-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathsystemd-resource-control.ts
More file actions
60 lines (57 loc) · 1.65 KB
/
Copy pathsystemd-resource-control.ts
File metadata and controls
60 lines (57 loc) · 1.65 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
import { SystemdValueEnum } from "./types";
const manPage = "systemd.resource-control(5)";
export const valueEnum: SystemdValueEnum[] = [
{
directive: "BPFProgram",
manPage,
values: [
"egress",
"ingress",
"sock_create",
"sock_ops",
"device",
"bind4",
"bind6",
"connect4",
"connect6",
"post_bind4",
"post_bind6",
"sendmsg4",
"sendmsg6",
"sysctl",
"recvmsg4",
"recvmsg6",
"getsockopt",
"setsockopt",
].map((it) => `${it}:\${program_path}`),
},
{
directive: "DevicePolicy",
manPage,
docs: {
strict: "means to only allow types of access that are explicitly specified. Added in version 208.",
closed: " in addition, allows access to standard pseudo devices including `/dev/null`, `/dev/zero`, `/dev/full`, `/dev/random`, and `/dev/urandom`. Added in version 208.",
auto: "in addition, allows access to all devices if no explicit `DeviceAllow=` is present. This is the default. Added in version 208.",
},
},
{
directive: "MemoryPressureWatch",
manPage,
values: ["off", "on", "auto", "skip"],
},
{
directive: "ManagedOOMSwap",
values: ["auto", "kill"],
manPage,
},
{
directive: "ManagedOOMMemoryPressure",
values: ["auto", "kill"],
manPage,
},
{
directive: "ManagedOOMPreference",
values: ["none", "avoid", "omit"],
manPage,
},
];