]>
Commit | Line | Data |
---|---|---|
8befd5cc MG |
1 | #!/usr/bin/env python |
2 | ||
3 | # | |
4 | # Seccomp Library test program | |
5 | # | |
6 | # Copyright (c) 2012 Red Hat <pmoore@redhat.com> | |
7 | # Author: Paul Moore <paul@paul-moore.com> | |
8 | # | |
9 | ||
10 | # | |
11 | # This library is free software; you can redistribute it and/or modify it | |
12 | # under the terms of version 2.1 of the GNU Lesser General Public License as | |
13 | # published by the Free Software Foundation. | |
14 | # | |
15 | # This library is distributed in the hope that it will be useful, but WITHOUT | |
16 | # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or | |
17 | # FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License | |
18 | # for more details. | |
19 | # | |
20 | # You should have received a copy of the GNU Lesser General Public License | |
21 | # along with this library; if not, see <http://www.gnu.org/licenses>. | |
22 | # | |
23 | ||
24 | import argparse | |
25 | import sys | |
26 | ||
27 | import util | |
28 | ||
29 | from seccomp import * | |
30 | ||
31 | def test(args): | |
32 | f32 = SyscallFilter(KILL) | |
33 | f64 = SyscallFilter(KILL) | |
34 | f32.remove_arch(Arch()) | |
35 | f64.remove_arch(Arch()) | |
36 | f32.add_arch(Arch("x86")) | |
37 | f64.add_arch(Arch("x86_64")) | |
38 | f32.add_rule(ALLOW, "read", Arg(0, EQ, sys.stdin.fileno())) | |
39 | f32.add_rule(ALLOW, "write", Arg(0, EQ, sys.stdout.fileno())) | |
40 | f32.add_rule(ALLOW, "write", Arg(0, EQ, sys.stderr.fileno())) | |
41 | f32.add_rule(ALLOW, "close") | |
42 | f64.add_rule(ALLOW, "socket") | |
43 | f64.add_rule(ALLOW, "connect") | |
44 | f64.add_rule(ALLOW, "shutdown") | |
45 | f64.merge(f32) | |
46 | return f64 | |
47 | ||
48 | args = util.get_opt() | |
49 | ctx = test(args) | |
50 | util.filter_output(args, ctx) | |
51 | ||
52 | # kate: syntax python; | |
53 | # kate: indent-mode python; space-indent on; indent-width 4; mixedindent off; |