Documentation ¶
Index ¶
Constants ¶
const ( // Linux UIDs range from 0..4294967295, the initial mapping of user IDs is 0:0:4294967295. // // If Tetragon is not run in this initial mapping due to user namespaces or runtime // modifications then reading uids of pids from /proc may return the overflow UID 65534 // if the mapping config where Tetragon is running does not have a mapping of the // uid of the target pid. // The overflow UID is runtime config at /proc/sys/kernel/{overflowuid,overflowgid}. // // The overflow UID historically is also the "nobody" UID, so there is some confusion // there. Tetragon may get overflowuid from kernel but users could confuse this with // the "nobody" user that some distributions use. // // The UID 4294967295 (-1 as an unsigned integer) is an invalid UID, the kernel // ignores and return it in some cases where there is no mapping or to indicate // an invalid UID. So we use it to initialize our UIDs and return it on errors. InvalidUid = ^uint32(0) // 4294967295 (2^32 - 1) )
Variables ¶
This section is empty.
Functions ¶
func GetProcPid ¶
func GetProcStatStrings ¶
func GetSelfPid ¶ added in v1.1.0
GetSelfPid() Get current pid
Returns:
Current pid from procfs and nil on success Zero and error on failure
func GetStatsKtime ¶
func LogCurrentSecurityContext ¶ added in v1.1.0
func LogCurrentSecurityContext()
LogCurrentLSMContext() Logs the current LSM security context.
func PrependPath ¶
Types ¶
type Status ¶ added in v0.8.4
type Status struct { // Real, effective, saved, and filesystem. Uids []string Gids []string // /proc/[pid]/loginuid LoginUid string }
Status reflects fields of `/proc/[pid]/status` and other fields that we want
func (*Status) GetGids ¶ added in v1.0.0
Returns all parsed GIDs on success. If we fail for one value we do not return the overflow ID, we return the invalid UID 4294967295 (-1 as an unsigned integer). The overflow ID is returned when the kernel decides and pass it back, as it can be a valid indication of UID mapping error.
func (*Status) GetLoginUid ¶ added in v1.0.0
Returns the task loginuid on success, if we fail we return the invalid uid 4294967295 that is same value of tasks Returns the task loginuid on success, if we fail we return the invalid uid 4294967295 that is same value of tasks without loginuid.
func (*Status) GetUids ¶ added in v1.0.0
Returns all parsed UIDs on success. If we fail for one value we do not return the overflow ID, we return the invalid UID 4294967295 (-1 as an unsigned integer). The overflow ID is returned when the kernel decides and pass it back, as it can be a valid indication of UID mapping error.