From 1c52e344c48e9cb8cf2b332201d5c96c06e4cf3e Mon Sep 17 00:00:00 2001
From: aszlig <aszlig@redmoonstudios.org>
Date: Wed, 16 Nov 2016 12:30:11 +0100
Subject: Add build dependency for libseccomp

We're going to use libseccomp instead of creating the raw BPF program,
because we have different syscall numbers on different architectures.

Although our initial seccomp rules will be quite small it really doesn't
make sense to generate the raw BPF program because we need to duplicate
it and/or make branches on every single architecture we want to suuport.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
---
 configure.ac | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'configure.ac')

diff --git a/configure.ac b/configure.ac
index 91ed9947ab..1a5ad660ab 100644
--- a/configure.ac
+++ b/configure.ac
@@ -194,6 +194,15 @@ AC_SUBST(HAVE_SODIUM, [$have_sodium])
 PKG_CHECK_MODULES([LIBLZMA], [liblzma], [CXXFLAGS="$LIBLZMA_CFLAGS $CXXFLAGS"])
 
 
+# Look for libseccomp, required for Linux sandboxing.
+if test "$sys_name" = linux; then
+  PKG_CHECK_MODULES([LIBSECCOMP], [libseccomp],
+                    [CXXFLAGS="$LIBSECCOMP_CFLAGS $CXXFLAGS"])
+#  AC_CHECK_LIB([seccomp], [seccomp_init], [true],
+#    [AC_MSG_ERROR([Nix requires libseccomp for sandboxing.  See https://github.com/seccomp/libseccomp.])])
+fi
+
+
 # Look for aws-cpp-sdk-s3.
 AC_LANG_PUSH(C++)
 AC_CHECK_HEADERS([aws/s3/S3Client.h],
-- 
cgit 1.4.1