LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

seccomp.2: Document the SECCOMP_FILTER_FLAG_LOG flag added in Linux 4.14 

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Tyler Hicks 2017-10-26 04:11:41 +00:00 committed by Michael Kerrisk
parent 6d1728dad1
commit 17c56ad055
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
man2/seccomp.2
View File

@ -205,6 +205,14 @@ Synchronization will fail if another thread in the same process is in
.BR SECCOMP_MODE_STRICT
or if it has attached new seccomp filters to itself,
diverging from the calling thread's filter tree.
.TP
.BR SECCOMP_FILTER_FLAG_LOG " (since Linux 4.14)"
.\" commit e66a39977985b1e69e17c4042cb290768eca9b02
All filter return actions except
.BR SECCOMP_RET_ALLOW
should be logged. An administrator may override this filter flag by preventing specific actions from being logged via the
.IR /proc/sys/kernel/seccomp/actions_logged
file.
.RE
.TP
.BR SECCOMP_GET_ACTION_AVAIL " (since Linux 4.14)"