DWS/chrony
1
0
Fork 0
mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-03 16:35:06 -05:00
Code Issues Packages Projects Releases Wiki Activity

sys: specify context for syscall filter

Browse Source 
Specify a context to enable different processes using different (more
restrictive) syscall filters.
This commit is contained in:
Miroslav Lichvar
2019-11-26 14:10:24 +01:00
parent 3e537416a9
commit e6848b1e3f
5 changed files with 12 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
sys.h
View File

@@ -38,9 +38,13 @@ extern void SYS_Finalise(void);
/* Drop root privileges to the specified user and group */
extern void SYS_DropRoot(uid_t uid, gid_t gid);
typedef enum {
SYS_MAIN_PROCESS,
} SYS_SystemCallContext;
/* Enable a system call filter to allow only system calls
which chronyd normally needs after initialization */
extern void SYS_EnableSystemCallFilter(int level);
extern void SYS_EnableSystemCallFilter(int level, SYS_SystemCallContext context);
extern void SYS_SetScheduler(int SchedPriority);
extern void SYS_LockMemory(void);