From: Stefan Sperling Subject: Re: [got-portable] landlock support, second try To: Omar Polo Cc: Bryan Steele , gameoftrees@openbsd.org Date: Wed, 9 Feb 2022 15:26:55 +0100 On Tue, Feb 08, 2022 at 12:09:47PM +0100, Omar Polo wrote: > Logging in landlock_no_fs is too much noisy IMHO, as it implies that > every libexec helpers prints something. Another option would be to do > something like the following early in got main() which produces: > > op@devuan:~/w/got-portable$ got st -S? > got: sandboxing disabled: Operation not supported I agree that having a one-time warning like this would be good. I think writing "landlock disabled" would be better because mentioning landlock explicitly provides a more useful hint. Should we provide an environment variable to suppress the warning, just in case people find themselves in a situation where they have no control over this? Or would that be counter-productive?