Skip to content
/ syscalls Public

Merged to firejail; Find syscalls of executables for seccomp-bpf sandbox policies.

License

Apache-2.0 license
8 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

avilum/syscalls

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
syscalls
syscalls
 
 

Repository files navigation

This script was adopted by firejail to their repository

Moved to netblue30/firejail contrib scripts: https://github.com/netblue30/firejail/blob/master/contrib/syscalls.sh

syscalls

Discover executable's syscalls.
A simple script that discovers the necessary behaviour of programs, using strace and grep.
I Created this in order to create profiles for seccomp-bpf jails, like nsjail, gVisor and firejail.

Usage:

ubuntu@pc:~$ ./syscalls whoami
ubuntu
The following syscalls were called:
access
arch_prctl
brk
close
connect
execve
exit_group
fstat
geteuid
lseek
mmap
mprotect
munmap
open
read
socket
write
The syscalls were saved to /home/ubuntu/syscalls.txt
ubuntu@pc:~$ ./syscalls python -m SimpleHTTPServer
Serving HTTP on 0.0.0.0 port 8000 ...
^C
The following syscalls were called:
access
arch_prctl
brk
close
connect
execve
exit_group
fstat
geteuid
lseek
mmap
mprotect
munmap
open
read
socket
write
The syscalls were saved to /home/ubuntu/syscalls.txt

About

Merged to firejail; Find syscalls of executables for seccomp-bpf sandbox policies.

Topics

sandbox syscalls security-hardening firejail seccomp jail seccomp-bpf-policies seccomp-profile

Resources

Readme

License

Apache-2.0 license
Activity

Stars

8 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages