execute: no need to include seccomp.h from execute.h

[elogind.git] / src / core / execute.h

diff --git a/src/core/execute.h b/src/core/execute.h
index b2d70d7d86bb9c0ab53e3e5de026f9bf2b8a70a3..efda23f9d8a7f7d61c01252350363e53e31c8f32 100644 (file)
--- a/src/core/execute.h
+++ b/src/core/execute.h
@@ -33,14 +33,10 @@ typedef struct ExecRuntime ExecRuntime;
 #include <stdbool.h>
 #include <stdio.h>
 #include <sched.h>
-#ifdef HAVE_SECCOMP
-#include <seccomp.h>
-
-#include "set.h"
-#endif
 
 #include "list.h"
 #include "util.h"
+#include "set.h"
 #include "fdset.h"
 
 typedef enum ExecInput {
@@ -138,8 +134,12 @@ struct ExecContext {
 
         char *utmp_id;
 
+        bool selinux_context_ignore;
         char *selinux_context;
 
+        bool apparmor_profile_ignore;
+        char *apparmor_profile;
+
         char **read_write_dirs, **read_only_dirs, **inaccessible_dirs;
         unsigned long mount_flags;
 
@@ -167,12 +167,15 @@ struct ExecContext {
          * don't enter a trigger loop. */
         bool same_pgrp;
 
-#ifdef HAVE_SECCOMP
-        scmp_filter_ctx syscall_filter;
-        Set *filtered_syscalls;
-        uint32_t syscall_filter_default_action;
-#endif
-        char *syscall_filter_string;
+        unsigned long personality;
+
+        Set *syscall_filter;
+        Set *syscall_archs;
+        int syscall_errno;
+        bool syscall_whitelist:1;
+
+        Set *address_families;
+        bool address_families_whitelist:1;
 
         bool oom_score_adjust_set:1;
         bool nice_set:1;