Not every deployment of crosvm may have access to `/usr/share/policy/crosvm`, and requiring the user to specify the directory containing the seccomp policy file directory isn't very friendly to them.
I propose adding the capability to read the value from an environment variable, which can be set once for repeated invocations and by different tools independent of the actual invocation.

Concretely, this is triggered by my packaging of crosvm for Nix, where every instance of a program is made to refer to its dependent files in a store instead of making them universally visible.

Attached is a patch that achieves the functionality.
 

Deleted: seccomp-policy-dir_env-var.patch 1.5 KB

seccomp-policy-dir_env-var.patch 1.5 KB Download