mirrors/passt
1
0
Fork 0
mirror of https://passt.top/passt synced 2025-06-11 01:55:34 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Move self-isolation code into a separate file

Browse source 
passt/pasta contains a number of routines designed to isolate passt from
the rest of the system for security.  These are spread through util.c and
passt.c.  Move them together into a new isolation.c file.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
This commit is contained in:
David Gibson 2022-09-12 22:24:03 +10:00 committed by Stefano Brivio
parent 5d3b50c100
commit d72a1e7bb9
8 changed files with 189 additions and 169 deletions

2
util.h
View file

@ -233,8 +233,6 @@ int bitmap_isset(const uint8_t *map, int bit);
char *line_read(char *buf, size_t len, int fd);
void procfs_scan_listen(struct ctx *c, uint8_t proto, int ip_version, int ns,
uint8_t *map, uint8_t *exclude);
void drop_caps(void);
void drop_root(uid_t uid, gid_t gid);
int ns_enter(const struct ctx *c);
void write_pidfile(int fd, pid_t pid);
int __daemon(int pidfile_fd, int devnull_fd);