typo

fix seccomp filter for ppc64le before we matched ppc64le as ppc64 (which is big ending I presume), so the seccomp filter would always kill gmid #4 related

use -subj /CN=name when generating the keys for the tests `printf | openssl` is ugly :/

configure: add --disable-sandbox Calling `configure' with --disable-sandbox will disable the sandbox support *completely* at compile time. gmid will still complain at compile time and during the startup. Users shouldn't disable the sandbox if possible, but instead report problem upstream so they get fixed (hopefully.) #4 related

reworked seccomp filter * SECCOMP_AUDIT_ARCH extended to support more architectures * relax fcntl policy: allow the syscall regardless of the flags * wrap every syscall in a ifdef, and add some (statx, fcntl64, ...) used in x86 Some bits were taken from dhcpcd[0], thanks! #4 related [0]: https://roy.marples.name/git/dhcpcd/blob/HEAD:/src/privsep-linux.c

revert 2c16dbd5486 -- macro names can't be reserved words While one can define a macro using a reserved word as name using -Dname=val, inside the configuration file it'll fail.

macro names can be reserved words

fix macro example

document the c-like handling of strings

don't expand macros inside the quotes Now that we have this auto concat string thingy, macros can simply expand to standalone strings in place, as single words. Forgot to point it out in previous commits, but now we can cert = "/etc/keys" server "foo" { cert $cert "/foo.crt" ... }

align

[config] concat two or more strings next to each others

document macros: both -D and syntax

don't require the strict order macro > options > servers

add -D to define macros from the cmd line