← all formulae

libseccomp

brew install libseccomp v2.6.0 LGPL-2.1-only

C shared library providing a platform-independent interface to Linux kernel seccomp syscall filtering via BPF.

Why you might care

Needed by container runtimes (Docker, Podman, systemd) and security tools to restrict process syscalls at the kernel level. Abstracts away BPF complexity with a simple C API; Go bindings also available. Essential build/runtime dependency for anything implementing sandboxing or privilege-dropping on Linux.

Categories

library security

Alternatives

seccomp-bpf BPF

1.9k

30-day installs · #989

12.1k

90-day · #731

44.0k

365-day · #737

921

★ GitHub stars · updated 23d ago

Build dependencies

gperf

GitHub topics

bpf libseccomp seccomp

Links

https://github.com/seccomp/libseccomp
GitHub: seccomp/libseccomp
Brew formula source: Formula/lib/libseccomp.rb

Blurb generated by claude-haiku-4-5 on today.

Raw metadata

{
  "aliases": [],
  "alternatives": [
    "seccomp-bpf",
    "BPF"
  ],
  "build_dependencies": [
    "gperf"
  ],
  "categories": [
    "library",
    "security"
  ],
  "caveats": null,
  "conflicts_with": [],
  "dependencies": [],
  "deprecated": 0,
  "deprecation_reason": null,
  "desc": "Interface to the Linux Kernel\u0027s syscall filtering mechanism",
  "disable_reason": null,
  "disabled": 0,
  "enrichment_fetched_at": "2026-06-20T23:41:15+00:00",
  "first_seen": "2026-06-20T23:34:18+00:00",
  "full_name": "libseccomp",
  "github_default_branch": "main",
  "github_last_commit_at": "2026-05-28T19:35:23Z",
  "github_readme_excerpt": "![Enhanced Seccomp Helper Library](https://github.com/seccomp/libseccomp-artwork/blob/main/logo/libseccomp-color_text.png)\n===============================================================================\nhttps://github.com/seccomp/libseccomp\n\n[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/608/badge)](https://bestpractices.coreinfrastructure.org/projects/608)\n[![Build Status](https://github.com/seccomp/libseccomp/actions/workflows/continuous-integration.yml/badge.svg?branch=main)](https://github.com/seccomp/libseccomp/actions)\n[![CodeQL Analysis](https://github.com/seccomp/libseccomp/actions/workflows/codeql-analysis.yml/badge.svg?branch=main)](https://github.com/seccomp/libseccomp/actions)\n[![Coverage Status](https://img.shields.io/coveralls/github/seccomp/libseccomp/main.svg)](https://coveralls.io/github/seccomp/libseccomp?branch=main)\n\nThe libseccomp library provides an easy to use, platform independent, interface\nto the Linux Kernel\u0027s syscall filtering mechanism.  The libseccomp API is\ndesigned to abstract away the underlying BPF based syscall filter language and\npresent a more conventional function-call based filtering interface that should\nbe familiar to, and easily adopted by, application developers.\n\n## Online Resources\n\nThe library source repository currently lives on GitHub at the following URL:\n\n* https://github.com/seccomp/libseccomp\n\nThe Go language bindings repository currently lives on GitHub at the following\nURL:\n\n* https://github.com/seccomp/libseccomp-golang\n\n## Supported Architectures\n\nThe libseccomp library currently supports the architectures listed below:\n\n* 32-bit x86 (x86)\n* 64-bit x86 (x86_64)\n* 64-bit x86 x32 ABI (x32)\n* 32-bit ARM EABI (arm)\n* 64-bit ARM (aarch64)\n* 64-bit LoongArch (loongarch64)\n* 32-bit Motorola 68000 (m68k)\n* 32-bit MIPS (mips)\n* 32-bit MIPS little endian (mipsel)\n* 64-bit MIPS (mips64)\n* 64-bit MIPS little endian (mipsel64)\n* 64-bit MIPS n32 ABI (mips64n32)\n* 64-bit MIPS n32 ABI little endia",
  "github_repo": "seccomp/libseccomp",
  "github_stars": 921,
  "github_topics": [
    "bpf",
    "libseccomp",
    "seccomp"
  ],
  "homepage": "https://github.com/seccomp/libseccomp",
  "homepage_og_description": null,
  "homepage_og_image": null,
  "homepage_title": null,
  "installs_30d": 1927,
  "installs_365d": 44016,
  "installs_90d": 12109,
  "keg_only": 0,
  "keg_only_reason": null,
  "last_seen": "2026-06-20T23:34:18+00:00",
  "license": "LGPL-2.1-only",
  "llm_generated_at": "2026-06-20T23:48:17+00:00",
  "llm_model": "claude-haiku-4-5",
  "name": "libseccomp",
  "oldnames": [],
  "one_liner": "C shared library providing a platform-independent interface to Linux kernel seccomp syscall filtering via BPF.",
  "optional_dependencies": [],
  "rank_30d": 989,
  "rank_365d": 737,
  "rank_90d": 731,
  "raw_hash": "99d4cc65e023f852",
  "recommended_dependencies": [],
  "revision": 0,
  "ruby_source_path": "Formula/lib/libseccomp.rb",
  "tap": "homebrew/core",
  "test_dependencies": [],
  "uses_from_macos": [],
  "version_head": "HEAD",
  "version_stable": "2.6.0",
  "versioned_formulae": [],
  "why_use_this": "Needed by container runtimes (Docker, Podman, systemd) and security tools to restrict process syscalls at the kernel level. Abstracts away BPF complexity with a simple C API; Go bindings also available. Essential build/runtime dependency for anything implementing sandboxing or privilege-dropping on Linux."
}