On 7/8/20 2:31 PM, Topi Miettinen wrote:
On 8.7.2020 17.47, Chris PeBenito wrote:
I would like to implement a unit option that would make the seccomp action
SCMP_ACT_LOG so that I can test SystemCallFilter settings without killing the
services, like SELinux permissive mode.
I was reading
.
Is there a preference to how the config options would work?
--
Chris PeBenito
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel
On 6/23/20 10:57 AM, Lennart Poettering wrote:
On Di, 23.06.20 09:41, Chris PeBenito (chpeb...@linux.microsoft.com) wrote:
I've got some challenges using systemd's seccomp support because it
conflicts with the way my system is managed. I need to manage the seccomp
SystemCallFilter lists
systems.
Would there be any objections to a patch that would add a new unit option for
loading the system call filter list out of a specified file?
--
Chris PeBenito
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https