socket: introduce SELinuxLabelViaNet option

[elogind.git] / src / core / execute.h

diff --git a/src/core/execute.h b/src/core/execute.h
index a3336573280ba4cbdb558d5dc314f9b31103e292..d23a98097a667a18d924985319328e4b914e733d 100644 (file)
--- a/src/core/execute.h
+++ b/src/core/execute.h
@@ -39,6 +39,7 @@ typedef struct ExecRuntime ExecRuntime;
 #include "set.h"
 #include "fdset.h"
 #include "missing.h"
+#include "namespace.h"
 
 typedef enum ExecInput {
         EXEC_INPUT_NULL,
@@ -113,8 +114,6 @@ struct ExecContext {
 
         nsec_t timer_slack_nsec;
 
-        char *tcpwrap_name;
-
         char *tty_path;
 
         bool tty_reset;
@@ -137,6 +136,7 @@ struct ExecContext {
 
         bool selinux_context_ignore;
         char *selinux_context;
+        bool selinux_label_via_net;
 
         bool apparmor_profile_ignore;
         char *apparmor_profile;
@@ -158,6 +158,8 @@ struct ExecContext {
         bool private_tmp;
         bool private_network;
         bool private_devices;
+        ProtectSystem protect_system;
+        ProtectHome protect_home;
 
         bool no_new_privileges;
 
@@ -185,6 +187,7 @@ struct ExecContext {
         bool nice_set:1;
         bool ioprio_set:1;
         bool cpu_sched_set:1;
+        bool no_new_privileges_set:1;
 };
 
 #include "cgroup.h"