exec: Add kill action to system call filters

Define explicit action "kill" for SystemCallErrorNumber=. In addition to errno code, allow specifying "kill" as action for SystemCallFilter=. --- v7: seccomp_parse_errno_or_action() returns -EINVAL if !HAVE_SECCOMP v6: use streq_ptr(), let errno_to_name() handle bad values, kill processes, init syscall_errno v5: actually use seccomp_errno_or_action_to_string(), don't fail bus unit parsing without seccomp v4: fix build without seccomp v3: drop log action v2: action -> number
author: Topi Miettinen <toiwoton@gmail.com> 2020-08-05 16:31:26 +0300
committer: Topi Miettinen <toiwoton@gmail.com> 2020-09-15 12:54:17 +0300
commit: 005bfaf11876e261de6b99d597b69f664b53e7c5 (patch)
tree: 7aa214e69fad5ff0d0ac245529707dbf2dbbd44d /src/basic/parse-util.h
parent: 150c430fd499082164b6ddbd2f501e2333261a78 (diff)
download: systemd-005bfaf11876e261de6b99d597b69f664b53e7c5.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/src/basic/parse-util.h b/src/basic/parse-util.h
index 9a516ce5f6..2cee65c49a 100644
--- a/src/basic/parse-util.h
+++ b/src/basic/parse-util.h
@@ -19,7 +19,9 @@ int parse_mtu(int family, const char *s, uint32_t *ret);
 int parse_size(const char *t, uint64_t base, uint64_t *size);
 int parse_range(const char *t, unsigned *lower, unsigned *upper);
 int parse_errno(const char *t);
+#if HAVE_SECCOMP
 int parse_syscall_and_errno(const char *in, char **name, int *error);
+#endif
 
 #define SAFE_ATO_REFUSE_PLUS_MINUS (1U << 30)
 #define SAFE_ATO_REFUSE_LEADING_ZERO (1U << 29)
author	Topi Miettinen <toiwoton@gmail.com>	2020-08-05 16:31:26 +0300
committer	Topi Miettinen <toiwoton@gmail.com>	2020-09-15 12:54:17 +0300
commit	005bfaf11876e261de6b99d597b69f664b53e7c5 (patch)
tree	7aa214e69fad5ff0d0ac245529707dbf2dbbd44d /src/basic/parse-util.h
parent	150c430fd499082164b6ddbd2f501e2333261a78 (diff)
download	systemd-005bfaf11876e261de6b99d597b69f664b53e7c5.tar.gz