diff options
author | Kevin Kuehler <keur@xcf.berkeley.edu> | 2019-11-04 17:17:01 -0800 |
---|---|---|
committer | Kevin Kuehler <keur@xcf.berkeley.edu> | 2019-11-11 12:11:56 -0800 |
commit | 620dbdd2489515696d53b90c061208b43b65aafa (patch) | |
tree | 28650bd0736aa32e908244b31fc4f60ef6a85928 /src/shared/seccomp-util.h | |
parent | a602d93e4408ebff61729dbf7d06d42874e99574 (diff) | |
download | systemd-620dbdd2489515696d53b90c061208b43b65aafa.tar.gz |
shared: Add ProtectKernelLogs property
Add seccomp_protect_syslog, which adds a filter rule for the syslog
system call.
Diffstat (limited to 'src/shared/seccomp-util.h')
-rw-r--r-- | src/shared/seccomp-util.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/shared/seccomp-util.h b/src/shared/seccomp-util.h index b29082a488..0b48e74a87 100644 --- a/src/shared/seccomp-util.h +++ b/src/shared/seccomp-util.h @@ -82,6 +82,7 @@ int seccomp_parse_syscall_filter( int seccomp_restrict_archs(Set *archs); int seccomp_restrict_namespaces(unsigned long retain); int seccomp_protect_sysctl(void); +int seccomp_protect_syslog(void); int seccomp_restrict_address_families(Set *address_families, bool whitelist); int seccomp_restrict_realtime(void); int seccomp_memory_deny_write_execute(void); |