Crate seccomp_droundy

This crate is based on seccomp_sys and provides a higher level wrapper for libseccomp.

Example usage:

extern crate seccomp_droundy;
extern crate libc;

use seccomp_droundy::*;

fn main() {
       let mut ctx = Context::default(Action::Allow).unwrap();
       let rule = Rule::new(105 /* setuid on x86_64 */,
           Compare::arg(0)
               .with(1000)
               .using(Op::Eq)
               .build().unwrap(),
           Action::Errno(libc::EPERM) /* return EPERM */
       );
       ctx.add_rule(rule).unwrap();
       ctx.load().unwrap();
       let ret = unsafe { libc::setuid(1000) };
       println!("ret = {}, uid = {}", ret, unsafe { libc::getuid() });
}

Macros

scmp_cmp

A macro to ergonomically express comparisons using ordinary comparison operators.

Structs

Arch
Compare	Comparison definition builder
Context	Seccomp context
Rule	Seccomp rule
SeccompError	Error type

Enums

Action	Seccomp actions
Op	Comparison operators
Syscall

Constants

ARCH_NATIVE
ARCH_X32
ARCH_X86
ARCH_X86_64

Type Definitions

Cmp