X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fcore%2Fnamespace.h;h=42b92e78035ffad44a10cb18904af2a32eaa07ca;hb=f5b51ea7fcb0b6380c3ceb4d4f3f22f647c6fd32;hp=ee7416b7bdc4ed20c91eb2e8ee6616e2a0aa9a43;hpb=d8c9d3a468e61ee2a2b2c3454e662398b0885411;p=elogind.git diff --git a/src/core/namespace.h b/src/core/namespace.h index ee7416b7b..42b92e780 100644 --- a/src/core/namespace.h +++ b/src/core/namespace.h @@ -23,14 +23,43 @@ #include -int setup_tmpdirs(const char *unit_id, - char **tmp_dir, - char **var_tmp_dir); +#include "macro.h" + +typedef enum ProtectHome { + PROTECT_HOME_NO, + PROTECT_HOME_YES, + PROTECT_HOME_READ_ONLY, + _PROTECT_HOME_MAX, + _PROTECT_HOME_INVALID = -1 +} ProtectHome; + +typedef enum ProtectSystem { + PROTECT_SYSTEM_NO, + PROTECT_SYSTEM_YES, + PROTECT_SYSTEM_FULL, + _PROTECT_SYSTEM_MAX, + _PROTECT_SYSTEM_INVALID = -1 +} ProtectSystem; int setup_namespace(char **read_write_dirs, char **read_only_dirs, char **inaccessible_dirs, - char *tmp_dir, - char *var_tmp_dir, - bool private_tmp, - unsigned mount_flags); + const char *tmp_dir, + const char *var_tmp_dir, + const char *endpoint_path, + bool private_dev, + ProtectHome protect_home, + ProtectSystem protect_system, + unsigned long mount_flags); + +int setup_tmp_dirs(const char *id, + char **tmp_dir, + char **var_tmp_dir); + +int setup_netns(int netns_storage_socket[2]); + +const char* protect_home_to_string(ProtectHome p) _const_; +ProtectHome protect_home_from_string(const char *s) _pure_; + +const char* protect_system_to_string(ProtectSystem p) _const_; +ProtectSystem protect_system_from_string(const char *s) _pure_;