From: Nick Mathewson <nickm@torproject.org>
Date: Fri, 18 Apr 2014 18:49:39 +0000 (-0400)
Subject: Improved message when running sandbox on Linux without libseccomp
X-Git-Tag: tor-0.2.5.4-alpha~31
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b8fe8ee7486f43b33ccd5cfad99a5e87a7d246f6;p=thirdparty%2Ftor.git

Improved message when running sandbox on Linux without libseccomp

Previously we said "Sandbox is not implemented on this platform" on
Linux boxes without libseccomp.  Now we say that you need to build
Tor built with libseccomp. Fixes bug 11543; bugfix on 0.2.5.1-alpha.
---

diff --git a/changes/11543 b/changes/11543
new file mode 100644
index 0000000000..ebc22f775d
--- /dev/null
+++ b/changes/11543
@@ -0,0 +1,8 @@
+  o Minor bugfixes:
+
+    - Improve the warning message when trying to enable the Linux
+      sandbox code on a Tor built without libseccomp. Instead of
+      saying "Sandbox is not implemented on this platform", we now
+      explain that we to need be built with libseccomp. Fixes bug
+      11543; bugfix on 0.2.5.1-alpha.
+
diff --git a/src/common/sandbox.c b/src/common/sandbox.c
index 4224e03e2b..4ce9aa9209 100644
--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@ -1613,21 +1613,19 @@ sandbox_init(sandbox_cfg_t *cfg)
 #if defined(USE_LIBSECCOMP)
   return initialise_libseccomp_sandbox(cfg);
 
-#elif defined(_WIN32)
+#elif defined(__linux__)
   (void)cfg;
-  log_warn(LD_BUG,"Windows sandboxing is not implemented. The feature is "
-      "currently disabled.");
+  log_warn(LD_GENERAL,
+           "This version of Tor was built without support for sanboxing. To "
+           "build with support for sandboxing on Linux, you must have "
+           "libseccomp and its necessary header files (e.g. seccomp.h).");
   return 0;
 
-#elif defined(TARGET_OS_MAC)
-  (void)cfg;
-  log_warn(LD_BUG,"Mac OSX sandboxing is not implemented. The feature is "
-      "currently disabled");
-  return 0;
 #else
   (void)cfg;
-  log_warn(LD_BUG,"Sandboxing is not implemented for your platform. The "
-      "feature is currently disabled");
+  log_warn(LD_GENERAL,
+           "Currently, sandboxing is only implemented on Linux. The feature "
+           "is disabled on your platform.");
   return 0;
 #endif
 }