summaryrefslogtreecommitdiffhomepage
path: root/src/nxt_process.h
diff options
context:
space:
mode:
authorTiago Natel de Moura <t.nateldemoura@f5.com>2020-05-28 14:57:41 +0100
committerTiago Natel de Moura <t.nateldemoura@f5.com>2020-05-28 14:57:41 +0100
commite2b53e16c60ba1e3bbbe59172c184e97f889326b (patch)
treef2bda4ea966657fc52189d154e1d6afcb767973f /src/nxt_process.h
parente9e5ddd5a5d9ce99768833137eac2551a710becf (diff)
downloadunit-e2b53e16c60ba1e3bbbe59172c184e97f889326b.tar.gz
unit-e2b53e16c60ba1e3bbbe59172c184e97f889326b.tar.bz2
Added "rootfs" feature.
Diffstat (limited to '')
-rw-r--r--src/nxt_process.h53
1 files changed, 34 insertions, 19 deletions
diff --git a/src/nxt_process.h b/src/nxt_process.h
index 45bab25e..d3311722 100644
--- a/src/nxt_process.h
+++ b/src/nxt_process.h
@@ -69,33 +69,42 @@ typedef struct {
nxt_port_mmap_t *elts;
} nxt_port_mmaps_t;
+typedef struct {
+ u_char *rootfs;
+ nxt_array_t *mounts; /* of nxt_mount_t */
+
+#if (NXT_HAVE_CLONE)
+ nxt_clone_t clone;
+#endif
+
+#if (NXT_HAVE_PR_SET_NO_NEW_PRIVS)
+ uint8_t new_privs; /* 1 bit */
+#endif
+} nxt_process_isolation_t;
+
typedef struct {
- nxt_pid_t pid;
- const char *name;
- nxt_queue_t ports; /* of nxt_port_t */
- nxt_process_state_t state;
- nxt_bool_t registered;
- nxt_int_t use_count;
+ nxt_pid_t pid;
+ const char *name;
+ nxt_queue_t ports; /* of nxt_port_t */
+ nxt_process_state_t state;
+ nxt_bool_t registered;
+ nxt_int_t use_count;
- nxt_port_mmaps_t incoming;
- nxt_port_mmaps_t outgoing;
+ nxt_port_mmaps_t incoming;
+ nxt_port_mmaps_t outgoing;
- nxt_thread_mutex_t cp_mutex;
- nxt_lvlhsh_t connected_ports; /* of nxt_port_t */
+ nxt_thread_mutex_t cp_mutex;
+ nxt_lvlhsh_t connected_ports; /* of nxt_port_t */
- uint32_t stream;
+ uint32_t stream;
- nxt_mp_t *mem_pool;
- nxt_credential_t *user_cred;
+ nxt_mp_t *mem_pool;
+ nxt_credential_t *user_cred;
- nxt_process_data_t data;
+ nxt_process_data_t data;
- union {
-#if (NXT_HAVE_CLONE)
- nxt_clone_t clone;
-#endif
- } isolation;
+ nxt_process_isolation_t isolation;
} nxt_process_t;
@@ -184,6 +193,12 @@ nxt_int_t nxt_process_vldt_isolation_creds(nxt_task_t *task,
nxt_process_t *process);
#endif
+nxt_int_t nxt_process_change_root(nxt_task_t *task, nxt_process_t *process);
+
+#if (NXT_HAVE_ISOLATION_ROOTFS)
+void nxt_process_unmount_all(nxt_task_t *task, nxt_process_t *process);
+#endif
+
#if (NXT_HAVE_SETPROCTITLE)
#define nxt_process_title(task, fmt, ...) \