@@ -230,10 +230,6 @@ and will only drop capabilities/apply seccomp filter.\n\n");
static int exec_jail(void)
{
- char **envp = build_envp(opts.seccomp);
- if (!envp)
- exit(EXIT_FAILURE);
-
if (opts.capabilities && drop_capabilities(opts.capabilities))
exit(EXIT_FAILURE);
@@ -242,6 +238,10 @@ static int exec_jail(void)
exit(EXIT_FAILURE);
}
+ char **envp = build_envp(opts.seccomp);
+ if (!envp)
+ exit(EXIT_FAILURE);
+
INFO("exec-ing %s\n", *opts.jail_argv);
execve(*opts.jail_argv, opts.jail_argv, envp);
/* we get there only if execve fails */
Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com> --- jail/jail.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-)