Directories ¶
Path | Synopsis |
---|---|
Package boot loads the kernel and runs a container.
|
Package boot loads the kernel and runs a container. |
filter
Package filter defines all syscalls the sandbox is allowed to make to the host, and installs seccomp filters to prevent prohibited syscalls in case it's compromised.
|
Package filter defines all syscalls the sandbox is allowed to make to the host, and installs seccomp filters to prevent prohibited syscalls in case it's compromised. |
platforms
Package platforms imports all available platform packages.
|
Package platforms imports all available platform packages. |
pprof
Package pprof provides a stub to initialize custom profilers.
|
Package pprof provides a stub to initialize custom profilers. |
procfs
Package procfs holds utilities for getting procfs information for sandboxed processes.
|
Package procfs holds utilities for getting procfs information for sandboxed processes. |
Package cgroup provides an interface to read and write configuration to cgroup.
|
Package cgroup provides an interface to read and write configuration to cgroup. |
Package cli is the main entrypoint for runsc.
|
Package cli is the main entrypoint for runsc. |
Package cmd holds implementations of the runsc commands.
|
Package cmd holds implementations of the runsc commands. |
trace
Package trace provides subcommands for the trace command.
|
Package trace provides subcommands for the trace command. |
util
Package util groups a bunch of common helper functions used by commands.
|
Package util groups a bunch of common helper functions used by commands. |
Package config provides basic infrastructure to set configuration settings for runsc.
|
Package config provides basic infrastructure to set configuration settings for runsc. |
Package console contains utilities for working with pty consols in runsc.
|
Package console contains utilities for working with pty consols in runsc. |
Package container creates and manipulates containers.
|
Package container creates and manipulates containers. |
Package donation tracks files that are being donated to a child process and using flags to notified the child process where the FDs are.
|
Package donation tracks files that are being donated to a child process and using flags to notified the child process where the FDs are. |
Package flag wraps flag primitives.
|
Package flag wraps flag primitives. |
Package fsgofer implements p9.File giving access to local files using a simple mapping from a path prefix that is added to the path requested by the sandbox.
|
Package fsgofer implements p9.File giving access to local files using a simple mapping from a path prefix that is added to the path requested by the sandbox. |
filter
Package filter defines all syscalls the gofer is allowed to make, and installs seccomp filters to prevent prohibited syscalls in case it's compromised.
|
Package filter defines all syscalls the gofer is allowed to make, and installs seccomp filters to prevent prohibited syscalls in case it's compromised. |
Package mitigate provides libraries for the mitigate command.
|
Package mitigate provides libraries for the mitigate command. |
Package profile contains profiling utils.
|
Package profile contains profiling utils. |
Package sandbox creates and manipulates sandboxes.
|
Package sandbox creates and manipulates sandboxes. |
Package specutils contains utility functions for working with OCI runtime specs.
|
Package specutils contains utility functions for working with OCI runtime specs. |
safemount_test
safemount_runner is used to test the SafeMount function.
|
safemount_runner is used to test the SafeMount function. |
seccomp
Package seccomp implements some features of libseccomp in order to support OCI.
|
Package seccomp implements some features of libseccomp in order to support OCI. |
Click to show internal directories.
Click to hide internal directories.