Native Rust crate for libseccomp library
This is a high-level safe API for libseccomp on Linux.
Examples
use libseccomp::*;
fn main() -> Result<(), Box<dyn std::error::Error>> {
let mut ctx = ScmpFilterContext::new_filter(ScmpAction::Allow)?;
ctx.add_arch(ScmpArch::X86)?;
let syscall = get_syscall_from_name("getuid", None)?;
ctx.add_rule(ScmpAction::Errno(1), syscall, None)?;
ctx.load()?;
Ok(())
}
use libc;
use libseccomp::*;
fn main() -> Result<(), Box<dyn std::error::Error>> {
let mut ctx = ScmpFilterContext::new_filter(ScmpAction::Allow)?;
ctx.add_arch(ScmpArch::X86)?;
let syscall = get_syscall_from_name("dup2", None)?;
let cmp = ScmpArgCompare::new(0, ScmpCompareOp::Equal, 1, None);
ctx.add_rule(ScmpAction::Errno(libc::EPERM as u32), syscall, Some(&[cmp]))?;
ctx.load()?;
Ok(())
}
