Re-exports§
pub use error::SandlockError;pub use policy::Policy;pub use policy::PolicyBuilder;pub use result::RunResult;pub use result::ExitStatus;pub use sandbox::Sandbox;pub use pipeline::Stage;pub use pipeline::Pipeline;pub use dry_run::Change;pub use dry_run::ChangeKind;pub use dry_run::DryRunResult;
Modules§
- context
- dry_run
- error
- fork
- COW fork — create lightweight clones of a sandboxed process.
- image
- Extract local Docker/OCI images into rootfs directories for sandboxing.
- landlock
- pipeline
- Sandbox pipeline — chain multiple sandboxed stages connected by pipes.
- policy
- policy_
fn - Dynamic policy — live policy modification via syscall event callbacks.
- profile
- result
- sandbox
- seccomp
Structs§
- Checkpoint
- A frozen snapshot of sandbox state.
Constants§
- MIN_
LANDLOCK_ ABI - Minimum Landlock ABI version required by sandlock.
Functions§
- confine_
current_ process - Confine the calling process with Landlock filesystem restrictions.
- landlock_
abi_ version - Query the Landlock ABI version supported by the running kernel.