[thirdparty/systemd.git] / src / core / namespace.h

#pragma once

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <stdbool.h>

#include "macro.h"

typedef enum ProtectHome {
        PROTECT_HOME_NO,
        PROTECT_HOME_YES,
        PROTECT_HOME_READ_ONLY,
        _PROTECT_HOME_MAX,
        _PROTECT_HOME_INVALID = -1
} ProtectHome;

typedef enum ProtectSystem {
        PROTECT_SYSTEM_NO,
        PROTECT_SYSTEM_YES,
        PROTECT_SYSTEM_FULL,
        _PROTECT_SYSTEM_MAX,
        _PROTECT_SYSTEM_INVALID = -1
} ProtectSystem;

int setup_namespace(const char *chroot,
                    char **read_write_paths,
                    char **read_only_paths,
                    char **inaccessible_paths,
                    const char *tmp_dir,
                    const char *var_tmp_dir,
                    bool private_dev,
                    ProtectHome protect_home,
                    ProtectSystem protect_system,
                    unsigned long mount_flags);

int setup_tmp_dirs(const char *id,
                  char **tmp_dir,
                  char **var_tmp_dir);

int setup_netns(int netns_storage_socket[2]);

const char* protect_home_to_string(ProtectHome p) _const_;
ProtectHome protect_home_from_string(const char *s) _pure_;

const char* protect_system_to_string(ProtectSystem p) _const_;
ProtectSystem protect_system_from_string(const char *s) _pure_;
Commit	Line	Data
c2f1db8f	1	#pragma once
15ae422b LP	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2010 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
5430f7f2 LP	9	under the terms of the GNU Lesser General Public License as published by
5430f7f2 LP	10	the Free Software Foundation; either version 2.1 of the License, or
15ae422b LP	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2	16	Lesser General Public License for more details.
15ae422b	17
5430f7f2	18	You should have received a copy of the GNU Lesser General Public License
15ae422b LP	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include <stdbool.h>
	23
417116f2 LP	24	#include "macro.h"
417116f2 LP	25
1b8689f9 LP	26	typedef enum ProtectHome {
	27	PROTECT_HOME_NO,
	28	PROTECT_HOME_YES,
	29	PROTECT_HOME_READ_ONLY,
	30	_PROTECT_HOME_MAX,
	31	_PROTECT_HOME_INVALID = -1
	32	} ProtectHome;
	33
	34	typedef enum ProtectSystem {
	35	PROTECT_SYSTEM_NO,
	36	PROTECT_SYSTEM_YES,
	37	PROTECT_SYSTEM_FULL,
	38	_PROTECT_SYSTEM_MAX,
	39	_PROTECT_SYSTEM_INVALID = -1
	40	} ProtectSystem;
417116f2	41
ee818b89	42	int setup_namespace(const char *chroot,
2a624c36 AP	43	char **read_write_paths,
	44	char **read_only_paths,
	45	char **inaccessible_paths,
a004cb4c LP	46	const char *tmp_dir,
a004cb4c LP	47	const char *var_tmp_dir,
7f112f50	48	bool private_dev,
1b8689f9 LP	49	ProtectHome protect_home,
1b8689f9 LP	50	ProtectSystem protect_system,
e6547662	51	unsigned long mount_flags);
613b411c LP	52
	53	int setup_tmp_dirs(const char *id,
	54	char **tmp_dir,
	55	char **var_tmp_dir);
	56
	57	int setup_netns(int netns_storage_socket[2]);
417116f2	58
1b8689f9 LP	59	const char* protect_home_to_string(ProtectHome p) _const_;
	60	ProtectHome protect_home_from_string(const char *s) _pure_;
	61
	62	const char* protect_system_to_string(ProtectSystem p) _const_;
	63	ProtectSystem protect_system_from_string(const char *s) _pure_;