Ophestra
87e008d56d
All checks were successful
Test / Create distribution (push) Successful in 43s
Test / Sandbox (push) Successful in 2m18s
Test / Hakurei (push) Successful in 3m10s
Test / Sandbox (race detector) (push) Successful in 3m30s
Test / Hakurei (race detector) (push) Successful in 4m43s
Test / Fpkg (push) Successful in 5m4s
Test / Flake checks (push) Successful in 1m12s
Fortify makes little sense for a container tool. Signed-off-by: Ophestra <cat@gensokyo.uk>
23 lines
714 B
C
23 lines
714 B
C
#include <seccomp.h>
|
|
#include <stdint.h>
|
|
|
|
#if (SCMP_VER_MAJOR < 2) || (SCMP_VER_MAJOR == 2 && SCMP_VER_MINOR < 5) || \
|
|
(SCMP_VER_MAJOR == 2 && SCMP_VER_MINOR == 5 && SCMP_VER_MICRO < 1)
|
|
#error This package requires libseccomp >= v2.5.1
|
|
#endif
|
|
|
|
typedef enum {
|
|
HAKUREI_VERBOSE = 1 << 0,
|
|
HAKUREI_EXT = 1 << 1,
|
|
HAKUREI_DENY_NS = 1 << 2,
|
|
HAKUREI_DENY_TTY = 1 << 3,
|
|
HAKUREI_DENY_DEVEL = 1 << 4,
|
|
HAKUREI_MULTIARCH = 1 << 5,
|
|
HAKUREI_LINUX32 = 1 << 6,
|
|
HAKUREI_CAN = 1 << 7,
|
|
HAKUREI_BLUETOOTH = 1 << 8,
|
|
} hakurei_filter_opts;
|
|
|
|
extern void hakurei_println(char *v);
|
|
int32_t hakurei_build_filter(int *ret_p, int fd, uint32_t arch, uint32_t multiarch,
|
|
hakurei_filter_opts opts); |