]> git.ipfire.org Git - thirdparty/chrony.git/commit
projects / thirdparty / chrony.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: cda6735) | patch
privops: enable system call filter
authorThomas Kupper <tom@kupper.org>
Wed, 11 Feb 2026 06:53:41 +0000 (07:53 +0100)
committerMiroslav Lichvar <mlichvar@redhat.com>
Wed, 25 Feb 2026 11:35:50 +0000 (12:35 +0100)
commitfd60dabde7c8375392335daa664f2a71a1ae2b3a
treeca6a693a66baf509baa1358d93aaf53fa22cac14tree | snapshot
parentcda67351ae8b234e8ba7b89d47cd322f8b32bc54commit | diff
privops: enable system call filter

In preparation of OpenBSD support, add SYS_EnableSystemCallFilter() call
to PRV_StartHelper().

In OpenBSD the privops helper will use a system call filter (pledge(2)),
whereas in Linux the privops helper doesn't use any system call filter
at the moment.

Modify Unit test ntp_sources call to PRV_Initialise() with parameter
scfilter_level set to 0.
main.c diff | blob | blame | history
privops.c diff | blob | blame | history
privops.h diff | blob | blame | history
sys.h diff | blob | blame | history
sys_linux.c diff | blob | blame | history
test/unit/ntp_sources.c diff | blob | blame | history
Mirror of https://git.tuxfamily.org/chrony/chrony.git