diff options
| author | Dylan Reid <dgreid@chromium.org> | 2017-11-08 17:34:58 -0800 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2017-11-17 20:18:24 -0800 |
| commit | bd035c780bfdad46e2462e35aa8c119adf9fb08f (patch) | |
| tree | c017d049fc16de613206a2fd04d85c0404033189 /io_jail | |
| parent | f31455e9662f2158de3fa61d609e58a20c5c3ae8 (diff) | |
| download | crosvm-bd035c780bfdad46e2462e35aa8c119adf9fb08f.tar crosvm-bd035c780bfdad46e2462e35aa8c119adf9fb08f.tar.gz crosvm-bd035c780bfdad46e2462e35aa8c119adf9fb08f.tar.bz2 crosvm-bd035c780bfdad46e2462e35aa8c119adf9fb08f.tar.lz crosvm-bd035c780bfdad46e2462e35aa8c119adf9fb08f.tar.xz crosvm-bd035c780bfdad46e2462e35aa8c119adf9fb08f.tar.zst crosvm-bd035c780bfdad46e2462e35aa8c119adf9fb08f.zip | |
io_jail: Fix doc tests and docs
There were remnants of using `minijail_enter`, switch them to `minijail_fork`. Change-Id: I5c695cbc3bfd6868f25f46f785a2f96391744d90 Signed-off-by: Dylan Reid <dgreid@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/759598 Reviewed-by: Stephen Barber <smbarber@chromium.org>
Diffstat (limited to 'io_jail')
| -rw-r--r-- | io_jail/src/lib.rs | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/io_jail/src/lib.rs b/io_jail/src/lib.rs index 2ac27c3..c7587a1 100644 --- a/io_jail/src/lib.rs +++ b/io_jail/src/lib.rs @@ -147,8 +147,8 @@ pub type Result<T> = std::result::Result<T, Error>; /// j.no_new_privs(); /// j.parse_seccomp_filters(Path::new("my_filter.policy")).map_err(|_| ())?; /// j.use_seccomp_filter(); -/// unsafe { // Enter will close all the programs FDs. -/// j.enter(None).map_err(|_| ())?; +/// unsafe { // `fork` will close all the programs FDs. +/// j.fork(None).map_err(|_| ())?; /// } /// # Ok(()) /// # } @@ -162,15 +162,16 @@ pub type Result<T> = std::result::Result<T, Error>; /// # fn seccomp_filter_test() -> Result<(), ()> { /// let j = Minijail::new().map_err(|_| ())?; /// let preserve_fds: Vec<RawFd> = vec![0, 1, 2]; -/// unsafe { // Enter will close all the programs FDs. -/// j.enter(Some(&preserve_fds)).map_err(|_| ())?; +/// unsafe { // `fork` will close all the programs FDs. +/// j.fork(Some(&preserve_fds)).map_err(|_| ())?; /// } /// # Ok(()) /// # } /// ``` /// # Errors -/// The `enter` function doesn't return an error. Instead, It kills the current -/// process on error. +/// The `fork` function might not return an error if it fails after forking. A +/// partial jail is not recoverable and will instead result in killing the +/// process. pub struct Minijail { jail: *mut libminijail::minijail, } |