Documentation
¶
Index ¶
- Constants
- Variables
- func CreateDevicesFromHost(rootfs string) error
- type Device
- type DevicePermissions
- func (p DevicePermissions) Difference(o DevicePermissions) DevicePermissions
- func (p DevicePermissions) Intersection(o DevicePermissions) DevicePermissions
- func (p DevicePermissions) IsEmpty() bool
- func (p DevicePermissions) IsValid() bool
- func (p DevicePermissions) Union(o DevicePermissions) DevicePermissions
- type DeviceRule
- type DeviceType
Constants ¶
const (
Wildcard = -1
)
Variables ¶
var ( // ErrNotADevice denotes that a file is not a valid linux device. ErrNotADevice = errors.New("not a device node") )
Functions ¶
func CreateDevicesFromHost ¶
Types ¶
type Device ¶
type Device struct {
DeviceRule
// Path to the device.
Path string `json:"path"`
// FileMode permission bits for the device.
FileMode os.FileMode `json:"file_mode"`
// Uid of the device.
Uid uint32 `json:"uid"`
// Gid of the device.
Gid uint32 `json:"gid"`
}
func DeviceFromPath ¶
Given the path to a device and its cgroup_permissions(which cannot be easily queried) look up the information about a linux device and return that information as a Device struct.
func GetDevices ¶
GetDevices recursively traverses a directory specified by path and returns all devices found there.
func HostDevices ¶
HostDevices returns all devices that can be found under /dev directory.
type DevicePermissions ¶
type DevicePermissions string
DevicePermissions is a cgroupv1-style string to represent device access. It has to be a string for backward compatibility reasons, hence why it has methods to do set operations.
func (DevicePermissions) Difference ¶
func (p DevicePermissions) Difference(o DevicePermissions) DevicePermissions
Difference returns the set difference of the two sets of DevicePermissions. In set notation, A.Difference(B) gives you A\B.
func (DevicePermissions) Intersection ¶
func (p DevicePermissions) Intersection(o DevicePermissions) DevicePermissions
Intersection computes the intersection of the two sets of DevicePermissions.
func (DevicePermissions) IsEmpty ¶
func (p DevicePermissions) IsEmpty() bool
IsEmpty returns whether the set of permissions in a DevicePermissions is empty.
func (DevicePermissions) IsValid ¶
func (p DevicePermissions) IsValid() bool
IsValid returns whether the set of permissions is a subset of valid permissions (namely, {r,w,m}).
func (DevicePermissions) Union ¶
func (p DevicePermissions) Union(o DevicePermissions) DevicePermissions
Union returns the union of the two sets of DevicePermissions.
type DeviceRule ¶
type DeviceRule struct {
// Type of device ('c' for char, 'b' for block). If set to 'a', this rule
// acts as a wildcard and all fields other than Allow are ignored.
Type DeviceType `json:"type"`
// Major is the device's major number.
Major int64 `json:"major"`
// Minor is the device's minor number.
Minor int64 `json:"minor"`
// Permissions is the set of permissions that this rule applies to (in the
// cgroupv1 format -- any combination of "rwm").
Permissions DevicePermissions `json:"permissions"`
// Allow specifies whether this rule is allowed.
Allow bool `json:"allow"`
}
func (*DeviceRule) CgroupString ¶
func (d *DeviceRule) CgroupString() string
func (*DeviceRule) Mkdev ¶
func (d *DeviceRule) Mkdev() (uint64, error)
type DeviceType ¶
type DeviceType rune
const ( WildcardDevice DeviceType = 'a' BlockDevice DeviceType = 'b' CharDevice DeviceType = 'c' // or 'u' FifoDevice DeviceType = 'p' )
func (DeviceType) CanCgroup ¶
func (t DeviceType) CanCgroup() bool
func (DeviceType) CanMknod ¶
func (t DeviceType) CanMknod() bool
func (DeviceType) IsValid ¶
func (t DeviceType) IsValid() bool
Source Files