[thirdparty/systemd.git] / src / core / namespace.h

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

#pragma once

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <stdbool.h>

#include "macro.h"

typedef enum ProtectHome {
        PROTECT_HOME_NO,
        PROTECT_HOME_YES,
        PROTECT_HOME_READ_ONLY,
        _PROTECT_HOME_MAX,
        _PROTECT_HOME_INVALID = -1
} ProtectHome;

typedef enum ProtectSystem {
        PROTECT_SYSTEM_NO,
        PROTECT_SYSTEM_YES,
        PROTECT_SYSTEM_FULL,
        _PROTECT_SYSTEM_MAX,
        _PROTECT_SYSTEM_INVALID = -1
} ProtectSystem;

int setup_namespace(char **read_write_dirs,
                    char **read_only_dirs,
                    char **inaccessible_dirs,
                    const char *tmp_dir,
                    const char *var_tmp_dir,
                    const char *endpoint_path,
                    bool private_dev,
                    ProtectHome protect_home,
                    ProtectSystem protect_system,
                    unsigned mount_flags);

int setup_tmp_dirs(const char *id,
                  char **tmp_dir,
                  char **var_tmp_dir);

int setup_netns(int netns_storage_socket[2]);

const char* protect_home_to_string(ProtectHome p) _const_;
ProtectHome protect_home_from_string(const char *s) _pure_;

const char* protect_system_to_string(ProtectSystem p) _const_;
ProtectSystem protect_system_from_string(const char *s) _pure_;
Commit	Line	Data
03467c88	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
15ae422b	2
c2f1db8f	3	#pragma once
15ae422b LP	4
	5	/***
	6	This file is part of systemd.
	7
	8	Copyright 2010 Lennart Poettering
	9
	10	systemd is free software; you can redistribute it and/or modify it
5430f7f2 LP	11	under the terms of the GNU Lesser General Public License as published by
5430f7f2 LP	12	the Free Software Foundation; either version 2.1 of the License, or
15ae422b LP	13	(at your option) any later version.
	14
	15	systemd is distributed in the hope that it will be useful, but
	16	WITHOUT ANY WARRANTY; without even the implied warranty of
	17	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2	18	Lesser General Public License for more details.
15ae422b	19
5430f7f2	20	You should have received a copy of the GNU Lesser General Public License
15ae422b LP	21	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	22	***/
	23
	24	#include <stdbool.h>
	25
417116f2 LP	26	#include "macro.h"
417116f2 LP	27
1b8689f9 LP	28	typedef enum ProtectHome {
	29	PROTECT_HOME_NO,
	30	PROTECT_HOME_YES,
	31	PROTECT_HOME_READ_ONLY,
	32	_PROTECT_HOME_MAX,
	33	_PROTECT_HOME_INVALID = -1
	34	} ProtectHome;
	35
	36	typedef enum ProtectSystem {
	37	PROTECT_SYSTEM_NO,
	38	PROTECT_SYSTEM_YES,
	39	PROTECT_SYSTEM_FULL,
	40	_PROTECT_SYSTEM_MAX,
	41	_PROTECT_SYSTEM_INVALID = -1
	42	} ProtectSystem;
417116f2	43
c17ec25e MS	44	int setup_namespace(char **read_write_dirs,
	45	char **read_only_dirs,
	46	char **inaccessible_dirs,
a004cb4c LP	47	const char *tmp_dir,
	48	const char *var_tmp_dir,
	49	const char *endpoint_path,
7f112f50	50	bool private_dev,
1b8689f9 LP	51	ProtectHome protect_home,
1b8689f9 LP	52	ProtectSystem protect_system,
c17ec25e	53	unsigned mount_flags);
613b411c LP	54
	55	int setup_tmp_dirs(const char *id,
	56	char **tmp_dir,
	57	char **var_tmp_dir);
	58
	59	int setup_netns(int netns_storage_socket[2]);
417116f2	60
1b8689f9 LP	61	const char* protect_home_to_string(ProtectHome p) _const_;
	62	ProtectHome protect_home_from_string(const char *s) _pure_;
	63
	64	const char* protect_system_to_string(ProtectSystem p) _const_;
	65	ProtectSystem protect_system_from_string(const char *s) _pure_;