diff options
author | Djalal Harouni <tixxdz@opendz.org> | 2016-10-27 09:39:20 +0200 |
---|---|---|
committer | Djalal Harouni <tixxdz@opendz.org> | 2016-10-27 09:40:22 +0200 |
commit | 59e856c7d33e8260d0ac3a8e21318d6f0768d75b (patch) | |
tree | 001be35c3c74483054fdb8997b8af6c585e00aac | |
parent | 50b3dfb9d64872025450aa63765206720be471d6 (diff) |
core: make unit argument const for apply seccomp functions
-rw-r--r-- | src/core/execute.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/core/execute.c b/src/core/execute.c index a9e39f6fd7..7f343c4902 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -1470,7 +1470,7 @@ finish: return r; } -static int apply_protect_sysctl(Unit *u, const ExecContext *c) { +static int apply_protect_sysctl(const Unit *u, const ExecContext *c) { scmp_filter_ctx seccomp; int r; @@ -1501,7 +1501,7 @@ finish: return r; } -static int apply_protect_kernel_modules(Unit *u, const ExecContext *c) { +static int apply_protect_kernel_modules(const Unit *u, const ExecContext *c) { assert(c); /* Turn off module syscalls on ProtectKernelModules=yes */ @@ -1512,7 +1512,7 @@ static int apply_protect_kernel_modules(Unit *u, const ExecContext *c) { return seccomp_load_filter_set(SCMP_ACT_ALLOW, syscall_filter_sets + SYSCALL_FILTER_SET_MODULE, SCMP_ACT_ERRNO(EPERM)); } -static int apply_private_devices(Unit *u, const ExecContext *c) { +static int apply_private_devices(const Unit *u, const ExecContext *c) { assert(c); /* If PrivateDevices= is set, also turn off iopl and all @raw-io syscalls. */ |