selinux

package
v1.21.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 8, 2016 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

View Source
const (
	Enforcing  = 1
	Permissive = 0
	Disabled   = -1
)
View Source
const (
	InvalidContext = iota
)

Variables

This section is empty.

Functions

func Chcon

func Chcon(fpath string, scon string, recurse bool) error

Change the fpath file object to the SELinux label scon. If the fpath is a directory and recurse is true Chcon will walk the directory tree setting the label

func CopyLevel

func CopyLevel(src, dest string) (string, error)

func DisableSecOpt

func DisableSecOpt() []string

DisableSecOpt returns a security opt that can be used to disabling SELinux labeling support for future container processes

func DupSecOpt

func DupSecOpt(src string) []string

DupSecOpt takes an SELinux process label and returns security options that can will set the SELinux Type and Level for future container processes

func FreeLxcContexts

func FreeLxcContexts(scon string)

func GetLxcContexts

func GetLxcContexts() (processLabel string, fileLabel string, err error)

func Getcon

func Getcon() (string, error)

Getcon returns the SELinux label of the current process thread, or an error.

func Getexeccon

func Getexeccon() (string, error)

func Getfilecon

func Getfilecon(path string) (string, error)

Getfilecon returns the SELinux label for this path or returns an error.

func Getfscreatecon

func Getfscreatecon() (string, error)

func Getpidcon

func Getpidcon(pid int) (string, error)

Getpidcon returns the SELinux label of the given pid, or an error.

func IntToMcs

func IntToMcs(id int, catRange uint32) string

func ReserveLabel

func ReserveLabel(scon string)

func SecurityCheckContext

func SecurityCheckContext(val string) error

func SelinuxEnabled

func SelinuxEnabled() bool

SelinuxEnabled returns whether selinux is currently enabled.

func SelinuxGetEnforce

func SelinuxGetEnforce() int

func SelinuxGetEnforceMode

func SelinuxGetEnforceMode() int

func SetDisabled

func SetDisabled()

SetDisabled disables selinux support for the package

func SetMCSDir added in v0.12.0

func SetMCSDir(arg string) error

Set the directory used for storage of used MCS contexts

func Setexeccon

func Setexeccon(scon string) error

func Setfilecon

func Setfilecon(path string, scon string) error

Setfilecon sets the SELinux label for this path or returns an error.

func Setfscreatecon

func Setfscreatecon(scon string) error

Types

type SELinuxContext

type SELinuxContext map[string]string

func NewContext

func NewContext(scon string) SELinuxContext

func (SELinuxContext) Get

func (c SELinuxContext) Get() string

type SelinuxError

type SelinuxError struct {
	Errno int
	Prob  string
}

func (*SelinuxError) Error

func (e *SelinuxError) Error() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL