proc

package
v0.8.6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 20, 2023 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Overview

SPDX-License-Identifier: Apache-2.0 Copyright Authors of Tetragon

Index

Constants

View Source
const (

	// Linux UIDs range from 0..4294967295, the initial mapping of user IDs is 0:0:4294967295.
	//
	// If Tetragon is not run in this initial mapping due to user namespaces or runtime
	// modifications then reading uids of pids from /proc may return the overflow UID 65534
	// if the mapping config where Tetragon is running does not have a mapping of the
	// the uid of the target pid.
	// The overflow UID is runtime config at /proc/sys/kernel/{overflowuid,overflowgid}.
	//
	// The overflow UID historically is also the "nobody" UID, so there is some confusion
	// there. Tetragon may get overflowuid from kernel but users could confuse this with
	// the "nobody" user that some distributions use.
	//
	// The UID 4294967295 (-1 as an unsigned integer) is an invalid UID, the kernel
	// ignores and return it in some cases where there is no mapping or to indicate an
	// an invalid UID. So we use it to initialize our UIDs and return it on errors.
	InvalidUid = ^uint32(0) // 4294967295 (2^32 - 1)
)

Variables

This section is empty.

Functions

func GetLoginUid

func GetLoginUid(status *Status) (uint32, error)

Returns the task loginuid on success, if we fail we return the invalid uid 4294967295 that is same value of tasks without loginuid.

func GetProcPid

func GetProcPid(pid string) (uint64, error)

func GetProcStatStrings

func GetProcStatStrings(file string) ([]string, error)

func GetStatsKtime

func GetStatsKtime(s []string) (uint64, error)

func GetUids

func GetUids(status *Status) (uint32, uint32, error)

Returns real uid and effective uid on success. If we fail we do not return the overflow ID, we return the invalid UID 4294967295 (-1 as an unsigned integer). The overflow ID is returned when the kernel decides and pass it back, as it can be a valid indication of UID mapping error.

func PrependPath

func PrependPath(s string, b []byte) []byte

Types

type Status

type Status struct {
	// Real, effective, saved, and filesystem.
	Uids []string

	// /proc/[pid]/loginuid
	LoginUid string
}

Status reflects fields of `/proc/[pid]/status` and other fields that we want

func GetStatus

func GetStatus(file string) (*Status, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL