]> git.ipfire.org Git - thirdparty/util-linux.git/commit
projects / thirdparty / util-linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9abd5e4) | patch
setpriv: add landlock support
authorThomas Weißschuh <thomas@t-8ch.de>
Wed, 6 Dec 2023 17:39:51 +0000 (18:39 +0100)
committerThomas Weißschuh <thomas@t-8ch.de>
Mon, 11 Dec 2023 19:52:20 +0000 (20:52 +0100)
commitae015d713895c4d72589a656a9ca359ede3d5073
treef4394ef10da9ce899d85151dd013bf5e7e81e55ftree | snapshot
parent9abd5e4b99fb2d78d8dbbb9144aef68972c65e83commit | diff
setpriv: add landlock support

landlock [0] is a Linux stackable LSM that can be used by unprivileged
processes to build a sandbox around them.

With support for landlock in setpriv users can easily construct a
sandbox on-the-fly when executing programs.

[0] https://landlock.io/

Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
13 files changed:
bash-completion/setpriv diff | blob | blame | history
configure.ac diff | blob | blame | history
meson.build diff | blob | blame | history
sys-utils/Makemodule.am diff | blob | blame | history
sys-utils/meson.build diff | blob | blame | history
sys-utils/setpriv-landlock.c [new file with mode: 0644] blob
sys-utils/setpriv-landlock.h [new file with mode: 0644] blob
sys-utils/setpriv.1.adoc diff | blob | blame | history
sys-utils/setpriv.c diff | blob | blame | history
tests/commands.sh diff | blob | blame | history
tests/expected/setpriv/landlock-nothing-allowed [new file with mode: 0644] blob
tests/expected/setpriv/landlock-partial-access-fail [new file with mode: 0644] blob
tests/ts/setpriv/landlock [new file with mode: 0755] blob
Unnamed repository; edit this file 'description' to name the repository.