24 releases (15 breaking)

0.16.1 Sep 11, 2021
0.15.0 Oct 6, 2020
0.14.0 May 30, 2020
0.12.0 Dec 20, 2019
0.7.0 Jul 22, 2018

#61 in Unix APIs

Download history 100/week @ 2021-06-07 57/week @ 2021-06-14 88/week @ 2021-06-21 71/week @ 2021-06-28 80/week @ 2021-07-05 74/week @ 2021-07-12 98/week @ 2021-07-19 121/week @ 2021-07-26 143/week @ 2021-08-02 67/week @ 2021-08-09 139/week @ 2021-08-16 162/week @ 2021-08-23 124/week @ 2021-08-30 239/week @ 2021-09-06 167/week @ 2021-09-13 129/week @ 2021-09-20

463 downloads per month
Used in 4 crates

MIT/Apache and LGPL-2.1

98KB
5K SLoC

syscallz-rs Build Status crates.io docs.rs

Simple seccomp library for rust. Please note that the syscall list is incomplete and you might need to send a PR to get your syscalls included. This crate releases frequently if the syscall list has been updated.

# Cargo.toml
[dependencies]
syscallz = "0.16"

License

MIT/Apache-2.0


lib.rs:

Simple seccomp library for rust. Please note that the syscall list is incomplete and you might need to send a PR to get your syscalls included. This crate releases frequently if the syscall list has been updated.

Example

use syscallz::{Context, Syscall, Action};

fn main() -> syscallz::Result<()> {

    // The default action if no other rule matches is syscallz::DEFAULT_KILL
    // For a different default use `Context::init_with_action`
    let mut ctx = Context::init()?;

    // Allow-list some syscalls
    ctx.allow_syscall(Syscall::open);
    ctx.allow_syscall(Syscall::getpid);
    // Set a specific action for a syscall
    ctx.set_action_for_syscall(Action::Errno(1), Syscall::execve);

    // Enforce the seccomp filter
    ctx.load()?;

    Ok(())
}

Dependencies

~0.9–1.4MB
~28K SLoC