Syscall

CapabilityBoundingSet setting

configuration
linux
syscall
systemd

Improve the security of services by defining what Linux capabilities are allowed with the help of systemd unit setting CapabilityBoundingSet.

How to see which syscalls are part of a systemd syscall filter set

faq
linux
syscall
systemd-analyze
systemd

Systemd units can be filtered using the SystemCallFilter setting. Learn how to see what syscalls are part of a particular syscall filter set.

SystemCallFilter setting

configuration
linux
syscall
systemd

Harden system and users services, by defining if they are allowed to use specific syscalls or groups, with the use of systemd unit setting SystemCallFilter.

Systemd syscall filtering

linux
security
syscall
systemd

Learn more about the system calls (syscalls) that systemd may use in commands and unit files, such as with SystemCallFilter property.

Monitor file access by Linux processes

linux
lsof
ltrace
strace
syscall

Linux is powerful with the help of small utilities like lsof and strace. They help with monitoring disk and file activity, of new and running processes.