diff options
| author | Lennart Poettering <lennart@poettering.net> | 2012-07-17 04:17:53 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2012-07-17 04:17:53 +0200 |
| commit | 8351ceaea9480d9c2979aa2ff0f4982cfdfef58d (patch) | |
| tree | fc1f94e5a17679960774da386a54d145255e4ef1 /src/core/load-fragment-gperf.gperf.m4 | |
| parent | cd96b3b86abb4a88cac2722bdfb6e5d4413f6831 (diff) | |
execute: support syscall filtering using seccomp filters
Diffstat (limited to 'src/core/load-fragment-gperf.gperf.m4')
| -rw-r--r-- | src/core/load-fragment-gperf.gperf.m4 | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/core/load-fragment-gperf.gperf.m4 b/src/core/load-fragment-gperf.gperf.m4 index 192c2b2780..140cb9c0a3 100644 --- a/src/core/load-fragment-gperf.gperf.m4 +++ b/src/core/load-fragment-gperf.gperf.m4 @@ -48,6 +48,8 @@ $1.Capabilities, config_parse_exec_capabilities, 0, $1.SecureBits, config_parse_exec_secure_bits, 0, offsetof($1, exec_context) $1.CapabilityBoundingSet, config_parse_bounding_set, 0, offsetof($1, exec_context.capability_bounding_set_drop) $1.TimerSlackNSec, config_parse_nsec, 0, offsetof($1, exec_context.timer_slack_nsec) +$1.NoNewPrivileges config_parse_bool, 0, offsetof($1, exec_context.no_new_privileges) +$1.SystemCallFilter, config_parse_syscall_filter, 0, offsetof($1, exec_context) $1.LimitCPU, config_parse_limit, RLIMIT_CPU, offsetof($1, exec_context.rlimit) $1.LimitFSIZE, config_parse_limit, RLIMIT_FSIZE, offsetof($1, exec_context.rlimit) $1.LimitDATA, config_parse_limit, RLIMIT_DATA, offsetof($1, exec_context.rlimit) |