1 exe,euser,egroup,pidns,caps,filter 2 cloud-init,root,root,No,No,No 3 device_policy_m,root,root,No,No,No 4 ensure_gke_dock,root,root,No,No,No 5 first-boot,root,root,No,No,No 6 install_custom_,root,root,No,No,No 7 get_metadata_va,root,root,No,No,No 8 onboot,root,root,No,No,No 9 systemd-journal,root,root,No,No,No 10 systemd-logind,root,root,No,No,No 11 systemd,root,root,No,No,No 12 systemd-udevd,root,root,No,No,No 13 14 # TODO: We need better filters on these. 15 curl,root,root,No,No,No 16 17 # These processes won't run without network (which is the case for VMTests), but 18 # they also run as root and are not sandboxed. You will hit these if you try to 19 # run VMTests on your own KVM instance. 20 docker,root,root,No,No,No 21 containerd,root,root,No,No,No 22 23 # Processes that used by GCP compute image packages. 24 google_ip_forwa,root,root,No,No,No 25 google_accounts,root,root,No,No,No 26 google_clock_sk,root,root,No,No,No 27 google_metadata,root,root,No,No,No 28 google_instance,root,root,No,No,No 29 google_network_,root,root,No,No,No 30
