Native Rust crate for libseccomp library
This is a high-level safe API for libseccomp on Linux.
Examples
use libseccomp::*;
fn main() -> Result<(), Box<dyn std::error::Error>> {
let mut filter = ScmpFilterContext::new_filter(ScmpAction::Allow)?;
filter.add_arch(ScmpArch::Native)?;
let syscall = get_syscall_from_name("getuid", None)?;
filter.add_rule(ScmpAction::Errno(1), syscall, None)?;
filter.load()?;
Ok(())
}
use libc;
use libseccomp::*;
fn main() -> Result<(), Box<dyn std::error::Error>> {
let mut filter = ScmpFilterContext::new_filter(ScmpAction::Allow)?;
filter.add_arch(ScmpArch::X8664)?;
let syscall = get_syscall_from_name("dup2", Some(ScmpArch::X8664))?;
let cmp = ScmpArgCompare::new(0, ScmpCompareOp::Equal, 1, None);
filter.add_rule(ScmpAction::Errno(libc::EPERM as u32), syscall, Some(&[cmp]))?;
filter.load()?;
Ok(())
}
