Improved message when running sandbox on Linux without libseccomp

Previously we said "Sandbox is not implemented on this platform" on
Linux boxes without libseccomp.  Now we say that you need to build
Tor built with libseccomp. Fixes bug 11543; bugfix on 0.2.5.1-alpha.

diff --git a/changes/11543 b/changes/11543
new file mode 100644 (file)
index 0000000..ebc22f7
--- /dev/null
+++ b/changes/11543
@@ -0,0 +1,8 @@
+  o Minor bugfixes:
+
+    - Improve the warning message when trying to enable the Linux
+      sandbox code on a Tor built without libseccomp. Instead of
+      saying "Sandbox is not implemented on this platform", we now
+      explain that we to need be built with libseccomp. Fixes bug
+      11543; bugfix on 0.2.5.1-alpha.
+

diff --git a/src/common/sandbox.c b/src/common/sandbox.c
index 4224e03e2b9c3d3eb4c4dbe4dca41d28d1cabc5c..4ce9aa92093ceb4880b25a427d33793b43a25e74 100644 (file)
--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@ -1613,21 +1613,19 @@ sandbox_init(sandbox_cfg_t *cfg)
 #if defined(USE_LIBSECCOMP)
   return initialise_libseccomp_sandbox(cfg);
 
-#elif defined(_WIN32)
+#elif defined(__linux__)
   (void)cfg;
-  log_warn(LD_BUG,"Windows sandboxing is not implemented. The feature is "
-      "currently disabled.");
+  log_warn(LD_GENERAL,
+           "This version of Tor was built without support for sanboxing. To "
+           "build with support for sandboxing on Linux, you must have "
+           "libseccomp and its necessary header files (e.g. seccomp.h).");
   return 0;
 
-#elif defined(TARGET_OS_MAC)
-  (void)cfg;
-  log_warn(LD_BUG,"Mac OSX sandboxing is not implemented. The feature is "
-      "currently disabled");
-  return 0;
 #else
   (void)cfg;
-  log_warn(LD_BUG,"Sandboxing is not implemented for your platform. The "
-      "feature is currently disabled");
+  log_warn(LD_GENERAL,
+           "Currently, sandboxing is only implemented on Linux. The feature "
+           "is disabled on your platform.");
   return 0;
 #endif
 }