Skip to content

Commit

Permalink
bin/podman-vscodium: enable Landlock and symlink syscalls
Browse files Browse the repository at this point in the history 
codium is using Landlock:

    SECCOMP syscall=444 (landlock_create_ruleset)
    exe='/usr/share/codium/codium' comm='codium'

cargo is now using symlink:

    SECCOMP syscall=88 (symlink)
    exe='/home/user/.rustup/toolchains/nightly-2024-11-19-x86_64-unknown-linux-gnu/bin/cargo'
    comm='cargo'
  • Loading branch information
@fishilico
fishilico committed Jan 8, 2025
1 parent aa7c2f4 commit c32028e
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions bin/podman-vscodium
View file
Original file line number Diff line number Diff line change
Expand Up @@ -187,6 +187,7 @@ SECCOMP_PROFILE='
"inotify_rm_watch",
"ioctl",
"kill",
"landlock_create_ruleset",
"link",
"linkat",
"listen",
Expand Down Expand Up @@ -256,6 +257,7 @@ SECCOMP_PROFILE='
"stat",
"statfs",
"statx",
"symlink",
"sysinfo",
"tgkill",
"umask",
Expand Down

0 comments on commit c32028e

Please sign in to comment.