summaryrefslogtreecommitdiff
path: root/src/nspawn/nspawn-seccomp.c
AgeCommit message (Collapse)Author
2016-09-06nspawn: detect SECCOMP availability, skip audit filter if unavailableFelipe Sateler
Fail hard if SECCOMP was detected but could not be installed
2016-07-22Use "return log_error_errno" in more places"Zbigniew Jędrzejewski-Szmek
2016-06-13nspawn: lock down system call filter a bitLennart Poettering
Let's block access to the kernel keyring and a number of obsolete system calls. Also, update list of syscalls that may alter the system clock, and do raw IO access. Filter ptrace() if CAP_SYS_PTRACE is not passed to the container and acct() if CAP_SYS_PACCT is not passed. This also changes things so that kexec(), some profiling calls, the swap calls and quotactl() is never available to containers, not even if CAP_SYS_ADMIN is passed. After all we currently permit CAP_SYS_ADMIN to containers by default, but these calls should not be available, even then.
2016-05-26nspawn: split out seccomp call into nspawn-seccomp.[ch]Djalal Harouni
Split seccomp into nspawn-seccomp.[ch]. Currently there are no changes, but this will make it easy in the future to share or use the seccomp logic from systemd core.