Document the SECCOMP_FILTER_FLAG_LOG seccomp(2) flag added in Linux commit v4.14-rc2~15^2~6. Signed-off-by: Tyler Hicks <tyhicks@xxxxxxxxxxxxx> --- man2/seccomp.2 | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/man2/seccomp.2 b/man2/seccomp.2 index a356f22..c85c289 100644 --- a/man2/seccomp.2 +++ b/man2/seccomp.2 @@ -205,6 +205,14 @@ Synchronization will fail if another thread in the same process is in .BR SECCOMP_MODE_STRICT or if it has attached new seccomp filters to itself, diverging from the calling thread's filter tree. +.TP +.BR SECCOMP_FILTER_FLAG_LOG " (since Linux 4.14)" +.\" commit e66a39977985b1e69e17c4042cb290768eca9b02 +All filter return actions except +.BR SECCOMP_RET_ALLOW +should be logged. An administrator may override this filter flag by preventing specific actions from being logged via the +.IR /proc/sys/kernel/seccomp/actions_logged +file. .RE .TP .BR SECCOMP_GET_ACTION_AVAIL " (since Linux 4.14)" -- 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-man" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
