diff options
author | Luke Shumaker <lukeshu@sbcglobal.net> | 2016-12-17 02:47:02 -0500 |
---|---|---|
committer | Luke Shumaker <lukeshu@sbcglobal.net> | 2016-12-17 02:47:02 -0500 |
commit | a4d083550a7273b895b44aac8d2ff7e2fdb1f7d5 (patch) | |
tree | 6f148433641f8c92d6f1eddcb2199a78dbd111a0 /src/core/execute.h | |
parent | b6d071f1df46eb841ba3f88cdb2b248eaf5f35f8 (diff) | |
parent | 86e9bb69ae74bd960e1fd427258f41d54240d6d1 (diff) |
Merge branch 'systemd/parabola' into notsystemd/premove
# Conflicts:
# Makefile.amp
Diffstat (limited to 'src/core/execute.h')
-rw-r--r-- | src/core/execute.h | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/core/execute.h b/src/core/execute.h index 106154f81a..c7d0f7761e 100644 --- a/src/core/execute.h +++ b/src/core/execute.h @@ -50,6 +50,7 @@ typedef enum ExecInput { EXEC_INPUT_TTY_FORCE, EXEC_INPUT_TTY_FAIL, EXEC_INPUT_SOCKET, + EXEC_INPUT_NAMED_FD, _EXEC_INPUT_MAX, _EXEC_INPUT_INVALID = -1 } ExecInput; @@ -65,6 +66,7 @@ typedef enum ExecOutput { EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE, EXEC_OUTPUT_SOCKET, + EXEC_OUTPUT_NAMED_FD, _EXEC_OUTPUT_MAX, _EXEC_OUTPUT_INVALID = -1 } ExecOutput; @@ -120,6 +122,7 @@ struct ExecContext { ExecInput std_input; ExecOutput std_output; ExecOutput std_error; + char *stdio_fdname[3]; nsec_t timer_slack_nsec; @@ -174,10 +177,14 @@ struct ExecContext { bool private_users; ProtectSystem protect_system; ProtectHome protect_home; + bool protect_kernel_tunables; + bool protect_kernel_modules; + bool protect_control_groups; bool no_new_privileges; bool dynamic_user; + bool remove_ipc; /* This is not exposed to the user but available * internally. We need it to make sure that whenever we spawn @@ -280,6 +287,8 @@ void exec_context_dump(ExecContext *c, FILE* f, const char *prefix); int exec_context_destroy_runtime_directory(ExecContext *c, const char *runtime_root); int exec_context_load_environment(Unit *unit, const ExecContext *c, char ***l); +int exec_context_named_iofds(Unit *unit, const ExecContext *c, const ExecParameters *p, int named_iofds[3]); +const char* exec_context_fdname(const ExecContext *c, int fd_index); bool exec_context_may_touch_console(ExecContext *c); bool exec_context_maintains_privileges(ExecContext *c); |