blob: cc5f54d4fdc88058a1dbbb9e427f6909c13152e2 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
/*
* Copyright (C) 2015 Etienne CHAMPETIER <champetier.etienne@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License version 2.1
* as published by the Free Software Foundation
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*/
#ifndef _JAIL_CAPABILITIES_H_
#define _JAIL_CAPABILITIES_H_
#include <libubox/blobmsg.h>
struct jail_capset {
uint64_t bounding;
uint64_t effective;
uint64_t inheritable;
uint64_t permitted;
uint64_t ambient;
uint8_t apply;
};
int drop_capabilities(const char *file);
int parseOCIcapabilities(struct jail_capset *capset, struct blob_attr *msg);
int applyOCIcapabilities(struct jail_capset capset);
#endif
|
