Created
February 28, 2019 19:12
-
-
Save juancarlospaco/9ef1b803ef0cf6f71cde2dbec6839116 to your computer and use it in GitHub Desktop.
NimWC with Firejail: typical terminal standard output debug messages when not build for release.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2019-02-28T16:00:52-03:00: Nim Website Creator: starting. | |
| *** Starting xvfb server: "Xvfb" ":529" "-screen" "0" "800x600x24" *** | |
| *** Stating xvfb client: "firejail" *** | |
| *** Attaching to Xvfb display 529 *** | |
| Basic read-only filesystem: | |
| Mounting read-only /bin | |
| Mounting read-only /lib | |
| Mounting read-only /usr | |
| Mounting tmpfs on /var/lock | |
| Mounting tmpfs on /var/tmp | |
| Cleaning /home directory | |
| Cleaning /run/user directory | |
| Sanitizing /etc/passwd | |
| Sanitizing /etc/group | |
| Disable /run/firejail/network | |
| Disable /run/firejail/bandwidth | |
| Disable /run/firejail/name | |
| Disable /run/firejail/x11 | |
| Mounting tmpfs on /dev | |
| Mounting tmpfs on /home/juan/.cache | |
| blacklist /run/user/1000/bus | |
| Creating a new /etc/hostname file | |
| Creating empty /run/firejail/mnt/hostname file | |
| Remounting /proc and /proc/sys filesystems | |
| Remounting /sys directory | |
| Disable /sys/firmware | |
| Disable /sys/hypervisor | |
| Disable /sys/power | |
| Disable /sys/kernel/debug | |
| Disable /sys/kernel/vmcoreinfo | |
| Disable /proc/sys/fs/binfmt_misc | |
| Disable /proc/sys/kernel/core_pattern | |
| Disable /proc/sys/kernel/modprobe | |
| Disable /proc/sysrq-trigger | |
| Disable /proc/irq | |
| Disable /proc/bus | |
| Disable /proc/config.gz | |
| Disable /proc/sched_debug | |
| Disable /proc/timer_list | |
| Disable /proc/kcore | |
| Disable /proc/kallsyms | |
| Disable /usr/lib/modules | |
| Disable /boot | |
| Disable /proc/kmsg | |
| Mounting tmpfs on /tmp directory | |
| Disable /sys/fs | |
| Disable /sys/module | |
| Disable /mnt | |
| Disable /media | |
| Disable /run/mount | |
| disable pulseaudio | |
| blacklist /dev/snd | |
| blacklist /dev/dri | |
| blacklist /dev/nvidia | |
| blacklist /dev/nvidiactl | |
| blacklist /dev/nvidia-modeset | |
| blacklist /dev/nvidia-uvm | |
| blacklist /dev/dvb | |
| blacklist /dev/sr0 | |
| blacklist /dev/hidraw | |
| blacklist /dev/usb | |
| blacklist /dev/video | |
| Masking all X11 sockets | |
| Drop CAP_SYS_MODULE | |
| Drop CAP_SYS_RAWIO | |
| Drop CAP_SYS_BOOT | |
| Drop CAP_SYS_NICE | |
| Drop CAP_SYS_TTY_CONFIG | |
| Drop CAP_SYSLOG | |
| Drop CAP_MKNOD | |
| Drop CAP_SYS_ADMIN | |
| configuring 54 seccomp entries | |
| Dropping all capabilities | |
| Drop privileges | |
| seccomp filter configured | |
| noroot user namespace installed | |
| Drop CAP_SYS_MODULE | |
| Drop CAP_SYS_RAWIO | |
| Drop CAP_SYS_BOOT | |
| Drop CAP_SYS_NICE | |
| Drop CAP_SYS_TTY_CONFIG | |
| Drop CAP_SYSLOG | |
| Drop CAP_MKNOD | |
| Drop CAP_SYS_ADMIN | |
| Config rlimit: max cpu time 1 | |
| Config rlimit: number of open file descriptors 1000 | |
| Config rlimit: number of processes 1 | |
| Config rlimit: maximum file size 1000000000 | |
| Config rlimit: maximum number of signals pending 10 | |
| Config rlimit: maximum virtual memory 1000000000 | |
| D, [2019-02-28T16:00:53] -- nimwc_main: Rolling File Logger logs at: /home/juan/code/nim_websitecreator/nimwcpkg/nimwc_main.log | |
| Package: Nim Website Creator - https://NimWC.org | |
| Description: Self-Firejailing Nim Web Framework thats simple to use. | |
| I, [2019-02-28T16:00:54] -- nimwc_main: Up and running!. | |
| I, [2019-02-28T16:00:54] -- nimwc_main: Jester is making jokes at http://127.0.0.1:7000 | |
| Starting 1 threads | |
| monitoring pid 5 | |
| ^C | |
| CTRL+C Pressed, NimWC is shutting down, Bye. | |
| Child received signal 2, shutting down the sandbox... | |
| $ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment