diff options
Diffstat (limited to 'src/firejail/firejail.h')
-rw-r--r-- | src/firejail/firejail.h | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index f4a176caf..661073730 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
@@ -237,6 +237,7 @@ extern int arg_rlimit_nproc; // rlimit nproc | |||
237 | extern int arg_rlimit_fsize; // rlimit fsize | 237 | extern int arg_rlimit_fsize; // rlimit fsize |
238 | extern int arg_rlimit_sigpending;// rlimit sigpending | 238 | extern int arg_rlimit_sigpending;// rlimit sigpending |
239 | extern int arg_nogroups; // disable supplementary groups | 239 | extern int arg_nogroups; // disable supplementary groups |
240 | extern int arg_nonewprivs; // set the NO_NEW_PRIVS prctl | ||
240 | extern int arg_noroot; // create a new user namespace and disable root user | 241 | extern int arg_noroot; // create a new user namespace and disable root user |
241 | extern int arg_netfilter; // enable netfilter | 242 | extern int arg_netfilter; // enable netfilter |
242 | extern int arg_netfilter6; // enable netfilter6 | 243 | extern int arg_netfilter6; // enable netfilter6 |
@@ -565,7 +566,8 @@ void sandboxfs(int op, pid_t pid, const char *patqh); | |||
565 | #define CFG_SECCOMP 5 | 566 | #define CFG_SECCOMP 5 |
566 | #define CFG_NETWORK 6 | 567 | #define CFG_NETWORK 6 |
567 | #define CFG_RESTRICTED_NETWORK 7 | 568 | #define CFG_RESTRICTED_NETWORK 7 |
568 | #define CFG_MAX 8 // this should always be the last entry | 569 | #define CFG_FORCE_NONEWPRIVS 8 |
570 | #define CFG_MAX 9 // this should always be the last entry | ||
569 | int checkcfg(int val); | 571 | int checkcfg(int val); |
570 | 572 | ||
571 | // fs_rdwr.c | 573 | // fs_rdwr.c |