#include <stdbool.h>
#include <stdio.h>
#include <sched.h>
+#ifdef HAVE_SECCOMP
+#include <seccomp.h>
+
+#include "set.h"
+#endif
#include "list.h"
#include "util.h"
#include "fdset.h"
-typedef struct Unit Unit;
-
typedef enum ExecInput {
EXEC_INPUT_NULL,
EXEC_INPUT_TTY,
char *utmp_id;
+ char *selinux_context;
+
char **read_write_dirs, **read_only_dirs, **inaccessible_dirs;
unsigned long mount_flags;
bool non_blocking;
bool private_tmp;
bool private_network;
+ bool private_devices;
bool no_new_privileges;
* don't enter a trigger loop. */
bool same_pgrp;
- uint32_t *syscall_filter;
+ Set *syscall_filter;
+ Set *syscall_archs;
+ int syscall_errno;
+ bool syscall_whitelist:1;
bool oom_score_adjust_set:1;
bool nice_set:1;
CGroupControllerMask cgroup_mask,
const char *cgroup_path,
const char *unit_id,
+ usec_t watchdog_usec,
int pipe_fd[2],
ExecRuntime *runtime,
pid_t *ret);