Felipe Sateler
|
83f12b27d1
|
core: do not fail at step SECCOMP if there is no kernel support (#4004)
Fixes #3882
|
2016-08-22 22:40:58 +03:00 |
|
|
Topi Miettinen
|
201c1cc22a
|
core: add pre-defined syscall groups to SystemCallFilter= (#3053) (#3157)
Implement sets of system calls to help constructing system call
filters. A set starts with '@' to distinguish from a system call.
Closes: #3053, #3157
|
2016-06-01 11:56:01 +02:00 |
|
|
Daniel Mack
|
b26fa1a2fb
|
tree-wide: remove Emacs lines from all files
This should be handled fine now by .dir-locals.el, so need to carry that
stuff in every file.
|
2016-02-10 13:41:57 +01:00 |
|
|
Thomas Hindoe Paaboel Andersen
|
a8fbdf5424
|
shared: include what we use
The next step of a general cleanup of our includes. This one mostly
adds missing includes but there are a few removals as well.
|
2015-12-06 13:49:33 +01:00 |
|
|
Lennart Poettering
|
a60e9f7fc8
|
seccomp-util.h: make sure seccomp-util.h can be included alone
|
2014-12-12 13:35:32 +01:00 |
|
|
Lennart Poettering
|
e9642be2cc
|
seccomp: add helper call to add all secondary archs to a seccomp filter
And make use of it where appropriate for executing services and for
nspawn.
|
2014-02-18 22:14:00 +01:00 |
|
|
Lennart Poettering
|
57183d117a
|
core: add SystemCallArchitectures= unit setting to allow disabling of non-native
architecture support for system calls
Also, turn system call filter bus properties into complex types instead
of concatenated strings.
|
2014-02-13 00:24:00 +01:00 |
|