Documentation ¶
Index ¶
- Constants
- func Chcon(fpath string, scon string, recurse bool) error
- func CopyLevel(src, dest string) (string, error)
- func DisableSecOpt() []string
- func DupSecOpt(src string) []string
- func FreeLxcContexts(scon string)
- func GetLxcContexts() (processLabel string, fileLabel string)
- func Getcon() (string, error)
- func Getexeccon() (string, error)
- func Getfilecon(path string) (string, error)
- func Getfscreatecon() (string, error)
- func Getpidcon(pid int) (string, error)
- func IntToMcs(id int, catRange uint32) string
- func ReserveLabel(scon string)
- func SecurityCheckContext(val string) error
- func SelinuxEnabled() bool
- func SelinuxGetEnforce() int
- func SelinuxGetEnforceMode() int
- func SetDisabled()
- func Setexeccon(scon string) error
- func Setfilecon(path string, scon string) error
- func Setfscreatecon(scon string) error
- type SELinuxContext
Constants ¶
const ( Enforcing = 1 Permissive = 0 Disabled = -1 )
Variables ¶
This section is empty.
Functions ¶
func Chcon ¶ added in v1.2.0
Change the fpath file object to the SELinux label scon. If the fpath is a directory and recurse is true Chcon will walk the directory tree setting the label
func DisableSecOpt ¶ added in v1.4.0
func DisableSecOpt() []string
DisableSecOpt returns a security opt that can be used to disabling SELinux labeling support for future container processes
func DupSecOpt ¶ added in v1.4.0
DupSecOpt takes an SELinux process label and returns security options that can will set the SELinux Type and Level for future container processes
func FreeLxcContexts ¶
func FreeLxcContexts(scon string)
func GetLxcContexts ¶
func Getcon ¶ added in v1.2.0
Getcon returns the SELinux label of the current process thread, or an error.
func Getexeccon ¶
func Getfilecon ¶ added in v1.2.0
Getfilecon returns the SELinux label for this path or returns an error.
func Getfscreatecon ¶
func ReserveLabel ¶
func ReserveLabel(scon string)
func SecurityCheckContext ¶
func SelinuxEnabled ¶
func SelinuxEnabled() bool
SelinuxEnabled returns whether selinux is currently enabled.
func SelinuxGetEnforce ¶
func SelinuxGetEnforce() int
func SelinuxGetEnforceMode ¶
func SelinuxGetEnforceMode() int
func Setexeccon ¶
func Setfilecon ¶
Setfilecon sets the SELinux label for this path or returns an error.
func Setfscreatecon ¶
Types ¶
type SELinuxContext ¶
func NewContext ¶
func NewContext(scon string) SELinuxContext
func (SELinuxContext) Get ¶
func (c SELinuxContext) Get() string