Documentation
¶
Index ¶
- Constants
- Variables
- func ByteToString(orig []byte) string
- func CheckUnpriUserNS() error
- func DistinctStrArr(s []string) []string
- func FileExist(path string) bool
- func FindTargetDeviceID(mi *MountInfo) bool
- func GetAllCGroupSubSystem() ([]string, error)
- func GetCgroupVersion() (int, error)
- func GetGateway() (string, error)
- func GetKernelVersion() ([]int, error)
- func HttpSendJson(method string, url string, data string) (string, error)
- func IntContains(s []int, e int) bool
- func IsDir(FilePath string) bool
- func IsDirectory(path string) bool
- func IsSoftLink(FilePath string) bool
- func MakeDev(major, minor string) int
- func PrintH2(title string)
- func PrintItemKey(key string, color bool)
- func PrintItemValue(value string, color bool)
- func PrintItemValueWithKeyOneLine(key, value string, color bool)
- func PrintOrignal(out string)
- func RandString(n int) string
- func ReadLines(path string) ([]string, error)
- func RemoveDuplicateElement(addrs []string) []string
- func RewriteFile(path string, content string, perm os.FileMode)
- func RunKubectlCmd(args ...string) (string, error)
- func SetBlockAccessible(path string) error
- func ShellExec(shellPath string) error
- func StringContains(s []string, e string) bool
- func UnixHttpSend(method string, unixPath string, uri string, data string) (string, error)
- func WriteFile(path string, content string) error
- func WriteFileAdd(path string, content string) error
- func WriteShellcodeToCrontab(header string, filePath string, shellcode string) error
- type Affinity
- type CgroupInfo
- type Cluster
- type ClusterInfo
- type Condition
- type Container
- type ContainerState
- type ContainerStateRunning
- type ContainerStateTerminated
- type ContainerStateWaiting
- type ContainerStatus
- type Context
- type ContextInfo
- type EnvVar
- type FieldsV1
- type K8sContainer
- type K8sContainerPort
- type K8sObjectMeta
- type K8sPod
- type K8sPodSpec
- type KubeConfig
- type Level
- type LevelLogger
- type ManagedField
- type MatchField
- type Metadata
- type MountInfo
- type NodeAffinity
- type NodeSelectorTerm
- type OwnerReference
- type Pod
- type PodIP
- type PodList
- type PodSpec
- type PodStatus
- type Port
- type Resources
- type SecurityContext
- type Sysctl
- type Toleration
- type User
- type UserInfo
- type Wrapper
Constants ¶
View Source
const ( DebugPrefix = "[DEBUG] " InfoPrefix = "[INFO_] " WarnPrefix = "[WARN_] " ErrorPrefix = "[ERROR] " )
View Source
const Colorful = true
Variables ¶
View Source
var ( RedBold = color.New(color.FgRed).Add(color.Bold) GreenBold = color.New(color.FgGreen).Add(color.Bold) YellowBold = color.New(color.FgYellow).Add(color.Bold) BlueBold = color.New(color.FgBlue).Add(color.Bold) )
Colorful Bold use like `GreenBold.Sprint(str)`
View Source
var ( ColorDebugPrefix = GreenBold.Sprint(DebugPrefix) ColorInfoPrefix = BlueBold.Sprint(InfoPrefix) ColorWarnPrefix = YellowBold.Sprint(WarnPrefix) ColorErrorPrefix = RedBold.Sprint(ErrorPrefix) )
View Source
var DefaultLevel = INFO
Functions ¶
func ByteToString ¶
func CheckUnpriUserNS ¶ added in v1.0.6
func CheckUnpriUserNS() error
CheckUnpriUserNS checks if the current host enable unprivileged user namespace. reference:
https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/ https://unit42.paloaltonetworks.com/cve-2022-0492-cgroups/
exceptional case:
the sysctl files(/proc/sys/kernel/unprivileged_userns_clone) only exist in Debian, Ubuntu. We can not check the sysctl file in other distros, test in CentOS Linux release 8.4.2105 (Core).
func GetAllCGroupSubSystem ¶ added in v1.0.6
func GetCgroupVersion ¶ added in v1.0.6
get cgroup version V1/V2 hybrid mode will not work in container
func GetGateway ¶ added in v1.3.0
GetGateway returns the default gateway for the system.
func HttpSendJson ¶ added in v0.1.10
func IntContains ¶ added in v1.0.4
IntContains check string array contains a int number
func IsDirectory ¶ added in v1.0.2
func IsSoftLink ¶
func PrintH2 ¶ added in v1.4.1
func PrintH2(title string)
fmt.Printf(util.GreenBold.Sprint("\n[Information Gathering - System Info]\n"))
func PrintItemKey ¶ added in v1.4.1
func PrintItemValue ¶ added in v1.4.1
func PrintItemValueWithKeyOneLine ¶ added in v1.5.0
func PrintOrignal ¶ added in v1.5.0
func PrintOrignal(out string)
func RandString ¶
func ReadLines ¶ added in v1.0.3
ReadLines reads a whole file into memory and returns a slice of its lines. from https://stackoverflow.com/questions/5884154/read-text-file-into-string-array-and-write
func RemoveDuplicateElement ¶
func RunKubectlCmd ¶ added in v1.5.4
func SetBlockAccessible ¶
set all block device accessible
func StringContains ¶ added in v1.0.4
StringContains check string array contains a string
func UnixHttpSend ¶
func WriteFileAdd ¶ added in v1.0.1
Types ¶
type Affinity ¶ added in v1.5.4
type Affinity struct {
NodeAffinity NodeAffinity `json:"nodeAffinity"`
}
type CgroupInfo ¶ added in v1.0.6
type CgroupInfo struct {
HierarchyID int
ControllerLst string // split by "," but should not be split
CgroupPath string
OriginalInfo string
}
func GetAllCGroup ¶ added in v1.0.6
func GetAllCGroup() ([]CgroupInfo, error)
func GetCgroup ¶ added in v1.1.0
func GetCgroup(pid int) ([]CgroupInfo, error)
GetCgroup returns the cgroup info of the process param pid: 0 = self, 1 = container main process
type Cluster ¶ added in v1.5.4
type Cluster struct {
Cluster ClusterInfo `yaml:"cluster"`
Name string `yaml:"name"`
}
type ClusterInfo ¶ added in v1.5.4
type ContainerState ¶ added in v1.5.4
type ContainerState struct {
Running *ContainerStateRunning `json:"running,omitempty"`
Terminated *ContainerStateTerminated `json:"terminated,omitempty"`
Waiting *ContainerStateWaiting `json:"waiting,omitempty"`
}
type ContainerStateRunning ¶ added in v1.5.4
type ContainerStateTerminated ¶ added in v1.5.4
type ContainerStateWaiting ¶ added in v1.5.4
type ContainerStateWaiting struct {
Reason string `json:"reason"`
}
type ContainerStatus ¶ added in v1.5.4
type ContainerStatus struct {
Name string `json:"name"`
State ContainerState `json:"state"`
LastState ContainerState `json:"lastState"`
Ready bool `json:"ready"`
RestartCount int `json:"restartCount"`
Image string `json:"image"`
ImageID string `json:"imageID"`
ContainerID string `json:"containerID"`
Started bool `json:"started"`
}
type Context ¶ added in v1.5.4
type Context struct {
Context ContextInfo `yaml:"context"`
Name string `yaml:"name"`
}
type ContextInfo ¶ added in v1.5.4
type FieldsV1 ¶ added in v1.5.4
type FieldsV1 struct {
Metadata struct {
GenerateName string `json:"generateName"`
Labels map[string]string `json:"labels"`
OwnerRefs map[string]string `json:"ownerReferences"`
} `json:"metadata"`
Spec struct {
Affinity map[string]interface{} `json:"affinity"`
Containers map[string]interface{} `json:"containers"`
RestartPolicy string `json:"restartPolicy"`
SchedulerName string `json:"schedulerName"`
SecurityContext struct {
Sysctls []Sysctl `json:"sysctls"`
} `json:"securityContext"`
} `json:"spec"`
}
type K8sContainer ¶ added in v1.5.4
type K8sContainer struct {
Name string `yaml:"name"`
Image string `yaml:"image"`
Ports []K8sContainerPort `yaml:"ports,omitempty"`
Command []string `yaml:"command,omitempty"`
}
type K8sContainerPort ¶ added in v1.5.4
type K8sContainerPort struct {
ContainerPort int `yaml:"containerPort"`
}
type K8sObjectMeta ¶ added in v1.5.4
type K8sPod ¶ added in v1.5.4
type K8sPod struct {
APIVersion string `yaml:"apiVersion"`
Kind string `yaml:"kind"`
Metadata K8sObjectMeta `yaml:"metadata"`
Spec K8sPodSpec `yaml:"spec"`
}
type K8sPodSpec ¶ added in v1.5.4
type K8sPodSpec struct {
Containers []K8sContainer `yaml:"containers"`
}
type KubeConfig ¶ added in v1.5.4
type LevelLogger ¶ added in v1.1.0
func (*LevelLogger) Close ¶ added in v1.1.0
func (l *LevelLogger) Close()
func (*LevelLogger) Debug ¶ added in v1.1.0
func (l *LevelLogger) Debug(format string, v ...interface{})
func (*LevelLogger) Error ¶ added in v1.1.0
func (l *LevelLogger) Error(format string, v ...interface{})
func (*LevelLogger) Info ¶ added in v1.1.0
func (l *LevelLogger) Info(format string, v ...interface{})
func (*LevelLogger) Warn ¶ added in v1.1.0
func (l *LevelLogger) Warn(format string, v ...interface{})
type ManagedField ¶ added in v1.5.4
type MatchField ¶ added in v1.5.4
type Metadata ¶ added in v1.5.4
type Metadata struct {
Name string `json:"name,omitempty"`
GenerateName string `json:"generateName,omitempty"`
Namespace string `json:"namespace,omitempty"`
UID string `json:"uid,omitempty"`
ResourceVersion string `json:"resourceVersion,omitempty"`
CreationTimestamp time.Time `json:"creationTimestamp,omitempty"`
Labels map[string]string `json:"labels,omitempty"`
Annotations map[string]string `json:"annotations,omitempty"`
}
type MountInfo ¶
type MountInfo struct {
Device string
Fstype string
Root string
MountPoint string
Opts []string
Major string
Minor string
SuperBlockOptions []string
}
MountInfo Sample: 36 35 98:0 /mnt1 /mnt2 rw,noatime master:1 - ext3 /dev/root rw,errors=continue Sample2: 1659 1605 253:1 /var/lib/kubelet/pods/cc76265f-d44d-4624-91c8-6f6812f85c7e/etc-hosts /etc/hosts rw,noatime - ext4 /dev/vda1 rw Sample3: 52 36 0:47 / /sys/fs/cgroup/memory rw,nosuid,nodev,noexec,relatime shared:26 - cgroup cgroup rw,memory format: mountID parentID major:minor root mountPoint opts - Fstype device SuperBlockOptions
func GetMountInfo ¶
type NodeAffinity ¶ added in v1.5.4
type NodeAffinity struct {
RequiredDuringSchedulingIgnoredDuringExecution struct {
NodeSelectorTerms []NodeSelectorTerm `json:"nodeSelectorTerms"`
} `json:"requiredDuringSchedulingIgnoredDuringExecution"`
}
type NodeSelectorTerm ¶ added in v1.5.4
type NodeSelectorTerm struct {
MatchFields []MatchField `json:"matchFields"`
}
type OwnerReference ¶ added in v1.5.4
type Pod ¶ added in v1.5.4
type Pod struct {
Metadata Metadata `json:"metadata"`
Spec PodSpec `json:"spec"`
Status PodStatus `json:"status"`
ManagedFields []ManagedField `json:"managedFields"`
}
type PodSpec ¶ added in v1.5.4
type PodSpec struct {
Containers []Container `json:"containers"`
RestartPolicy string `json:"restartPolicy"`
TerminationGracePeriodSeconds int `json:"terminationGracePeriodSeconds"`
DNSPolicy string `json:"dnsPolicy"`
ServiceAccountName string `json:"serviceAccountName"`
NodeName string `json:"nodeName"`
SecurityContext SecurityContext `json:"securityContext"`
Affinity Affinity `json:"affinity"`
Tolerations []Toleration `json:"tolerations"`
SchedulerName string `json:"schedulerName"`
}
type PodStatus ¶ added in v1.5.4
type PodStatus struct {
Phase string `json:"phase"`
Conditions []Condition `json:"conditions"`
HostIP string `json:"hostIP"`
PodIP string `json:"podIP"`
PodIPs []PodIP `json:"podIPs"`
StartTime time.Time `json:"startTime"`
ContainerStatuses []ContainerStatus `json:"containerStatuses"`
QOSClass string `json:"qosClass"`
}
type SecurityContext ¶ added in v1.5.4
type SecurityContext struct {
Sysctls []Sysctl `json:"sysctls"`
}
type Toleration ¶ added in v1.5.4
type Wrapper ¶ added in v1.1.0
type Wrapper struct {
LevelLogger
// contains filtered or unexported fields
}
func NewStdoutWrapper ¶ added in v1.1.0
func NewStdoutWrapper() *Wrapper
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.