File tree 2 files changed +71
-0
lines changed
2 files changed +71
-0
lines changed Original file line number Diff line number Diff line change 141141 "selinuxLabel" : {
142142 "type" : " string"
143143 },
144+ "landlock" : {
145+ "type" : " object"
146+ "properties" : {
147+ "ruleset" : {
148+ "$ref" : " defs.json#/definitions/LandlockRuleset"
149+ },
150+ "rules" : {
151+ "$ref" : " defs.json#/definitions/LandlockRules"
152+ },
153+ "disableBestEffort" : {
154+ "type" : " boolean"
155+ }
156+ }
157+ },
144158 "noNewPrivileges" : {
145159 "type" : " boolean"
146160 },
Original file line number Diff line number Diff line change 153153 },
154154 "annotations" : {
155155 "$ref" : " #/definitions/mapStringString"
156+ },
157+ "LandlockFSAction" : {
158+ "type" : " string"
159+ "enum" : [
160+ " execute"
161+ " write_file"
162+ " read_file"
163+ " read_dir"
164+ " remove_dir"
165+ " remove_file"
166+ " make_char"
167+ " make_dir"
168+ " make_reg"
169+ " make_sock"
170+ " make_fifo"
171+ " make_block"
172+ " make_sym"
173+ ]
174+ },
175+ "ArrayOfLandlockFSActions" : {
176+ "type" : " array"
177+ "items" : {
178+ "$ref" : " #/definitions/LandlockFSAction"
179+ }
180+ },
181+ "LandlockRuleset" : {
182+ "type" : " object"
183+ "properties" : {
184+ "handledAccessFS" : {
185+ "$ref" : " #/definitions/ArrayOfLandlockFSActions"
186+ }
187+ }
188+ },
189+ "LandlockRulePathBeneath" : {
190+ "type" : " object"
191+ "properties" : {
192+ "allowedAccess" : {
193+ "$ref" : " #/definitions/ArrayOfLandlockFSActions"
194+ },
195+ "paths" : {
196+ "$ref" : " #/definitions/ArrayOfStrings"
197+ }
198+ }
199+ },
200+ "ArrayOfLandlockRulePathBeneaths" : {
201+ "type" : " array"
202+ "items" : {
203+ "$ref" : " #/definitions/LandlockRulePathBeneath"
204+ }
205+ },
206+ "LandlockRules" : {
207+ "type" : " object"
208+ "properties" : {
209+ "pathBeneath" : {
210+ "$ref" : " #/definitions/ArrayOfLandlockRulePathBeneaths"
211+ }
212+ }
156213 }
157214 }
158215}
You can’t perform that action at this time.
0 commit comments