diff options
author | Paul Moore <pmoore@redhat.com> | 2012-04-05 11:37:24 -0400 |
---|---|---|
committer | Paul Moore <pmoore@redhat.com> | 2012-04-05 13:16:22 -0400 |
commit | 02cd79c1525f9df52f1868a8bdfe3ade9e5cd86c (patch) | |
tree | 1114a965a1557ef1e12ba050923a690bc4ac5297 /doc | |
parent | 2428d1cbd094b1e7c20991cdce31bd0e8c18d864 (diff) | |
download | libseccomp-02cd79c1525f9df52f1868a8bdfe3ade9e5cd86c.tar.gz |
doc: manpage for seccomp_load()
Signed-off-by: Paul Moore <pmoore@redhat.com>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man/man3/seccomp_load.3 | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/doc/man/man3/seccomp_load.3 b/doc/man/man3/seccomp_load.3 new file mode 100644 index 0000000..45ac6e1 --- /dev/null +++ b/doc/man/man3/seccomp_load.3 @@ -0,0 +1,76 @@ +.TH "seccomp_load" 3 "5 April 2012" "paul@paul-moore.com" "libseccomp Documentation" +.////////////////////////////////////////////////////////////////////////////// +.SH NAME +.////////////////////////////////////////////////////////////////////////////// +seccomp_load \- Load the current seccomp filter into the kernel +.////////////////////////////////////////////////////////////////////////////// +.SH SYNOPSIS +.////////////////////////////////////////////////////////////////////////////// +.nf +.B #include <seccomp.h> +.sp +.BI "int seccomp_load(void);" +.fi +.////////////////////////////////////////////////////////////////////////////// +.SH DESCRIPTION +.////////////////////////////////////////////////////////////////////////////// +.P +Loads the currently configured seccomp filter into the kernel; if the function +succeeds the new seccomp filter will be active when the function returns. +.////////////////////////////////////////////////////////////////////////////// +.SH RETURN VALUE +.////////////////////////////////////////////////////////////////////////////// +Returns zero on success, negative errno values on failure. +.////////////////////////////////////////////////////////////////////////////// +.SH EXAMPLES +.////////////////////////////////////////////////////////////////////////////// +.nf +#include <seccomp.h> + +int main(int argc, char *argv[]) +{ + int rc; + + rc = seccomp_init(SCMP_ACT_KILL); + if (rc < 0) + return -rc; + + /* ... */ + + rc = seccomp_load(); + if (rc < 0) + goto out; + + /* ... */ + +out: + seccomp_release(); + return -rc; +} +.fi +.////////////////////////////////////////////////////////////////////////////// +.SH NOTES +.////////////////////////////////////////////////////////////////////////////// +.P +While the seccomp filter can be generated independent of the kernel, kernel +support is required to load and enforce the seccomp filter generated by +libseccomp. +.P +The libseccomp project site, with more information and the source code +repository, can be found at http://libseccomp.sf.net. This library is currently +under development, please report any bugs at the project site or directly to +the author. +.////////////////////////////////////////////////////////////////////////////// +.SH AUTHOR +.////////////////////////////////////////////////////////////////////////////// +Paul Moore <paul@paul-moore.com> +.////////////////////////////////////////////////////////////////////////////// +.SH SEE ALSO +.////////////////////////////////////////////////////////////////////////////// +.BR seccomp_init (3), +.BR seccomp_reset (3), +.BR seccomp_release (3), +.BR seccomp_rule_add (3), +.BR seccomp_rule_add_exact (3) + + |