system.landlock_create_ruleset

Synopsis

local system = require "system"
system.landlock_create_ruleset(attr: table|nil, flags: table|nil) -> file_descriptor|integer

Description

Creates a new file descriptor identifying a ruleset.

Only available on Linux.

Parameters

  • attr.handled_access_fs: string[]

    • "execute"

    • "write_file"

    • "read_file"

    • "read_dir"

    • "remove_dir"

    • "remove_file"

    • "make_char"

    • "make_dir"

    • "make_reg"

    • "make_sock"

    • "make_fifo"

    • "make_block"

    • "make_sym"

    • "refer"

    • "truncate"

  • flags: string[]

    • "version"