SYMBOL INDEX (176 symbols across 32 files) FILE: examples/sandbox.rs type Cli (line 12) | struct Cli { function main (line 41) | fn main() -> Result<(), Box> { FILE: integration/canonicalize.rs function setup (line 8) | pub fn setup(_tempdir: PathBuf) -> TestSetup { function validate (line 15) | pub fn validate(_data: String) { FILE: integration/command_io.rs function main (line 11) | fn main() {} function main (line 14) | fn main() { function pipe_stdin_to_stdout (line 20) | fn pipe_stdin_to_stdout() { function exit_signal (line 42) | fn exit_signal() { FILE: integration/consistent_id_mappings.rs type TestData (line 8) | struct TestData { function setup (line 15) | pub fn setup(_tempdir: PathBuf) -> TestSetup { function validate (line 30) | pub fn validate(data: String) { FILE: integration/delete_before_lockdown.rs function setup (line 8) | pub fn setup(_tempdir: PathBuf) -> TestSetup { function validate (line 21) | pub fn validate(_data: String) { FILE: integration/env.rs function setup (line 8) | pub fn setup(_tempdir: PathBuf) -> TestSetup { function validate (line 20) | pub fn validate(_data: String) { FILE: integration/exec.rs function setup (line 9) | pub fn setup(_tempdir: PathBuf) -> TestSetup { function validate (line 16) | pub fn validate(_data: String) { FILE: integration/exec_symlinked_dir.rs type TestData (line 11) | struct TestData { function setup (line 15) | pub fn setup(tempdir: PathBuf) -> TestSetup { function validate (line 30) | pub fn validate(data: String) { FILE: integration/exec_symlinked_dirs_exec.rs type TestData (line 11) | struct TestData { function setup (line 15) | pub fn setup(tempdir: PathBuf) -> TestSetup { function validate (line 31) | pub fn validate(data: String) { FILE: integration/exec_symlinked_file.rs type TestData (line 12) | struct TestData { function setup (line 16) | pub fn setup(tempdir: PathBuf) -> TestSetup { function validate (line 33) | pub fn validate(data: String) { FILE: integration/fs.rs constant FILE_CONTENT (line 9) | const FILE_CONTENT: &str = "expected content"; type TestData (line 12) | struct TestData { function setup (line 17) | pub fn setup(tempdir: PathBuf) -> TestSetup { function validate (line 35) | pub fn validate(data: String) { FILE: integration/fs_broken_symlink.rs type TestData (line 12) | struct TestData { function setup (line 16) | pub fn setup(tempdir: PathBuf) -> TestSetup { function validate (line 42) | pub fn validate(data: String) { FILE: integration/fs_null.rs function setup (line 8) | pub fn setup(_tempdir: PathBuf) -> TestSetup { function validate (line 16) | pub fn validate(_data: String) { FILE: integration/fs_readonly.rs constant FILE_CONTENT (line 9) | const FILE_CONTENT: &str = "expected content"; type TestData (line 12) | struct TestData { function setup (line 16) | pub fn setup(tempdir: PathBuf) -> TestSetup { function validate (line 32) | pub fn validate(data: String) { FILE: integration/fs_restrict_child.rs constant FILE_CONTENT (line 9) | const FILE_CONTENT: &str = "expected content"; type TestData (line 12) | struct TestData { function setup (line 17) | pub fn setup(tempdir: PathBuf) -> TestSetup { function validate (line 34) | pub fn validate(data: String) { FILE: integration/fs_symlink.rs constant FILE_CONTENT (line 10) | const FILE_CONTENT: &str = "expected content"; type TestData (line 13) | struct TestData { function setup (line 18) | pub fn setup(tempdir: PathBuf) -> TestSetup { function validate (line 44) | pub fn validate(data: String) { FILE: integration/fs_symlink_dir.rs constant FILE_CONTENT (line 10) | const FILE_CONTENT: &str = "expected content"; type TestData (line 13) | struct TestData { function setup (line 17) | pub fn setup(tempdir: PathBuf) -> TestSetup { function validate (line 35) | pub fn validate(data: String) { FILE: integration/fs_symlink_dir_separate_perms.rs constant FILE_CONTENT (line 10) | const FILE_CONTENT: &str = "expected content"; type TestData (line 13) | struct TestData { function setup (line 17) | pub fn setup(tempdir: PathBuf) -> TestSetup { function validate (line 36) | pub fn validate(data: String) { FILE: integration/fs_write_also_read.rs constant FILE_CONTENT (line 9) | const FILE_CONTENT: &str = "expected content"; type TestData (line 12) | struct TestData { function setup (line 16) | pub fn setup(tempdir: PathBuf) -> TestSetup { function validate (line 32) | pub fn validate(data: String) { FILE: integration/full_env.rs function setup (line 8) | pub fn setup(_tempdir: PathBuf) -> TestSetup { function validate (line 19) | pub fn validate(_data: String) { FILE: integration/full_sandbox.rs type TestData (line 12) | struct TestData { function setup (line 16) | pub fn setup(tempdir: PathBuf) -> TestSetup { function validate (line 52) | pub fn validate(data: String) { FILE: integration/harness.rs constant TEST_DIR (line 34) | const TEST_DIR: &str = "integration"; type TestSetup (line 37) | pub struct TestSetup { function main (line 42) | fn main() { function spawn_tests (line 74) | fn spawn_tests() { function run_setup (line 133) | fn run_setup(test_name: &str, tempdir: String, setup: &fn(PathBuf) -> Te... FILE: integration/missing_exception.rs function setup (line 8) | pub fn setup(_tempdir: PathBuf) -> TestSetup { function validate (line 23) | pub fn validate(_data: String) { FILE: integration/net.rs function setup (line 8) | pub fn setup(_tempdir: PathBuf) -> TestSetup { function validate (line 16) | pub fn validate(_data: String) { FILE: integration/seccomp.rs function setup (line 8) | pub fn setup(_tempdir: PathBuf) -> TestSetup { function validate (line 12) | pub fn validate(_data: String) { FILE: src/error.rs type Result (line 15) | pub type Result = StdResult; type Error (line 19) | pub enum Error { method from (line 59) | fn from(error: SeccompError) -> Self { method from (line 66) | fn from(error: BackendError) -> Self { method from (line 72) | fn from(error: IoError) -> Self { method fmt (line 37) | fn fmt(&self, f: &mut Formatter<'_>) -> fmt::Result { FILE: src/lib.rs type Birdcage (line 55) | pub type Birdcage = LinuxSandbox; type Birdcage (line 62) | pub type Birdcage = MacSandbox; type Sandbox (line 64) | pub trait Sandbox: Sized { method new (line 66) | fn new() -> Self; method add_exception (line 72) | fn add_exception(&mut self, exception: Exception) -> Result<&mut Self>; method spawn (line 88) | fn spawn(self, sandboxee: Command) -> Result; type Exception (line 96) | pub enum Exception { function restrict_env_variables (line 120) | pub(crate) fn restrict_env_variables(exceptions: &[String]) { FILE: src/linux/mod.rs type LinuxSandbox (line 24) | pub struct LinuxSandbox { method new (line 32) | fn new() -> Self { method add_exception (line 36) | fn add_exception(&mut self, exception: Exception) -> Result<&mut Self> { method spawn (line 49) | fn spawn(self, sandboxee: Command) -> Result { function spawn_sandbox_init (line 114) | fn spawn_sandbox_init(init_arg: ProcessInitArg, allow_networking: bool) ... function sandbox_init (line 158) | extern "C" fn sandbox_init(arg: *mut libc::c_void) -> libc::c_int { function sandbox_init_inner (line 173) | fn sandbox_init_inner(mut init_arg: ProcessInitArg) -> io::Result Res... function absolute (line 360) | fn absolute(path: &Path) -> io::Result { function normalize_path (line 402) | fn normalize_path(path: &Path) -> PathBuf { function path_has_symlinks (line 421) | fn path_has_symlinks(path: &Path) -> bool { function thread_count (line 426) | fn thread_count() -> io::Result { FILE: src/linux/namespaces.rs constant NEW_ROOT (line 17) | const NEW_ROOT: &str = "/tmp/birdcage-root"; function setup_mount_namespace (line 23) | pub(crate) fn setup_mount_namespace(exceptions: PathExceptions) -> io::R... function create_symlinks (line 99) | fn create_symlinks(new_root: &Path, symlinks: Vec<(PathBuf, PathBuf)>) -... function copy_tree (line 129) | fn copy_tree(src: impl AsRef, dst: impl AsRef) -> io::Result... function mount_tmpfs (line 166) | fn mount_tmpfs(dst: &CStr) -> io::Result<()> { function mount_proc (line 181) | pub fn mount_proc(dst: &CStr) -> io::Result<()> { function bind_mount (line 196) | fn bind_mount(src: &CStr, dst: &CStr) -> io::Result<()> { function update_mount_flags (line 209) | fn update_mount_flags(mount: &CStr, flags: MountAttrFlags) -> io::Result... function deny_mount_propagation (line 231) | fn deny_mount_propagation() -> io::Result<()> { function pivot_root (line 247) | fn pivot_root(new_root: &CStr, put_old: &CStr) -> io::Result<()> { function umount (line 270) | fn umount(target: &CStr) -> io::Result<()> { function create_user_namespace (line 283) | pub fn create_user_namespace( function map_ids (line 305) | pub fn map_ids( function unshare (line 320) | fn unshare(namespaces: Namespaces) -> io::Result<()> { type MountAttr (line 355) | struct MountAttr { FILE: src/linux/seccomp.rs constant ARCH (line 13) | const ARCH: TargetArch = TargetArch::x86_64; constant ARCH (line 15) | const ARCH: TargetArch = TargetArch::aarch64; constant CLONE_NAMESPACE_FILTER (line 29) | const CLONE_NAMESPACE_FILTER: u32 = 0b01111110000000100000000000000000; type SyscallFilter (line 36) | pub struct SyscallFilter; method apply (line 40) | pub fn apply() -> Result<()> { constant SYSCALL_WHITELIST (line 89) | const SYSCALL_WHITELIST: &[libc::c_long] = &[ FILE: src/macos.rs type MacSandbox (line 34) | pub struct MacSandbox { method update_path_exceptions (line 100) | fn update_path_exceptions(&mut self, path: PathBuf, exceptions: PathEx... method create_profile (line 115) | fn create_profile(&self) -> Result> { method revoke_path_access (line 151) | fn revoke_path_access(buffer: &mut Vec, path: &str) -> Result<()> { method new (line 42) | fn new() -> Self { method add_exception (line 46) | fn add_exception(&mut self, exception: Exception) -> Result<&mut Self> { method spawn (line 68) | fn spawn(self, mut sandboxee: Command) -> Result { type PathRule (line 165) | struct PathRule { method new (line 172) | fn new(mode: RuleMode, access_type: &'static str, path: String) -> Self { method write_to (line 177) | fn write_to(&self, buffer: &mut Vec) -> IoResult<()> { type RuleMode (line 193) | enum RuleMode { method as_str (line 199) | fn as_str(&self) -> &str { function escape_path (line 217) | fn escape_path(path: &Path) -> Result { function sandbox_init (line 237) | fn sandbox_init(profile: *const i8, flags: u64, errorbuf: *mut *mut i8) ... function sandbox_free_error (line 238) | fn sandbox_free_error(errorbuf: *mut i8); FILE: src/process/linux.rs type Command (line 33) | pub struct Command { method new (line 64) | pub fn new>(program: S) -> Self { method arg (line 112) | pub fn arg>(&mut self, arg: S) -> &mut Self { method args (line 138) | pub fn args(&mut self, args: I) -> &mut Self method stdin (line 165) | pub fn stdin>(&mut self, cfg: T) -> &mut Self { method stdout (line 185) | pub fn stdout>(&mut self, cfg: T) -> &mut Self { method stderr (line 205) | pub fn stderr>(&mut self, cfg: T) -> &mut Self { method get_program (line 220) | pub fn get_program(&self) -> &OsStr { function from (line 226) | fn from(command: Command) -> Self { type Child (line 293) | pub struct Child { method new (line 333) | pub(crate) fn new( method kill (line 375) | pub fn kill(&mut self) -> io::Result<()> { method id (line 398) | pub fn id(&self) -> u32 { method wait (line 427) | pub fn wait(&mut self) -> io::Result { method try_wait (line 478) | pub fn try_wait(&mut self) -> io::Result> { method wait_with_output (line 525) | pub fn wait_with_output(mut self) -> io::Result { method exit_signal (line 540) | fn exit_signal(&self) -> io::Result> { type Stdio (line 574) | pub struct Stdio { method piped (line 619) | pub fn piped() -> Self { method inherit (line 632) | pub fn inherit() -> Self { method null (line 646) | pub fn null() -> Self { method make_pipe (line 653) | pub(crate) fn make_pipe(&self, stdin: bool) -> io::Result<(Option Option { type StdioType (line 685) | pub(crate) enum StdioType { type ChildStdin (line 703) | pub struct ChildStdin { method new (line 708) | fn new(fd: OwnedFd) -> io::Result { method write (line 714) | fn write(&mut self, buf: &[u8]) -> io::Result { method flush (line 718) | fn flush(&mut self) -> io::Result<()> { type ChildStdout (line 732) | pub struct ChildStdout { method new (line 737) | fn new(fd: OwnedFd) -> io::Result { method read (line 743) | fn read(&mut self, buf: &mut [u8]) -> io::Result { type ChildStderr (line 757) | pub type ChildStderr = ChildStdout; type ChildReader (line 759) | struct ChildReader { method new (line 768) | fn new(stdout: Option, stderr: Option) -> io... method read (line 793) | fn read(mut self) -> io::Result<(Vec, Vec)> { method stdio_from_fd (line 827) | fn stdio_from_fd(&mut self, fd: RawFd) -> (&mut ChildStdout, &mut Vec<...