diff options
| author | Lennart Poettering <lennart@poettering.net> | 2021-10-19 14:56:49 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2021-10-20 11:35:15 +0200 |
| commit | 4a4654e0241fbeabecb8587fd3520b6b39264b9c (patch) | |
| tree | 2e4366a646eb12e254fc631e344a832987aa27c6 /src/shared/seccomp-util.h | |
| parent | 231c7645ca761f0347c98fa48c68b3fde00fbc15 (diff) | |
| download | systemd-4a4654e0241fbeabecb8587fd3520b6b39264b9c.tar.gz | |
nspawn: add --suppress-sync=yes mode for turning sync() and friends into NOPs via seccomp
This is supposed to be used by package/image builders such as mkosi to
speed up building, since it allows us to suppress sync() inside a
container.
This does what Debian's eatmydata tool does, but for a container, and
via seccomp (instead of LD_PRELOAD).
Diffstat (limited to 'src/shared/seccomp-util.h')
| -rw-r--r-- | src/shared/seccomp-util.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/shared/seccomp-util.h b/src/shared/seccomp-util.h index b3d25c9f3f..4f4bc48431 100644 --- a/src/shared/seccomp-util.h +++ b/src/shared/seccomp-util.h @@ -150,3 +150,5 @@ static inline const char *seccomp_errno_or_action_to_string(int num) { } int parse_syscall_and_errno(const char *in, char **name, int *error); + +int seccomp_suppress_sync(void); |