| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
| |
Preserve the seccomp notifier fd after the exec. In this way, if seitan
needs to restat is able to retrive the fd from /proc/<pid>/fd of the
target.
Signed-off-by: Alice Frosi <afrosi@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
The connect syscall was used to synchronize seitan and the eater for the
seccomp installation filter and notifier initialization. However, we
assume that the fd 0 is always free, and this might not always be the
case.
Try to implement an alternative and more robust solution.
Signed-off-by: Alice Frosi <afrosi@redhat.com>
|
|
|
|
|
|
| |
Check for errors for prctl and seccomp syscall.
Signed-off-by: Alice Frosi <afrosi@redhat.com>
|
|
|
|
|
|
|
|
| |
Extend seitan-eatar for launching a generich program with arguments.
Example:
./seitan-eater -i input.json -- ls
Signed-off-by: Alice Frosi <afrosi@redhat.com>
|
|
Signed-off-by: Alice Frosi <afrosi@redhat.com>
|