Initial applications isolation support using Linux namespaces.

2019-09-19 15:25:23 +03:00
parent 6346e641ee
commit c554941b4f
21 changed files with 1467 additions and 201 deletions
--- a/auto/capability
+++ b/auto/capability
@@ -0,0 +1,19 @@
+
+# Copyright (C) Igor Sysoev
+# Copyright (C) NGINX, Inc.
+
+# Linux capability
+
+nxt_feature="Linux capability"
+nxt_feature_name=NXT_HAVE_LINUX_CAPABILITY
+nxt_feature_test="#include <linux/capability.h>
+                  #include <unistd.h>
+                  #include <sys/syscall.h>
+
+                  int main() {
+                      struct __user_cap_header_struct hdr;
+                      hdr.version = _LINUX_CAPABILITY_VERSION;
+                      syscall(SYS_capget, &hdr, 0);
+                      return 0;
+                  }"
+. auto/feature