On Tue, 08.07.14 17:33, David Timothy Strauss ([email protected]) wrote:
> Is there a good way to empirically determine the additional calls > required for an application, sort of like selinux permissive mode? > We're often running user code on our servers, and we'd like to perform > analysis and gradually roll out filtering. We'd like to be as > non-disruptive as possible. "strace" should do the job. It should give you a pretty good idea of all syscalls a process uses. That's what I used when testing SyscallFilters=. Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
