| syd(3) | User Contributed Perl Documentation | syd(3) |
plsyd - Perl Bindings for the syd API Rust Library
`plsyd` provides Perl bindings for `libsyd`, a C library written in Rust that implements the syd stat API. This package allows interaction with the `/dev/syd` interface of syd, enabling runtime configuration and interaction within the syd sandboxing environment.
The `plsyd` library is designed to interact with the syd sandboxing environment through Perl. It offers functionalities to check and modify the state of the sandbox lock, perform system calls to `/dev/syd`, and execute commands within the sandbox. This makes it easier for Perl applications to integrate with syd's features.
To use `plsyd`, the shared library `libsyd.so` must be available in the system's library search path. Ensure this shared library is properly installed and its location is included in the environment path where system libraries are searched for.
This library is currently a work in progress. The API is subject to change and may not be stable. Users are advised to use it with caution and to stay updated with the latest changes.
For more detailed information about `libsyd` and usage instructions, refer to the syd manual: <https://git.sr.ht/~alip/syd>. To read `libsyd` API documentation, see <https://libsyd.exherbolinux.org>.
Ali Polatel (alip@chesswob.org)
This software is licensed under the LGPL-3.0 license.
Performs an lstat system call on the file "/dev/syd".
Performs a syd API check. The caller is advised to perform this check before calling any other syd API calls.
Causes syd to exit immediately with code 127.
Non-zero on successful operation, or croaks on failure.
Causes syd to reset sandboxing to the default state. Allowlists, denylists and filters are going to be cleared.
Non-zero on successful operation, or croaks on failure.
Causes syd to read configuration from the given file descriptor.
Non-zero on successful operation, or croaks on failure.
Sets the state of the sandbox lock.
The sandbox lock is off, allowing all sandbox commands.
The sandbox lock is set to on for all processes except the initial process (syd exec child). This is the default state.
The sandbox lock is on, disallowing all sandbox commands.
Non-zero on successful operation, or croaks on failure.
Execute a command outside the sandbox without sandboxing.
Non-zero on successful operation, or croaks on failure.
Enables Stat sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables Stat sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if Stat sandboxing is enabled.
Non-zero if Stat sandboxing is enabled, zero otherwise.
Enables read sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables read sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if read sandboxing is enabled.
Non-zero if read sandboxing is enabled, zero otherwise.
Enables Write sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables Write sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if Write sandboxing is enabled.
Non-zero if Write sandboxing is enabled, zero otherwise.
Enables Exec sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables Exec sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if Exec sandboxing is enabled.
Non-zero if Exec sandboxing is enabled, zero otherwise.
Enables ioctl sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables ioctl sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if ioctl sandboxing is enabled.
Non-zero if ioctl sandboxing is enabled, zero otherwise.
Enables create sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables create sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if create sandboxing is enabled.
Non-zero if create sandboxing is enabled, zero otherwise.
Enables delete sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables delete sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if delete sandboxing is enabled.
Non-zero if delete sandboxing is enabled, zero otherwise.
Enables rename sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables rename sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if rename sandboxing is enabled.
Non-zero if rename sandboxing is enabled, zero otherwise.
Enables symlink sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables symlink sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if symlink sandboxing is enabled.
Non-zero if symlink sandboxing is enabled, zero otherwise.
Enables truncate sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables truncate sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if truncate sandboxing is enabled.
Non-zero if truncate sandboxing is enabled, zero otherwise.
Enables chdir sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables chdir sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if chdir sandboxing is enabled.
Non-zero if chdir sandboxing is enabled, zero otherwise.
Enables readdir sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables readdir sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if readdir sandboxing is enabled.
Non-zero if readdir sandboxing is enabled, zero otherwise.
Enables mkdir sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables mkdir sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if mkdir sandboxing is enabled.
Non-zero if mkdir sandboxing is enabled, zero otherwise.
Enables rmdir sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables rmdir sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if rmdir sandboxing is enabled.
Non-zero if rmdir sandboxing is enabled, zero otherwise.
Enables chown sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables chown sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if chown sandboxing is enabled.
Non-zero if chown sandboxing is enabled, zero otherwise.
Enables chgrp sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables chgrp sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if chgrp sandboxing is enabled.
Non-zero if chgrp sandboxing is enabled, zero otherwise.
Enables chmod sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables chmod sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if chmod sandboxing is enabled.
Non-zero if chmod sandboxing is enabled, zero otherwise.
Enables chattr sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables chattr sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if chattr sandboxing is enabled.
Non-zero if chattr sandboxing is enabled, zero otherwise.
Enables chroot sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables chroot sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if chroot sandboxing is enabled.
Non-zero if chroot sandboxing is enabled, zero otherwise.
Enables utime sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables utime sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if utime sandboxing is enabled.
Non-zero if utime sandboxing is enabled, zero otherwise.
Enables mkdev sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables mkdev sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if mkdev sandboxing is enabled.
Non-zero if mkdev sandboxing is enabled, zero otherwise.
Enables mkfifo sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables mkfifo sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if mkfifo sandboxing is enabled.
Non-zero if mkfifo sandboxing is enabled, zero otherwise.
Enables mktemp sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables mktemp sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if mktemp sandboxing is enabled.
Non-zero if mktemp sandboxing is enabled, zero otherwise.
Enables net sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables net sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if net sandboxing is enabled.
Non-zero if net sandboxing is enabled, zero otherwise.
Checks if lock sandboxing is enabled.
Non-zero if lock sandboxing is enabled, zero otherwise.
Checks if crypt sandboxing is enabled.
Non-zero if crypt sandboxing is enabled, zero otherwise.
Checks if proxy sandboxing is enabled.
Non-zero if proxy sandboxing is enabled, zero otherwise.
Enables memory sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables memory sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if memory sandboxing is enabled.
Non-zero if memory sandboxing is enabled, zero otherwise.
Enables PID sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables PID sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if PID sandboxing is enabled.
Non-zero if PID sandboxing is enabled, zero otherwise.
Enables force sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables force sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if force sandboxing is enabled.
Non-zero if force sandboxing is enabled, zero otherwise.
Enables TPE sandboxing.
Non-zero on successful operation, or croaks on failure.
Disables TPE sandboxing.
Non-zero on successful operation, or croaks on failure.
Checks if TPE sandboxing is enabled.
Non-zero if TPE sandboxing is enabled, zero otherwise.
Set the default action for Stat sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for Read Sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for Write sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for Exec sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for _ioctl_(2) sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for create Sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for delete Sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for rename Sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for symlink Sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for truncate sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for chdir sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for readdir sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for mkdir sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for rmdir sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for chown Sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for chgrp Sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for chmod Sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for chattr Sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for chroot Sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for utime Sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for mkdev Sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for mkfifo Sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for mktemp Sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for Network Sandboxing.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for block Sandboxing.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for Memory Sandboxing.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for PID Sandboxing.
Allow system call and warn.
Deny system call silently.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for Force Sandboxing.
Allow system call and warn.
Deny system call silently.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for SegvGuard.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Set the default action for TPE Sandboxing.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of Stat sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of Stat sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of Stat sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of Read sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of Read sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of Read sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of Write sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of Write sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of Write sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of Exec sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of Exec sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of Exec sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of _ioctl_(2) sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of _ioctl_(2) sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of _ioctl_(2) sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of create sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of create sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of create sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of delete sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of delete sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of delete sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of rename sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of rename sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of rename sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of symlink sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of symlink sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of symlink sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of truncate sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of truncate sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of truncate sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of chdir sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of chdir sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of chdir sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of readdir sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of readdir sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of readdir sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of mkdir sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of mkdir sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of mkdir sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of rmdir sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of rmdir sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of rmdir sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of chown sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of chown sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of chown sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of chgrp sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of chgrp sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of chgrp sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of chmod sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of chmod sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of chmod sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of chattr sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of chattr sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of chattr sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of chroot sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of chroot sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of chroot sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of utime sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of utime sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of utime sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of mkdev sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of mkdev sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of mkdev sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of mkfifo sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of mkfifo sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of mkfifo sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of mktemp sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of mktemp sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of mktemp sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of net/bind sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of net/bind sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of net/bind sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of net/connect sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of net/connect sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of net/connect sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of net/sendfd sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of net/sendfd sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of net/sendfd sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds to the given actionlist of net/link sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes the first instance from the end of the given actionlist of net/link sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Removes all matching patterns from the given actionlist of net/link sandboxing.
Allow system call.
Allow system call and warn.
Deny system call silently.
Deny system call and warn.
Deny system call, warn and panic the current Syd thread.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Warn, and exit Syd immediately with deny errno as exit value.
Non-zero on successful operation, or croaks on failure.
Adds an entry to the Integrity Force map for Force Sandboxing.
Allow system call and warn.
Deny system call, warn and stop offending process.
Deny system call, warn and abort offending process.
Deny system call, warn and kill offending process.
Non-zero on successful operation, or croaks on failure.
Removes an entry from the Integrity Force map for Force Sandboxing.
Non-zero on successful operation, or croaks on failure.
Clears the Integrity Force map for Force Sandboxing.
Non-zero on successful operation, or croaks on failure.
Specify SegvGuard entry expiry timeout in seconds. Setting this timeout to 0 effectively disables SegvGuard.
Non-zero on successful operation, or croaks on failure.
Specify SegvGuard entry suspension timeout in seconds.
Non-zero on successful operation, or croaks on failure.
Specify SegvGuard max number of crashes before suspension.
Non-zero on successful operation, or croaks on failure.
Adds a request to the _ioctl_(2) denylist.
Non-zero on successful operation, or croaks on failure.
Set syd maximum per-process memory usage limit for memory sandboxing. The parse-size crate is used to parse the value so formatted strings are OK.
Non-zero on successful operation, or croaks on failure.
Set syd maximum per-process virtual memory usage limit for memory sandboxing, The parse-size crate is used to parse the value so formatted strings are OK.
Non-zero on successful operation, or croaks on failure.
Set syd maximum process ID limit for PID sandboxing.
Non-zero on successful operation, or croaks on failure.
| 2025-04-21 | perl v5.40.1 |