sandbox/seccomp: resolve rules natively
All checks were successful
Test / Create distribution (push) Successful in 32s
Test / Sandbox (push) Successful in 1m45s
Test / Hakurei (push) Successful in 2m49s
Test / Sandbox (race detector) (push) Successful in 3m1s
Test / Planterette (push) Successful in 3m31s
Test / Hakurei (race detector) (push) Successful in 4m18s
Test / Flake checks (push) Successful in 1m6s
All checks were successful
Test / Create distribution (push) Successful in 32s
Test / Sandbox (push) Successful in 1m45s
Test / Hakurei (push) Successful in 2m49s
Test / Sandbox (race detector) (push) Successful in 3m1s
Test / Planterette (push) Successful in 3m31s
Test / Hakurei (race detector) (push) Successful in 4m18s
Test / Flake checks (push) Successful in 1m6s
This enables loading syscall filter policies from external cross-platform config files. This also removes a significant amount of C code. Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
@@ -66,7 +66,7 @@ func (p *Proxy) Start() error {
|
||||
ctx, toolPath,
|
||||
p.final, true,
|
||||
argF, func(container *sandbox.Container) {
|
||||
container.Seccomp |= seccomp.FilterMultiarch
|
||||
container.SeccompFlags |= seccomp.AllowMultiarch
|
||||
container.Hostname = "hakurei-dbus"
|
||||
container.CommandContext = p.CommandContext
|
||||
if p.output != nil {
|
||||
|
||||
Reference in New Issue
Block a user