Searched refs:jail (Results 1 – 3 of 3) sorted by relevance
31 struct minijail* jail = minijail_new(); in SetupMinijail() local32 if (jail == nullptr) { in SetupMinijail()36 minijail_no_new_privs(jail); in SetupMinijail()37 minijail_log_seccomp_filter_failures(jail); in SetupMinijail()38 minijail_use_seccomp_filter(jail); in SetupMinijail()39 minijail_parse_seccomp_filters(jail, seccomp_policy_path.c_str()); in SetupMinijail()40 minijail_enter(jail); in SetupMinijail()41 minijail_destroy(jail); in SetupMinijail()
98 ScopedMinijail jail(minijail_new()); in drop_privileges() local114 minijail_set_supplementary_gids(jail.get(), arraysize(groups), groups); in drop_privileges()122 minijail_use_caps(jail.get(), CAP_TO_MASK(CAP_SETUID) | CAP_TO_MASK(CAP_SETGID)); in drop_privileges()125 minijail_change_gid(jail.get(), AID_SHELL); in drop_privileges()126 minijail_change_uid(jail.get(), AID_SHELL); in drop_privileges()128 minijail_enter(jail.get()); in drop_privileges()153 minijail_enter(jail.get()); in drop_privileges()
927 ScopedMinijail jail{minijail_new()}; in seccomp_fork_impl() local928 if (!jail) { in seccomp_fork_impl()932 minijail_no_new_privs(jail.get()); in seccomp_fork_impl()933 minijail_log_seccomp_filter_failures(jail.get()); in seccomp_fork_impl()934 minijail_use_seccomp_filter(jail.get()); in seccomp_fork_impl()935 minijail_parse_seccomp_filters_from_fd(jail.get(), tmp_fd.release()); in seccomp_fork_impl()946 std::thread thread([&jail, &thread_ready]() { in seccomp_fork_impl()947 minijail_enter(jail.get()); in seccomp_fork_impl()962 minijail_enter(jail.get()); in seccomp_fork_impl()