Lines Matching refs:minijail
8 * 1) Construct a minijail with minijail_new()
31 struct minijail;
33 /* Allocates a new minijail with no restrictions. */
34 struct minijail *minijail_new(void);
37 * These functions add restrictions to the minijail. They are not applied until
41 void minijail_change_uid(struct minijail *j, uid_t uid);
42 void minijail_change_gid(struct minijail *j, gid_t gid);
44 void minijail_set_supplementary_gids(struct minijail *j, size_t size,
47 int minijail_change_user(struct minijail *j, const char *user);
49 int minijail_change_group(struct minijail *j, const char *group);
50 void minijail_use_seccomp(struct minijail *j);
51 void minijail_no_new_privs(struct minijail *j);
52 void minijail_use_seccomp_filter(struct minijail *j);
53 void minijail_parse_seccomp_filters(struct minijail *j, const char *path);
54 void minijail_log_seccomp_filter_failures(struct minijail *j);
55 void minijail_use_caps(struct minijail *j, uint64_t capmask);
56 void minijail_reset_signal_mask(struct minijail *j);
57 void minijail_namespace_vfs(struct minijail *j);
58 void minijail_namespace_enter_vfs(struct minijail *j, const char *ns_path);
59 void minijail_namespace_ipc(struct minijail *j);
60 void minijail_namespace_net(struct minijail *j);
61 void minijail_namespace_enter_net(struct minijail *j, const char *ns_path);
66 void minijail_namespace_pids(struct minijail *j);
67 void minijail_namespace_user(struct minijail *j);
68 int minijail_uidmap(struct minijail *j, const char *uidmap);
69 int minijail_gidmap(struct minijail *j, const char *gidmap);
70 void minijail_remount_proc_readonly(struct minijail *j);
71 void minijail_run_as_init(struct minijail *j);
72 int minijail_write_pid_file(struct minijail *j, const char *path);
73 void minijail_inherit_usergroups(struct minijail *j);
74 void minijail_disable_ptrace(struct minijail *j);
79 int minijail_use_alt_syscall(struct minijail *j, const char *table);
87 int minijail_add_to_cgroup(struct minijail *j, const char *path);
91 * @j minijail to apply restriction to
100 int minijail_enter_chroot(struct minijail *j, const char *dir);
101 int minijail_enter_pivot_root(struct minijail *j, const char *dir);
106 * @j minijail to obtain the path from.
114 char *minijail_get_original_path(struct minijail *j, const char *chroot_path);
120 void minijail_mount_tmp(struct minijail *j);
123 * minijail_mount: when entering minijail @j, mounts @src at @dst with @flags
124 * @j minijail to bind inside
133 int minijail_mount(struct minijail *j, const char *src, const char *dest,
138 * @j minijail to bind inside
146 int minijail_bind(struct minijail *j, const char *src, const char *dest,
150 * Lock this process into the given minijail. Note that this procedure cannot fail,
157 void minijail_enter(const struct minijail *j);
160 * Run the specified command in the given minijail, execve(2)-style. This is
163 int minijail_run(struct minijail *j, const char *filename,
167 * Run the specified command in the given minijail, execve(2)-style.
170 int minijail_run_no_preload(struct minijail *j, const char *filename,
174 * Run the specified command in the given minijail, execve(2)-style.
177 int minijail_run_pid(struct minijail *j, const char *filename,
181 * Run the specified command in the given minijail, execve(2)-style.
185 int minijail_run_pipe(struct minijail *j, const char *filename,
189 * Run the specified command in the given minijail, execve(2)-style.
198 int minijail_run_pid_pipes(struct minijail *j, const char *filename,
203 * Run the specified command in the given minijail, execve(2)-style.
213 int minijail_run_pid_pipes_no_preload(struct minijail *j, const char *filename,
219 * Kill the specified minijail. The minijail must have been created with pid
222 int minijail_kill(struct minijail *j);
225 * Wait for all processed in the specified minijail to exit. Returns the exit
228 int minijail_wait(struct minijail *j);
231 * Frees the given minijail. It does not matter if the process is inside the minijail or
234 void minijail_destroy(struct minijail *j);
