chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
logind: allow suspending if there are no displays
[elogind.git]
/
src
/
core
/
execute.h
diff --git
a/src/core/execute.h
b/src/core/execute.h
index baf430a047e6b1ba76e9347b1a59020dd0d6a71b..c9e29ffc8a9a0c730d2f54ddc1cfb869f21a96b0 100644
(file)
--- a/
src/core/execute.h
+++ b/
src/core/execute.h
@@
-33,15
+33,12
@@
typedef struct ExecRuntime ExecRuntime;
#include <stdbool.h>
#include <stdio.h>
#include <sched.h>
#include <stdbool.h>
#include <stdio.h>
#include <sched.h>
-#ifdef HAVE_SECCOMP
-#include <seccomp.h>
-
-#include "set.h"
-#endif
#include "list.h"
#include "util.h"
#include "list.h"
#include "util.h"
+#include "set.h"
#include "fdset.h"
#include "fdset.h"
+#include "missing.h"
typedef enum ExecInput {
EXEC_INPUT_NULL,
typedef enum ExecInput {
EXEC_INPUT_NULL,
@@
-97,7
+94,7
@@
struct ExecContext {
char **environment;
char **environment_files;
char **environment;
char **environment_files;
- struct rlimit *rlimit[
RLIMIT_NLIMITS
];
+ struct rlimit *rlimit[
_RLIMIT_MAX
];
char *working_directory, *root_directory;
mode_t umask;
char *working_directory, *root_directory;
mode_t umask;
@@
-116,8
+113,6
@@
struct ExecContext {
nsec_t timer_slack_nsec;
nsec_t timer_slack_nsec;
- char *tcpwrap_name;
-
char *tty_path;
bool tty_reset;
char *tty_path;
bool tty_reset;
@@
-138,8
+133,12
@@
struct ExecContext {
char *utmp_id;
char *utmp_id;
+ bool selinux_context_ignore;
char *selinux_context;
char *selinux_context;
+ bool apparmor_profile_ignore;
+ char *apparmor_profile;
+
char **read_write_dirs, **read_only_dirs, **inaccessible_dirs;
unsigned long mount_flags;
char **read_write_dirs, **read_only_dirs, **inaccessible_dirs;
unsigned long mount_flags;
@@
-167,14
+166,24
@@
struct ExecContext {
* don't enter a trigger loop. */
bool same_pgrp;
* don't enter a trigger loop. */
bool same_pgrp;
+ unsigned long personality;
+
Set *syscall_filter;
Set *syscall_filter;
+ Set *syscall_archs;
int syscall_errno;
bool syscall_whitelist:1;
int syscall_errno;
bool syscall_whitelist:1;
+ Set *address_families;
+ bool address_families_whitelist:1;
+
+ char **runtime_directory;
+ mode_t runtime_directory_mode;
+
bool oom_score_adjust_set:1;
bool nice_set:1;
bool ioprio_set:1;
bool cpu_sched_set:1;
bool oom_score_adjust_set:1;
bool nice_set:1;
bool ioprio_set:1;
bool cpu_sched_set:1;
+ bool no_new_privileges_set:1;
};
#include "cgroup.h"
};
#include "cgroup.h"
@@
-190,6
+199,7
@@
int exec_spawn(ExecCommand *command,
bool confirm_spawn,
CGroupControllerMask cgroup_mask,
const char *cgroup_path,
bool confirm_spawn,
CGroupControllerMask cgroup_mask,
const char *cgroup_path,
+ const char *runtime_prefix,
const char *unit_id,
usec_t watchdog_usec,
int pipe_fd[2],
const char *unit_id,
usec_t watchdog_usec,
int pipe_fd[2],
@@
-213,6
+223,8
@@
void exec_context_init(ExecContext *c);
void exec_context_done(ExecContext *c);
void exec_context_dump(ExecContext *c, FILE* f, const char *prefix);
void exec_context_done(ExecContext *c);
void exec_context_dump(ExecContext *c, FILE* f, const char *prefix);
+int exec_context_destroy_runtime_directory(ExecContext *c, const char *runtime_root);
+
int exec_context_load_environment(const ExecContext *c, char ***l);
bool exec_context_may_touch_console(ExecContext *c);
int exec_context_load_environment(const ExecContext *c, char ***l);
bool exec_context_may_touch_console(ExecContext *c);