systemd: add option for seccomp support

With seccomp support enabled, service files can limit the syscalls a process is allowed to use through the SystemCallFilter option. Signed-off-by: Clemens Gruber <clemens.gruber@pqgruber.com> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
author: Clemens Gruber <clemens.gruber@pqgruber.com> 2016-02-09 17:31:14 +0100
committer: Michael Olbrich <m.olbrich@pengutronix.de> 2016-02-11 09:31:50 +0100
commit: c8c7c0f4c99caca114dd4b6ff3eef5a57c89e6c5 (patch)
tree: 7b2242a53d4493e51ce6134739f7de50e2638661 /rules/systemd.make
parent: 9f59dec6925cbcb0fd6c422bf147bdaa67617f97 (diff)
download: ptxdist-c8c7c0f4c99caca114dd4b6ff3eef5a57c89e6c5.tar.gz
ptxdist-c8c7c0f4c99caca114dd4b6ff3eef5a57c89e6c5.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/rules/systemd.make b/rules/systemd.make
index b2edb3d33..5c870238a 100644
--- a/rules/systemd.make
+++ b/rules/systemd.make
@@ -73,7 +73,7 @@ SYSTEMD_CONF_OPT	:= \
 	--enable-kmod \
 	--disable-xkbcommon \
 	--enable-blkid \
-	--disable-seccomp \
+	--$(call ptx/endis,PTXCONF_SYSTEMD_SECCOMP)-seccomp \
 	--disable-ima \
 	$(GLOBAL_SELINUX_OPTION) \
 	--disable-apparmor \
author	Clemens Gruber <clemens.gruber@pqgruber.com>	2016-02-09 17:31:14 +0100
committer	Michael Olbrich <m.olbrich@pengutronix.de>	2016-02-11 09:31:50 +0100
commit	c8c7c0f4c99caca114dd4b6ff3eef5a57c89e6c5 (patch)
tree	7b2242a53d4493e51ce6134739f7de50e2638661 /rules/systemd.make
parent	9f59dec6925cbcb0fd6c422bf147bdaa67617f97 (diff)
download	ptxdist-c8c7c0f4c99caca114dd4b6ff3eef5a57c89e6c5.tar.gz ptxdist-c8c7c0f4c99caca114dd4b6ff3eef5a57c89e6c5.tar.xz