Searched refs:restrict_namespaces (Results 1 – 5 of 5) sorted by relevance
| /systemd-251/src/core/ |
| D | execute.h | 325 … unsigned long restrict_namespaces; /* The CLONE_NEWxyz flags permitted to the unit's processes */ member
355 return (c->restrict_namespaces & NAMESPACE_FLAGS_ALL) != NAMESPACE_FLAGS_ALL; in exec_context_restrict_namespaces_set()
|
| D | load-fragment.c | 3655 c->restrict_namespaces = NAMESPACE_FLAGS_INITIAL; in config_parse_restrict_namespaces()
3662 c->restrict_namespaces = 0; in config_parse_restrict_namespaces()
3665 c->restrict_namespaces = NAMESPACE_FLAGS_ALL; in config_parse_restrict_namespaces()
3681 if (c->restrict_namespaces == NAMESPACE_FLAGS_INITIAL) in config_parse_restrict_namespaces()
3683 c->restrict_namespaces = invert ? (~flags) & NAMESPACE_FLAGS_ALL : flags; in config_parse_restrict_namespaces()
3686 SET_FLAG(c->restrict_namespaces, flags, !invert); in config_parse_restrict_namespaces()
|
| D | dbus-execute.c | 1296 …ictNamespaces", "t", bus_property_get_ulong, offsetof(ExecContext, restrict_namespaces), SD_BUS_VT…
1981 … return bus_set_transient_namespace_flag(u, name, &c->restrict_namespaces, message, flags, error); in bus_exec_context_set_transient_property()
|
| D | execute.c | 1695 return seccomp_restrict_namespaces(c->restrict_namespaces); in apply_restrict_namespaces()
5315 c->restrict_namespaces = NAMESPACE_FLAGS_INITIAL; in exec_context_init()
6144 r = namespace_flags_to_string(c->restrict_namespaces, &s); in exec_context_dump()
|
| /systemd-251/src/analyze/ |
| D | analyze-security.c | 94 unsigned long long restrict_namespaces; member
141 .restrict_namespaces = UINT64_MAX, in security_info_new()
528 *ret_badness = !!(info->restrict_namespaces & a->parameter); in assess_restrict_namespaces()
1979 info->restrict_namespaces = (unsigned long long) namespaces; in property_read_restrict_namespaces()
2566 info->restrict_namespaces = c->restrict_namespaces; in get_security_info()
|