[thirdparty/systemd.git] / src / core / namespace.h

#pragma once

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <stdbool.h>

#include "macro.h"

typedef enum ProtectHome {
        PROTECT_HOME_NO,
        PROTECT_HOME_YES,
        PROTECT_HOME_READ_ONLY,
        _PROTECT_HOME_MAX,
        _PROTECT_HOME_INVALID = -1
} ProtectHome;

typedef enum ProtectSystem {
        PROTECT_SYSTEM_NO,
        PROTECT_SYSTEM_YES,
        PROTECT_SYSTEM_FULL,
        PROTECT_SYSTEM_STRICT,
        _PROTECT_SYSTEM_MAX,
        _PROTECT_SYSTEM_INVALID = -1
} ProtectSystem;

int setup_namespace(const char *chroot,
                    char **read_write_paths,
                    char **read_only_paths,
                    char **inaccessible_paths,
                    const char *tmp_dir,
                    const char *var_tmp_dir,
                    bool private_dev,
                    bool protect_sysctl,
                    bool protect_cgroups,
                    ProtectHome protect_home,
                    ProtectSystem protect_system,
                    unsigned long mount_flags);

int setup_tmp_dirs(const char *id,
                  char **tmp_dir,
                  char **var_tmp_dir);

int setup_netns(int netns_storage_socket[2]);

const char* protect_home_to_string(ProtectHome p) _const_;
ProtectHome protect_home_from_string(const char *s) _pure_;

const char* protect_system_to_string(ProtectSystem p) _const_;
ProtectSystem protect_system_from_string(const char *s) _pure_;
Commit	Line	Data
c2f1db8f	1	#pragma once
15ae422b LP	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2010 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
5430f7f2 LP	9	under the terms of the GNU Lesser General Public License as published by
5430f7f2 LP	10	the Free Software Foundation; either version 2.1 of the License, or
15ae422b LP	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2	16	Lesser General Public License for more details.
15ae422b	17
5430f7f2	18	You should have received a copy of the GNU Lesser General Public License
15ae422b LP	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include <stdbool.h>
	23
417116f2 LP	24	#include "macro.h"
417116f2 LP	25
1b8689f9 LP	26	typedef enum ProtectHome {
	27	PROTECT_HOME_NO,
	28	PROTECT_HOME_YES,
	29	PROTECT_HOME_READ_ONLY,
	30	_PROTECT_HOME_MAX,
	31	_PROTECT_HOME_INVALID = -1
	32	} ProtectHome;
	33
	34	typedef enum ProtectSystem {
	35	PROTECT_SYSTEM_NO,
	36	PROTECT_SYSTEM_YES,
	37	PROTECT_SYSTEM_FULL,
3f815163	38	PROTECT_SYSTEM_STRICT,
1b8689f9 LP	39	_PROTECT_SYSTEM_MAX,
	40	_PROTECT_SYSTEM_INVALID = -1
	41	} ProtectSystem;
417116f2	42
ee818b89	43	int setup_namespace(const char *chroot,
2a624c36 AP	44	char **read_write_paths,
	45	char **read_only_paths,
	46	char **inaccessible_paths,
a004cb4c LP	47	const char *tmp_dir,
a004cb4c LP	48	const char *var_tmp_dir,
7f112f50	49	bool private_dev,
59eeb84b LP	50	bool protect_sysctl,
59eeb84b LP	51	bool protect_cgroups,
1b8689f9 LP	52	ProtectHome protect_home,
1b8689f9 LP	53	ProtectSystem protect_system,
e6547662	54	unsigned long mount_flags);
613b411c LP	55
	56	int setup_tmp_dirs(const char *id,
	57	char **tmp_dir,
	58	char **var_tmp_dir);
	59
	60	int setup_netns(int netns_storage_socket[2]);
417116f2	61
1b8689f9 LP	62	const char* protect_home_to_string(ProtectHome p) _const_;
	63	ProtectHome protect_home_from_string(const char *s) _pure_;
	64
	65	const char* protect_system_to_string(ProtectSystem p) _const_;
	66	ProtectSystem protect_system_from_string(const char *s) _pure_;