pnut_child/
lib.rs

1#![no_std]
2#![deny(unsafe_op_in_unsafe_fn)]
3
4//! Minimal helpers for code that runs in the child after `clone3()` and
5//! before `execve()`.
6//!
7//! This crate is intentionally small and has no dependency on `pnut`. The
8//! child path should consume precomputed data from the parent and restrict
9//! itself to raw syscalls and simple borrowed views.
10
11mod caps;
12mod env;
13mod error;
14mod fd;
15mod io;
16mod landlock;
17mod mount;
18mod net;
19mod process;
20mod report;
21mod rlimit;
22mod runtime;
23mod seccomp;
24mod spec;
25
26pub use fd::FdAction;
27pub use report::{ChildFailure, Stage};
28pub use runtime::run;
29pub use spec::{
30    BindMount, CapsSpec, ChildSpec, EnvBinding, EnvSpec, EnvStorage, ExecSpec, FdSpec, FileMount,
31    HidePid, LandlockNetRule, LandlockPathRule, LandlockRulesetAttr, LandlockSpec, MountEntry,
32    MountPlan, MqueueMount, ProcMount, ProcSubset, ProcessSpec, RlimitEntry, RlimitSpec,
33    SeccompSpec, TmpfsMount,
34};
pnut_child/lib.rs

pnut_child/
lib.rs
