Include policy file in another and combine prior to compilation

[dma]

Is there a way to include the contents of a file in a policy?

For example, this file: https://github.com/twtiger/gosecco/blob/master/profiles/shared.seccomp

Could be shared between multiple application whitelists.

I could have sworn this capability existed in gosecco, but I can't find it. Did I dream this or something?

[chelseakomlo]

You definitely did not dream this!

@olabini can expand more on this, but applying variables/constants/macros from a separate file into a policy file is done here:

https://github.com/twtiger/gosecco/blob/master/seccomp.go#L41

Which is used here:

https://github.com/twtiger/gosecco/blob/master/seccomp.go#L67

[dma]

Ah yes, now I remember, it's in the configuration object where you specify 'includes' and not as a directive in the policy file itself. Thanks, and sorry for the noise!

[chelseakomlo]

No worries. We can specify this better in the documentation as well.