Directories ¶
Path | Synopsis |
---|---|
Package boot loads the kernel and runs a container.
|
Package boot loads the kernel and runs a container. |
filter
Package filter defines all syscalls the sandbox is allowed to make to the host, and installs seccomp filters to prevent prohibited syscalls in case it's compromised.
|
Package filter defines all syscalls the sandbox is allowed to make to the host, and installs seccomp filters to prevent prohibited syscalls in case it's compromised. |
platforms
Package platforms imports all available platform packages.
|
Package platforms imports all available platform packages. |
platforms/nonstandard
Package nonstandard provides a place for nonstandard platforms.
|
Package nonstandard provides a place for nonstandard platforms. |
pprof
Package pprof provides a stub to initialize custom profilers.
|
Package pprof provides a stub to initialize custom profilers. |
Package cgroup provides an interface to read and write configuration to cgroup.
|
Package cgroup provides an interface to read and write configuration to cgroup. |
Package cli is the main entrypoint for runsc.
|
Package cli is the main entrypoint for runsc. |
Package cmd holds implementations of the runsc commands.
|
Package cmd holds implementations of the runsc commands. |
Package config provides basic infrastructure to set configuration settings for runsc.
|
Package config provides basic infrastructure to set configuration settings for runsc. |
Package console contains utilities for working with pty consols in runsc.
|
Package console contains utilities for working with pty consols in runsc. |
Package container creates and manipulates containers.
|
Package container creates and manipulates containers. |
Package flag wraps flag primitives.
|
Package flag wraps flag primitives. |
Package fsgofer implements p9.File giving access to local files using a simple mapping from a path prefix that is added to the path requested by the sandbox.
|
Package fsgofer implements p9.File giving access to local files using a simple mapping from a path prefix that is added to the path requested by the sandbox. |
filter
Package filter defines all syscalls the gofer is allowed to make, and installs seccomp filters to prevent prohibited syscalls in case it's compromised.
|
Package filter defines all syscalls the gofer is allowed to make, and installs seccomp filters to prevent prohibited syscalls in case it's compromised. |
Package mitigate provides libraries for the mitigate command.
|
Package mitigate provides libraries for the mitigate command. |
Package sandbox creates and manipulates sandboxes.
|
Package sandbox creates and manipulates sandboxes. |
Package specutils contains utility functions for working with OCI runtime specs.
|
Package specutils contains utility functions for working with OCI runtime specs. |
safemount_test
safemount_runner is used to test the SafeMount function.
|
safemount_runner is used to test the SafeMount function. |
seccomp
Package seccomp implements some features of libseccomp in order to support OCI.
|
Package seccomp implements some features of libseccomp in order to support OCI. |
Click to show internal directories.
Click to hide internal directories.