hakoniwa 1.6.0

Process isolation for Linux using namespaces, resource limits, cgroups, landlock and seccomp.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26

use super::error::*;
use super::sys::{self, Pid, SaFlags, SigAction, SigHandler, SigSet, Signal};

static mut CHILD: libc::pid_t = 0;

extern "C" fn signal_handler(_: libc::c_int) {
    unsafe {
        if CHILD != 0 {
            libc::kill(CHILD, libc::SIGKILL);
        }
    }
}

pub(crate) fn timeout(child: Pid, timeout: u64) -> Result<()> {
    unsafe {
        CHILD = child.as_raw();
    }

    let sa = SigAction::new(
        SigHandler::Handler(signal_handler),
        SaFlags::SA_RESTART,
        SigSet::empty(),
    );
    sys::sigaction(Signal::SIGALRM, &sa)?;
    sys::setalarm(timeout)
}