Trait RuleSet

Source

pub trait RuleSet {
    // Required methods
    fn simple_rules(&self) -> Vec<Sysno>;
    fn name(&self) -> &'static str;

    // Provided method
    fn conditional_rules(&self) -> HashMap<Sysno, Vec<SeccompRule>> { ... }
}

Expand description

A RuleSet is a collection of SeccompRule and LandlockRule s that enable a functionality, such as opening files or starting threads.

Required Methods§

Source

fn simple_rules(&self) -> Vec<Sysno>

A simple rule is a seccomp rule that just allows the syscall without restriction.

Source

fn name(&self) -> &'static str

The name of the profile.

Provided Methods§

Source

fn conditional_rules(&self) -> HashMap<Sysno, Vec<SeccompRule>>

A conditional rule is a seccomp rule that uses a condition to restrict the syscall, e.g. only specific flags as parameters.

Implementations on Foreign Types§

Source §

fn name(&self) -> &'static str

Implementors§

Source §

impl RuleSet for Sysno

Source §

impl RuleSet for BasicCapabilities

Source §

impl RuleSet for ForkAndExec

Source §

impl RuleSet for Threads

Source §

impl RuleSet for Networking

Source §

impl RuleSet for Pipes

Source §

impl RuleSet for SystemIO

Source §

RuleSet

Trait RuleSet Copy item path

Required Methods§

fn simple_rules(&self) -> Vec<Sysno>

fn name(&self) -> &'static str

Provided Methods§

fn conditional_rules(&self) -> HashMap<Sysno, Vec<SeccompRule>>

Implementations on Foreign Types§

impl<T: ?Sized + RuleSet> RuleSet for &T

fn simple_rules(&self) -> Vec<Sysno>

fn conditional_rules(&self) -> HashMap<Sysno, Vec<SeccompRule>>

fn name(&self) -> &'static str

Implementors§

impl RuleSet for Sysno

impl RuleSet for BasicCapabilities

impl RuleSet for ForkAndExec

impl RuleSet for Threads

impl RuleSet for Networking

impl RuleSet for Pipes

impl RuleSet for SystemIO

impl RuleSet for Time

Trait RuleSet