#pragma once
/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
- Copyright 2016 Djalal Harouni
+ Copyright © 2016 Djalal Harouni
***/
typedef struct NamespaceInfo NamespaceInfo;
struct NamespaceInfo {
bool ignore_protect_paths:1;
bool private_dev:1;
+ bool private_mounts:1;
bool protect_control_groups:1;
bool protect_kernel_tunables:1;
bool protect_kernel_modules:1;
+ bool protect_kernel_logs:1;
bool mount_apivfs:1;
+ bool protect_hostname:1;
};
struct BindMount {
char *source;
char *destination;
bool read_only:1;
+ bool nosuid:1;
bool recursive:1;
bool ignore_enoent:1;
};
size_t n_temporary_filesystems,
const char *tmp_dir,
const char *var_tmp_dir,
+ const char *log_namespace,
ProtectHome protect_home,
ProtectSystem protect_system,
unsigned long mount_flags,
- DissectImageFlags dissected_image_flags);
+ const void *root_hash,
+ size_t root_hash_size,
+ const char *root_hash_path,
+ const void *root_hash_sig,
+ size_t root_hash_sig_size,
+ const char *root_hash_sig_path,
+ const char *root_verity,
+ DissectImageFlags dissected_image_flags,
+ char **error_path);
int setup_tmp_dirs(
const char *id,
char **tmp_dir,
char **var_tmp_dir);
-int setup_netns(int netns_storage_socket[2]);
+int setup_netns(const int netns_storage_socket[static 2]);
+int open_netns_path(const int netns_storage_socket[static 2], const char *path);
const char* protect_home_to_string(ProtectHome p) _const_;
ProtectHome protect_home_from_string(const char *s) _pure_;
-ProtectHome parse_protect_home_or_bool(const char *s);
const char* protect_system_to_string(ProtectSystem p) _const_;
ProtectSystem protect_system_from_string(const char *s) _pure_;
-ProtectSystem parse_protect_system_or_bool(const char *s);
void bind_mount_free_many(BindMount *b, size_t n);
int bind_mount_add(BindMount **b, size_t *n, const BindMount *item);
projects / thirdparty / systemd.git / blobdiff