mirror of https://github.com/mkerrisk/man-pages
seccomp.2: Document the SECCOMP_FILTER_FLAG_LOG flag added in Linux 4.14
Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
6d1728dad1
commit
17c56ad055
|
@ -205,6 +205,14 @@ Synchronization will fail if another thread in the same process is in
|
|||
.BR SECCOMP_MODE_STRICT
|
||||
or if it has attached new seccomp filters to itself,
|
||||
diverging from the calling thread's filter tree.
|
||||
.TP
|
||||
.BR SECCOMP_FILTER_FLAG_LOG " (since Linux 4.14)"
|
||||
.\" commit e66a39977985b1e69e17c4042cb290768eca9b02
|
||||
All filter return actions except
|
||||
.BR SECCOMP_RET_ALLOW
|
||||
should be logged. An administrator may override this filter flag by preventing specific actions from being logged via the
|
||||
.IR /proc/sys/kernel/seccomp/actions_logged
|
||||
file.
|
||||
.RE
|
||||
.TP
|
||||
.BR SECCOMP_GET_ACTION_AVAIL " (since Linux 4.14)"
|
||||
|
|
Loading…
Reference in New Issue