diff options
Diffstat (limited to 'src/firejail/firejail.h')
| -rw-r--r-- | src/firejail/firejail.h | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index efeda7228..43325de62 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
| @@ -150,6 +150,11 @@ typedef struct profile_entry_t { | |||
| 150 | 150 | ||
| 151 | } ProfileEntry; | 151 | } ProfileEntry; |
| 152 | 152 | ||
| 153 | typedef struct landlock_entry_t { | ||
| 154 | struct landlock_entry_t *next; | ||
| 155 | char *data; | ||
| 156 | } LandlockEntry; | ||
| 157 | |||
| 153 | typedef struct config_t { | 158 | typedef struct config_t { |
| 154 | // user data | 159 | // user data |
| 155 | char *username; | 160 | char *username; |
| @@ -159,6 +164,7 @@ typedef struct config_t { | |||
| 159 | // filesystem | 164 | // filesystem |
| 160 | ProfileEntry *profile; | 165 | ProfileEntry *profile; |
| 161 | ProfileEntry *profile_rebuild_etc; // blacklist files in /etc directory used by fs_rebuild_etc() | 166 | ProfileEntry *profile_rebuild_etc; // blacklist files in /etc directory used by fs_rebuild_etc() |
| 167 | LandlockEntry *lprofile; | ||
| 162 | 168 | ||
| 163 | #define MAX_PROFILE_IGNORE 32 | 169 | #define MAX_PROFILE_IGNORE 32 |
| 164 | char *profile_ignore[MAX_PROFILE_IGNORE]; | 170 | char *profile_ignore[MAX_PROFILE_IGNORE]; |
| @@ -962,6 +968,7 @@ int ll_special(const char *allowed_path); | |||
| 962 | int ll_exec(const char *allowed_path); | 968 | int ll_exec(const char *allowed_path); |
| 963 | int ll_basic_system(void); | 969 | int ll_basic_system(void); |
| 964 | int ll_restrict(__u32 flags); | 970 | int ll_restrict(__u32 flags); |
| 971 | void ll_add_profile(const char *data); | ||
| 965 | #else | 972 | #else |
| 966 | static inline int ll_get_fd(void) { return -1; } | 973 | static inline int ll_get_fd(void) { return -1; } |
| 967 | static inline int ll_read(...) { return 0; } | 974 | static inline int ll_read(...) { return 0; } |
| @@ -970,6 +977,7 @@ static inline int ll_special(...) { return 0; } | |||
| 970 | static inline int ll_exec(...) { return 0; } | 977 | static inline int ll_exec(...) { return 0; } |
| 971 | static inline int ll_basic_system(void) { return 0; } | 978 | static inline int ll_basic_system(void) { return 0; } |
| 972 | static inline int ll_restrict(...) { return 0; } | 979 | static inline int ll_restrict(...) { return 0; } |
| 980 | static inline void ll_add_profile(...) { return; } | ||
| 973 | #endif /* HAVE_LANDLOCK */ | 981 | #endif /* HAVE_LANDLOCK */ |
| 974 | 982 | ||
| 975 | #endif | 983 | #endif |