Disable seccomp-filter unless ENABLE_SECCOMP_FILTER is defined.

It is very likely to fail on untested architectures.  I can only test it
adequately on x64.

ndhc/ndhc.c

@@ -91,7 +91,7 @@ static void show_usage(void)
 {
     printf(
 "ndhc " NDHC_VERSION ", dhcp client.  Licensed under 2-clause BSD.\n"
-"Copyright (C) 2004-2012 Nicholas J. Kain\n"
+"Copyright (C) 2004-2014 Nicholas J. Kain\n"
 "Usage: ndhc [OPTIONS]\n\n"
 "  -c, --clientid=CLIENTID         Client identifier\n"
 "  -h, --hostname=HOSTNAME         Client hostname\n"
@@ -110,7 +110,9 @@ static void show_usage(void)
 "  -u, --user=USER                 Change ndhc privileges to this user\n"
 "  -U, --ifch-user=USER            Change ndhc-ifch privileges to this user\n"
 "  -C, --chroot=DIR                Chroot to this directory\n"
+#ifdef ENABLE_SECCOMP_FILTER
 "  -S, --seccomp-enforce           Enforce seccomp syscall restrictions\n"
+#endif
 "  -d, --relentless-defense        Never back off in defending IP against\n"
 "                                  conflicting hosts (servers only)\n"
 "  -w, --arp-probe-wait            Time to delay before first ARP probe\n"

ndhc/seccomp.c

@@ -34,6 +34,7 @@ bool seccomp_enforce = false;
 
 int enforce_seccomp_ndhc(void)
 {
+#ifdef ENABLE_SECCOMP_FILTER
     if (!seccomp_enforce)
         return 0;
     struct sock_filter filter[] = {
@@ -95,11 +96,13 @@ int enforce_seccomp_ndhc(void)
     if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog))
         return -1;
     log_line("ndhc seccomp filter installed.  Please disable seccomp if you encounter problems.");
+#endif
     return 0;
 }
 
 int enforce_seccomp_ifch(void)
 {
+#ifdef ENABLE_SECCOMP_FILTER
     if (!seccomp_enforce)
         return 0;
     struct sock_filter filter[] = {
@@ -149,6 +152,7 @@ int enforce_seccomp_ifch(void)
     if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog))
         return -1;
     log_line("ndhc-ifch seccomp filter installed.  Please disable seccomp if you encounter problems.");
+#endif
     return 0;
 }