X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=src%2Fcore%2Fexecute.h;h=73b8a119b064651f31a3bddaad7f0cc3231eb49c;hb=2a624c36e646e9ef8d204a506b12e7dbd380e111;hp=1faff160cbea58d115938ba56ddf004872b85dea;hpb=a9ae08421eac6080d68c03c503c1673eea9f37b3;p=thirdparty%2Fsystemd.git

diff --git a/src/core/execute.h b/src/core/execute.h
index 1faff160cbe..73b8a119b06 100644
--- a/src/core/execute.h
+++ b/src/core/execute.h
@@ -1,5 +1,3 @@
-/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
-
 #pragma once
 
 /***
@@ -27,16 +25,15 @@ typedef struct ExecContext ExecContext;
 typedef struct ExecRuntime ExecRuntime;
 typedef struct ExecParameters ExecParameters;
 
-#include <sys/capability.h>
+#include <sched.h>
 #include <stdbool.h>
 #include <stdio.h>
-#include <sched.h>
+#include <sys/capability.h>
 
-#include "list.h"
 #include "fdset.h"
+#include "list.h"
 #include "missing.h"
 #include "namespace.h"
-#include "bus-endpoint.h"
 
 typedef enum ExecUtmpMode {
         EXEC_UTMP_INIT,
@@ -84,7 +81,8 @@ struct ExecCommand {
         char **argv;
         ExecStatus exec_status;
         LIST_FIELDS(ExecCommand, command); /* useful for chaining commands */
-        bool ignore;
+        bool ignore:1;
+        bool privileged:1;
 };
 
 struct ExecRuntime {
@@ -122,6 +120,8 @@ struct ExecContext {
 
         nsec_t timer_slack_nsec;
 
+        bool stdio_as_fds;
+
         char *tty_path;
 
         bool tty_reset;
@@ -130,7 +130,7 @@ struct ExecContext {
 
         bool ignore_sigpipe;
 
-        /* Since resolving these names might might involve socket
+        /* Since resolving these names might involve socket
          * connections and we don't want to deadlock ourselves these
          * names are resolved on execution only and in the child
          * process. */
@@ -152,12 +152,11 @@ struct ExecContext {
         bool smack_process_label_ignore;
         char *smack_process_label;
 
-        char **read_write_dirs, **read_only_dirs, **inaccessible_dirs;
+        char **read_write_paths, **read_only_paths, **inaccessible_paths;
         unsigned long mount_flags;
 
-        uint64_t capability_bounding_set_drop;
-
-        cap_t capabilities;
+        uint64_t capability_bounding_set;
+        uint64_t capability_ambient_set;
         int secure_bits;
 
         int syslog_priority;
@@ -194,18 +193,18 @@ struct ExecContext {
         char **runtime_directory;
         mode_t runtime_directory_mode;
 
+        bool memory_deny_write_execute;
+        bool restrict_realtime;
+
         bool oom_score_adjust_set:1;
         bool nice_set:1;
         bool ioprio_set:1;
         bool cpu_sched_set:1;
         bool no_new_privileges_set:1;
-
-        /* custom dbus enpoint */
-        BusEndpoint *bus_endpoint;
 };
 
-#include "cgroup.h"
 #include "cgroup-util.h"
+#include "cgroup.h"
 
 struct ExecParameters {
         char **argv;
@@ -232,9 +231,6 @@ struct ExecParameters {
 
         int *idle_pipe;
 
-        char *bus_endpoint_path;
-        int bus_endpoint_fd;
-
         int stdin_fd;
         int stdout_fd;
         int stderr_fd;