struct rlimit *rlimit[_RLIMIT_MAX];
char *working_directory, *root_directory;
+ bool working_directory_missing_ok;
mode_t umask;
int oom_score_adjust;
bool apparmor_profile_ignore;
char *apparmor_profile;
+ bool smack_process_label_ignore;
+ char *smack_process_label;
+
char **read_write_dirs, **read_only_dirs, **inaccessible_dirs;
unsigned long mount_flags;
};
#include "cgroup.h"
+#include "cgroup-util.h"
struct ExecParameters {
char **argv;
bool apply_chroot;
bool apply_tty_stdin;
bool confirm_spawn;
+ bool selinux_context_net;
CGroupControllerMask cgroup_supported;
const char *cgroup_path;
+ bool cgroup_delegate;
const char *runtime_prefix;
const char *unit_id;
usec_t watchdog_usec;
int *idle_pipe;
+ char *bus_endpoint_path;
+ int bus_endpoint_fd;
};
int exec_spawn(ExecCommand *command,
void exec_command_done(ExecCommand *c);
void exec_command_done_array(ExecCommand *c, unsigned n);
-void exec_command_free_list(ExecCommand *c);
+ExecCommand* exec_command_free_list(ExecCommand *c);
void exec_command_free_array(ExecCommand **c, unsigned n);
char *exec_command_line(char **argv);
void exec_command_dump_list(ExecCommand *c, FILE *f, const char *prefix);
void exec_command_append_list(ExecCommand **l, ExecCommand *e);
int exec_command_set(ExecCommand *c, const char *path, ...);
+int exec_command_append(ExecCommand *c, const char *path, ...);
void exec_context_init(ExecContext *c);
void exec_context_done(ExecContext *c);
int exec_context_destroy_runtime_directory(ExecContext *c, const char *runtime_root);
-int exec_context_load_environment(const ExecContext *c, char ***l);
+int exec_context_load_environment(const ExecContext *c, const char *unit_id, char ***l);
bool exec_context_may_touch_console(ExecContext *c);
+bool exec_context_maintains_privileges(ExecContext *c);
void exec_status_start(ExecStatus *s, pid_t pid);
void exec_status_exit(ExecStatus *s, ExecContext *context, pid_t pid, int code, int status);