1 files changed, 19 insertions, 1 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h
index 6a679f849..35e2dbf50 100644
--- a/src/firejail/firejail.h
+++ b/src/firejail/firejail.h
@@ -22,15 +22,33 @@
 #include "../include/common.h"
 #include "../include/euid_common.h"
 #include "../include/rundefs.h"
-#include <linux/limits.h> // Note: Plain limits.h may break ARG_MAX (see #4583)
+#ifdef HAVE_LANDLOCK
 #include <linux/landlock.h>
+#endif
+#include <linux/limits.h> // Note: Plain limits.h may break ARG_MAX (see #4583)
 #include <stdarg.h>
 #include <sys/stat.h>
 // debug restricted shell
 //#define DEBUG_RESTRICTED_SHELL
+#ifdef HAVE_LANDLOCK
+extern int landlock_create_ruleset(struct landlock_ruleset_attr *rsattr,size_t size,__u32 flags);
+extern int landlock_add_rule(int fd,enum landlock_rule_type t,void *attr,__u32 flags);
+extern int landlock_restrict_self(int fd,__u32 flags);
+extern int create_full_ruleset();
+extern int add_read_access_rule_by_path(int rset_fd,char *allowed_path);
+extern int add_write_access_rule_by_path(int rset_fd,char *allowed_path,int restricted);
+extern int add_execute_rule_by_path(int rset_fd,char *allowed_path);
+#endif
 // profiles
 #define DEFAULT_USER_PROFILE    "default"

diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index 6a679f849..35e2dbf50 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h
@@ -22,15 +22,33 @@
22	#include "../include/common.h"	22	#include "../include/common.h"
23	#include "../include/euid_common.h"	23	#include "../include/euid_common.h"
24	#include "../include/rundefs.h"	24	#include "../include/rundefs.h"
25	#include <linux/limits.h> // Note: Plain limits.h may break ARG_MAX (see #4583)	25	#ifdef HAVE_LANDLOCK
26	#include <linux/landlock.h>	26	#include <linux/landlock.h>
		27	#endif
		28	#include <linux/limits.h> // Note: Plain limits.h may break ARG_MAX (see #4583)
27	#include <stdarg.h>	29	#include <stdarg.h>
28	#include <sys/stat.h>	30	#include <sys/stat.h>
29		31
30	// debug restricted shell	32	// debug restricted shell
31	//#define DEBUG_RESTRICTED_SHELL	33	//#define DEBUG_RESTRICTED_SHELL
32		34
		35	#ifdef HAVE_LANDLOCK
		36
		37	extern int landlock_create_ruleset(struct landlock_ruleset_attr *rsattr,size_t size,__u32 flags);
		38
		39	extern int landlock_add_rule(int fd,enum landlock_rule_type t,void *attr,__u32 flags);
		40
		41	extern int landlock_restrict_self(int fd,__u32 flags);
33		42
		43	extern int create_full_ruleset();
		44
		45	extern int add_read_access_rule_by_path(int rset_fd,char *allowed_path);
		46
		47	extern int add_write_access_rule_by_path(int rset_fd,char *allowed_path,int restricted);
		48
		49	extern int add_execute_rule_by_path(int rset_fd,char *allowed_path);
		50
		51	#endif
34		52
35	// profiles	53	// profiles
36	#define DEFAULT_USER_PROFILE "default"	54	#define DEFAULT_USER_PROFILE "default"