diff options
Diffstat (limited to 'src/firejail/firejail.h')
| -rw-r--r-- | src/firejail/firejail.h | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/firejail/firejail.h b/src/firejail/firejail.h index f4a176caf..661073730 100644 --- a/src/firejail/firejail.h +++ b/src/firejail/firejail.h | |||
| @@ -237,6 +237,7 @@ extern int arg_rlimit_nproc; // rlimit nproc | |||
| 237 | extern int arg_rlimit_fsize; // rlimit fsize | 237 | extern int arg_rlimit_fsize; // rlimit fsize |
| 238 | extern int arg_rlimit_sigpending;// rlimit sigpending | 238 | extern int arg_rlimit_sigpending;// rlimit sigpending |
| 239 | extern int arg_nogroups; // disable supplementary groups | 239 | extern int arg_nogroups; // disable supplementary groups |
| 240 | extern int arg_nonewprivs; // set the NO_NEW_PRIVS prctl | ||
| 240 | extern int arg_noroot; // create a new user namespace and disable root user | 241 | extern int arg_noroot; // create a new user namespace and disable root user |
| 241 | extern int arg_netfilter; // enable netfilter | 242 | extern int arg_netfilter; // enable netfilter |
| 242 | extern int arg_netfilter6; // enable netfilter6 | 243 | extern int arg_netfilter6; // enable netfilter6 |
| @@ -565,7 +566,8 @@ void sandboxfs(int op, pid_t pid, const char *patqh); | |||
| 565 | #define CFG_SECCOMP 5 | 566 | #define CFG_SECCOMP 5 |
| 566 | #define CFG_NETWORK 6 | 567 | #define CFG_NETWORK 6 |
| 567 | #define CFG_RESTRICTED_NETWORK 7 | 568 | #define CFG_RESTRICTED_NETWORK 7 |
| 568 | #define CFG_MAX 8 // this should always be the last entry | 569 | #define CFG_FORCE_NONEWPRIVS 8 |
| 570 | #define CFG_MAX 9 // this should always be the last entry | ||
| 569 | int checkcfg(int val); | 571 | int checkcfg(int val); |
| 570 | 572 | ||
| 571 | // fs_rdwr.c | 573 | // fs_rdwr.c |