maemachinebroke/hakurei
1
0
Fork 0
forked from security/hakurei
Code Pull Requests Activity

helper/bwrap: integrate seccomp into helper interface

Browse Source 
This makes API usage much cleaner, and encapsulates all bwrap arguments in argsWt.

Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
Ophestra
2025-01-22 01:51:10 +09:00
parent 82029948e6
commit 9a239fa1a5
21 changed files with 224 additions and 187 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
internal/app/app_pd_test.go
View File

@@ -39,6 +39,7 @@ var testCasesPd = []sealTestCase{
Net: true,
UserNS: true,
Clearenv: true,
Syscall: new(bwrap.SyscallPolicy),
Chdir: "/home/chronos",
SetEnv: map[string]string{
"HOME": "/home/chronos",
@@ -258,6 +259,7 @@ var testCasesPd = []sealTestCase{
UserNS: true,
Chdir: "/home/chronos",
Clearenv: true,
Syscall: new(bwrap.SyscallPolicy),
SetEnv: map[string]string{
"DBUS_SESSION_BUS_ADDRESS": "unix:path=/run/user/65534/bus",
"DBUS_SYSTEM_BUS_ADDRESS": "unix:path=/run/dbus/system_bus_socket",