Expand description
System capability checking.
Verifies at runtime that the kernel supports all required features for sandboxing.
The check is performed once and cached in a static OnceLock.
§Required Features
| Feature | Minimum | Check Method |
|---|---|---|
| Kernel | 6.12 | uname syscall |
| Landlock | ABI 5 | landlock_create_ruleset with VERSION flag |
| Seccomp | enabled | prctl(PR_GET_SECCOMP) |
§Usage
ⓘ
match check::check() {
Ok(info) => println!("Landlock ABI: {}", info.landlock_abi),
Err(e) => eprintln!("System not supported: {}", e),
}Structs§
- System
Info - Information about the system’s sandboxing capabilities.
Enums§
- Check
Error - Errors that can occur during system capability checking.
Functions§
- check
- Check system capabilities and cache the result.