From a44a8ae67987c3f9fedfa6c19c2abcbb68960888 Mon Sep 17 00:00:00 2001
From: dma <dma@subgraph.com>
Date: Sun, 12 Jul 2015 16:43:15 -0400
Subject: [PATCH] Add seccomp configuration params to the Oz profile
 specification/parser

---
 profile.go | 34 ++++++++++++++++++++++++----------
 1 file changed, 24 insertions(+), 10 deletions(-)

diff --git a/profile.go b/profile.go
index 788424a..c8605ce 100644
--- a/profile.go
+++ b/profile.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"io/ioutil"
 	"path"
+	"strings"
 
 	"github.com/subgraph/oz/network"
 )
@@ -42,9 +43,12 @@ type Profile struct {
 	Environment []EnvVar
 	// Networking
 	Networking NetworkProfile
+	// Seccomp
+	Seccomp SeccompConf
 }
 
 type AudioMode string
+
 const (
 	PROFILE_AUDIO_NONE    AudioMode = "none"
 	PROFILE_AUDIO_SPEAKER AudioMode = "speaker"
@@ -53,15 +57,22 @@ const (
 
 type XServerConf struct {
 	Enabled             bool
-	TrayIcon            string   `json:"tray_icon"`
-	WindowIcon          string   `json:"window_icon"`
-	EnableTray          bool     `json:"enable_tray"`
-	EnableNotifications bool     `json:"enable_notifications"`
-	UsePulseAudio       bool     `json:"use_pulse_audio"`
-	DisableClipboard    bool     `json:"disable_clipboard"`
+	TrayIcon            string    `json:"tray_icon"`
+	WindowIcon          string    `json:"window_icon"`
+	EnableTray          bool      `json:"enable_tray"`
+	EnableNotifications bool      `json:"enable_notifications"`
+	UsePulseAudio       bool      `json:"use_pulse_audio"`
+	DisableClipboard    bool      `json:"disable_clipboard"`
 	AudioMode           AudioMode `json:"audio_mode"`
 }
 
+type SeccompConf struct {
+	Mode              string
+	Enforce           bool
+	Seccomp_Whitelist string
+	Seccomp_Blacklist string
+}
+
 type WhitelistItem struct {
 	Path     string
 	ReadOnly bool `json:"read_only"`
@@ -157,11 +168,14 @@ func LoadProfiles(dir string) (Profiles, error) {
 	for _, f := range fs {
 		if !f.IsDir() {
 			name := path.Join(dir, f.Name())
-			p, err := loadProfileFile(name)
-			if err != nil {
-				return nil, fmt.Errorf("error loading '%s': %v", f.Name(), err)
+			if strings.Contains(f.Name(), ".json") {
+
+				p, err := loadProfileFile(name)
+				if err != nil {
+					return nil, fmt.Errorf("error loading '%s': %v", f.Name(), err)
+				}
+				ps = append(ps, p)
 			}
-			ps = append(ps, p)
 		}
 	}