diff --git a/Makefile b/Makefile index 3fa6f02..05084c0 100644 --- a/Makefile +++ b/Makefile @@ -92,8 +92,8 @@ indent: caps.o: caps.h nsjail.h logs.h macros.h util.h cgroup.o: cgroup.h nsjail.h logs.h util.h -cmdline.o: cmdline.h nsjail.h logs.h caps.h config.h macros.h mnt.h sandbox.h -cmdline.o: user.h util.h +cmdline.o: cmdline.h nsjail.h logs.h caps.h config.h macros.h mnt.h user.h +cmdline.o: util.h config.o: caps.h nsjail.h logs.h cmdline.h config.h config.pb.h macros.h config.o: mnt.h user.h util.h contain.o: contain.h nsjail.h logs.h caps.h cgroup.h cpu.h mnt.h net.h pid.h @@ -102,7 +102,7 @@ cpu.o: cpu.h nsjail.h logs.h util.h logs.o: logs.h nsjail.h mnt.o: mnt.h nsjail.h logs.h macros.h subproc.h util.h net.o: net.h nsjail.h logs.h subproc.h -nsjail.o: nsjail.h logs.h cmdline.h macros.h net.h subproc.h util.h +nsjail.o: nsjail.h logs.h cmdline.h macros.h net.h sandbox.h subproc.h util.h pid.o: pid.h nsjail.h logs.h subproc.h sandbox.o: sandbox.h nsjail.h logs.h kafel/include/kafel.h subproc.o: subproc.h nsjail.h logs.h cgroup.h contain.h macros.h net.h diff --git a/cmdline.cc b/cmdline.cc index 33179bd..2096c2f 100644 --- a/cmdline.cc +++ b/cmdline.cc @@ -51,7 +51,6 @@ #include "logs.h" #include "macros.h" #include "mnt.h" -#include "sandbox.h" #include "user.h" #include "util.h" @@ -433,12 +432,15 @@ std::unique_ptr parseArgs(int argc, char* argv[]) { break; case 'v': nsjconf->loglevel = logs::DEBUG; + logs::logLevel(nsjconf->loglevel); break; case 'q': nsjconf->loglevel = logs::WARNING; + logs::logLevel(nsjconf->loglevel); break; case 'Q': nsjconf->loglevel = logs::FATAL; + logs::logLevel(nsjconf->loglevel); break; case 'e': nsjconf->keep_env = true; @@ -816,11 +818,6 @@ std::unique_ptr parseArgs(int argc, char* argv[]) { } } - if (!sandbox::preparePolicy(nsjconf.get())) { - LOG_E("Couldn't prepare sandboxing setup"); - return nullptr; - } - return nsjconf; } diff --git a/config.cc b/config.cc index d60686f..1bd733a 100644 --- a/config.cc +++ b/config.cc @@ -121,6 +121,7 @@ static bool configParseInternal(nsjconf_t* nsjconf, const nsjail::NsJailConfig& LOG_E("Unknown log_level: %d", njc.log_level()); return false; } + logs::logLevel(nsjconf->loglevel); } nsjconf->keep_env = njc.keep_env(); diff --git a/logs.cc b/logs.cc index d7404a6..591dd15 100644 --- a/logs.cc +++ b/logs.cc @@ -141,4 +141,8 @@ void logStop(int sig) { LOG_I("Server stops due to fatal signal (%d) caught. Exiting", sig); } +void logLevel(enum llevel_t ll) { + _log_level = ll; +} + } // namespace logs diff --git a/logs.h b/logs.h index d17413e..8d5a1fe 100644 --- a/logs.h +++ b/logs.h @@ -59,6 +59,7 @@ bool initLog(const std::string& logfile, llevel_t loglevel); void logMsg(enum llevel_t ll, const char* fn, int ln, bool perr, const char* fmt, ...) __attribute__((format(printf, 5, 6))); void logStop(int sig); +void logLevel(enum llevel_t ll); } // namespace logs diff --git a/nsjail.cc b/nsjail.cc index 9dd6f23..270d0c3 100644 --- a/nsjail.cc +++ b/nsjail.cc @@ -33,6 +33,7 @@ #include "logs.h" #include "macros.h" #include "net.h" +#include "sandbox.h" #include "subproc.h" #include "util.h" @@ -174,6 +175,9 @@ int main(int argc, char* argv[]) { if (nsjailSetTimer(nsjconf.get()) == false) { LOG_F("nsjailSetTimer() failed"); } + if (!sandbox::preparePolicy(nsjconf.get())) { + LOG_F("Couldn't prepare sandboxing policy"); + } if (nsjconf->mode == MODE_LISTEN_TCP) { nsjailListenMode(nsjconf.get());