On Mo, 13.07.20 10:02, Chris PeBenito (chpeb...@linux.microsoft.com) wrote:
> > I think it would be more flexible to extend the error code return per
> > system call, like
> > SystemCallFilter=gettimeofday:LOG
>
> Yes, that provides much more granularity but is it necessary to support that
> level
On 7/8/20 2:31 PM, Topi Miettinen wrote:
On 8.7.2020 17.47, Chris PeBenito wrote:
I would like to implement a unit option that would make the seccomp action
SCMP_ACT_LOG so that I can test SystemCallFilter settings without killing the
services, like SELinux permissive mode.
I was reading this
On 8.7.2020 17.47, Chris PeBenito wrote:
I would like to implement a unit option that would make the seccomp
action SCMP_ACT_LOG so that I can test SystemCallFilter settings without
killing the services, like SELinux permissive mode.
I was reading this github issue about seccomp actions from l
I would like to implement a unit option that would make the seccomp action
SCMP_ACT_LOG so that I can test SystemCallFilter settings without killing the
services, like SELinux permissive mode.
I was reading this github issue about seccomp actions from last year:
https://github.com/systemd/syst
