diff options
| author | Lennart Poettering <lennart@poettering.net> | 2017-09-13 19:44:11 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2017-09-14 15:45:21 +0200 |
| commit | 0963c053fa59b6fe3a40da1e05c0ca9c4c54eb46 (patch) | |
| tree | 25f496f3859bfd801b76aca29b878de6d1b0bcc4 /src | |
| parent | b887d2ebfe19b09d498f71589d245ad2060f1afd (diff) | |
| download | systemd-0963c053fa59b6fe3a40da1e05c0ca9c4c54eb46.tar.gz | |
seccomp: augment the @resources group a bit
Given that sched_setattr/sched_setparam/sched_setscheduler are already
in the group the closely related nice + ioprio_set should also be
included.
Also, order things alphabetically.
Diffstat (limited to 'src')
| -rw-r--r-- | src/shared/seccomp-util.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/src/shared/seccomp-util.c b/src/shared/seccomp-util.c index d96b449082..f4f4eb36d3 100644 --- a/src/shared/seccomp-util.c +++ b/src/shared/seccomp-util.c @@ -658,17 +658,19 @@ const SyscallFilterSet syscall_filter_sets[_SYSCALL_FILTER_SET_MAX] = { .name = "@resources", .help = "Alter resource settings", .value = + "ioprio_set\0" + "mbind\0" + "migrate_pages\0" + "move_pages\0" + "nice\0" + "prlimit64\0" + "sched_setaffinity\0" + "sched_setattr\0" "sched_setparam\0" "sched_setscheduler\0" - "sched_setaffinity\0" + "set_mempolicy\0" "setpriority\0" "setrlimit\0" - "set_mempolicy\0" - "migrate_pages\0" - "move_pages\0" - "mbind\0" - "sched_setattr\0" - "prlimit64\0" }, [SYSCALL_FILTER_SET_SETUID] = { .name = "@setuid", |