diff options
| author | Leah Neukirchen <leah@vuxu.org> | 2019-09-23 11:26:29 +0200 |
|---|---|---|
| committer | Leah Neukirchen <leah@vuxu.org> | 2019-09-23 11:26:29 +0200 |
| commit | 4986f27c25ac3d6b20df78f6b137a0b3839dbe3f (patch) | |
| tree | 79284c409d41fd0d528468b87b82227eed05e67f /README | |
| parent | 10e7856380fa97e470c77781efdd92ed110632c9 (diff) | |
| download | reap-4986f27c25ac3d6b20df78f6b137a0b3839dbe3f.tar.gz reap-4986f27c25ac3d6b20df78f6b137a0b3839dbe3f.tar.xz reap-4986f27c25ac3d6b20df78f6b137a0b3839dbe3f.zip | |
add -x to set PR_SET_NO_NEW_PRIVS for the children
Diffstat (limited to 'README')
| -rw-r--r-- | README | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/README b/README index d5c6af4..15b891f 100644 --- a/README +++ b/README @@ -4,7 +4,7 @@ NAME reap – run process until all its spawned processes are dead SYNOPSIS - reap [-vw] command line ... + reap [-vwx] command line ... DESCRIPTION The reap utility executes the given command line and ensures all spawned @@ -19,9 +19,12 @@ DESCRIPTION The options are as follows: + -v Verbose mode, report what reap is doing. + -w Wait for all spawned processes to finish. - -v Verbose mode, report what reap is doing. + -x Forbid execution of binaries we cannot kill (using + PR_SET_NO_NEW_PRIVS). EXIT STATUS The reap utility exits with the exit status of the spawned command. @@ -34,7 +37,7 @@ ASSUMPTIONS enabled. reap can only work reliably when it has permission to kill all spawned - processes and they respect SIGTERM. + processes and they respect SIGTERM (see also -x). RATIONALE Keeping track of all spawned process is traditionally a hard problem on @@ -55,4 +58,4 @@ LICENSE http://creativecommons.org/publicdomain/zero/1.0/ -Void Linux August 13, 2019 Void Linux +Void Linux September 23, 2019 Void Linux |