| 1 | libseccomp: An Enhanced Seccomp (mode 2) Helper Library |
| 2 | =============================================================================== |
| 3 | https://github.com/seccomp/libseccomp |
| 4 | |
| 5 | The libseccomp library provides an easy to use, platform independent, interface |
| 6 | to the Linux Kernel's syscall filtering mechanism. The libseccomp API is |
| 7 | designed to abstract away the underlying BPF based syscall filter language and |
| 8 | present a more conventional function-call based filtering interface that should |
| 9 | be familiar to, and easily adopted by, application developers. |
| 10 | |
| 11 | * Online Resources |
| 12 | |
| 13 | The library source repository currently lives on GitHub at the following URL: |
| 14 | |
| 15 | -> https://github.com/seccomp/libseccomp |
| 16 | |
| 17 | The project mailing list is currently hosted on Google Groups at the URL below, |
| 18 | please note that a Google account is not required to subscribe to the mailing |
| 19 | list. |
| 20 | |
| 21 | -> https://groups.google.com/forum/#!forum/libseccomp |
| 22 | -> https://groups.google.com/forum/#!forum/libseccomp/join |
| 23 | |
| 24 | * Documentation |
| 25 | |
| 26 | The "doc/" directory contains all of the currently available documentation, |
| 27 | mostly in the form of manpages. The top level directory also contains a README |
| 28 | file (this file) as well as the LICENSE, CREDITS, SUBMITTING_PATCHES, and |
| 29 | CHANGELOG files. |
| 30 | |
| 31 | Those who are interested in contributing to the the project are encouraged to |
| 32 | read the SUBMITTING_PATCHES in the top level directory. |
| 33 | |
| 34 | * Building and Installing the Library |
| 35 | |
| 36 | If you are building the libseccomp library from an official release tarball, |
| 37 | you should follow the familiar three step process used by most autotools based |
| 38 | applications: |
| 39 | |
| 40 | # ./configure |
| 41 | # make [V=0|1] |
| 42 | # make install |
| 43 | |
| 44 | However, if you are building the library from sources retrieved from the source |
| 45 | repository you may need to run the autogen.sh script before running configure. |
| 46 | In both cases, running "./configure -h" will display a list of build-time |
| 47 | configuration options. |
| 48 | |
| 49 | * Testing the Library |
| 50 | |
| 51 | There are a number of tests located in the "tests/" directory and a make target |
| 52 | which can be used to help automate their execution. If you want to run the |
| 53 | standard regression tests you can execute the following after building the |
| 54 | library: |
| 55 | |
| 56 | # make check |
| 57 | |
| 58 | Be warned that the test run can take a while to run and produces a lot of |
| 59 | output. |
| 60 | |
| 61 | * Other Useful Tools |
| 62 | |
| 63 | The "tools/" directory includes a number of tools which may be helpful in the |
| 64 | development of the library, or applications using the library. Not all of |
| 65 | these tools are installed by default. |