5.1-alpha.
---
 changes/11543        |    8 ++++++++
 src/common/sandbox.c |   18 ++++++++----------
 2 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/changes/11543 b/changes/11543
new file mode 100644
index 0000000..ebc22f7
--- /dev/null
+++ b/changes/11543
@@ -0,0 +1,8 @@
+  o Minor bugfixes:
+
+    - Improve the warning message when trying to enable the Linux
+      sandbox code on a Tor built without libseccomp. Instead of
+      saying "Sandbox is not implemented on this platform", we now
+      explain that we to need be built with libseccomp. Fixes bug
+      11543; bugfix on 0.2.5.1-alpha.
+
diff --git a/src/common/sandbox.c b/src/common/sandbox.c
index 4224e03..4ce9aa9 100644
--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@ -1613,21 +1613,19 @@ sandbox_init(sandbox_cfg_t *cfg)
 #if defined(USE_LIBSECCOMP)
   return initialise_libseccomp_sandbox(cfg);
 
-#elif defined(_WIN32)
+#elif defined(__linux__)
   (void)cfg;
-  log_warn(LD_BUG,"Windows sandboxing is not implemented. The feature is "
-      "currently disabled.");
+  log_warn(LD_GENERAL,
+           "This version of Tor was built without support for sanboxing. To "
+           "build with support for sandboxing on Linux, you must have "
+           "libseccomp and its necessary header files (e.g. seccomp.h).");
   return 0;
 
-#elif defined(TARGET_OS_MAC)
-  (void)cfg;
-  log_warn(LD_BUG,"Mac OSX sandboxing is not implemented. The feature is "
-      "currently disabled");
-  return 0;
 #else
   (void)cfg;
-  log_warn(LD_BUG,"Sandboxing is not implemented for your platform. The "
-      "feature is currently disabled");
+  log_warn(LD_GENERAL,
+           "Currently, sandboxing is only implemented on Linux. The feature "
+           "is disabled on your platform.");
   return 0;
 #endif
 }

More information about the tor-commits mailing list