The highest tagged major version is
Documentation
¶
Index ¶
- func ArchiveWrapper(sysOS *sys.OS, cmd *exec.Cmd, output string, allowedCmds []string) (func(), error)
- func DnsmasqProfileName(n network) string
- func ForkproxyDelete(sysOS *sys.OS, inst instance, dev device) error
- func ForkproxyLoad(sysOS *sys.OS, inst instance, dev device) error
- func ForkproxyProfileName(inst instance, dev device) string
- func ForkproxyUnload(sysOS *sys.OS, inst instance, dev device) error
- func InstanceDelete(sysOS *sys.OS, inst instance) error
- func InstanceLoad(sysOS *sys.OS, inst instance, extraBinaries []string) error
- func InstanceNamespaceName(inst instance) string
- func InstanceProfileName(inst instance) string
- func InstanceUnload(sysOS *sys.OS, inst instance) error
- func InstanceValidate(sysOS *sys.OS, inst instance, extraBinaries []string) error
- func NetworkDelete(sysOS *sys.OS, n network) error
- func NetworkLoad(sysOS *sys.OS, n network) error
- func NetworkUnload(sysOS *sys.OS, n network) error
- func QemuImg(sysOS *sys.OS, cmd []string, imgPath string, dstPath string) (string, error)
- func RsyncWrapper(sysOS *sys.OS, cmd *exec.Cmd, sourcePath string, dstPath string) (func(), error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ArchiveWrapper ¶
func ArchiveWrapper(sysOS *sys.OS, cmd *exec.Cmd, output string, allowedCmds []string) (func(), error)
ArchiveWrapper is used as a RunWrapper in the rsync package.
func DnsmasqProfileName ¶
func DnsmasqProfileName(n network) string
DnsmasqProfileName returns the AppArmor profile name.
func ForkproxyDelete ¶
ForkproxyDelete removes the policy from cache/disk.
func ForkproxyLoad ¶
ForkproxyLoad ensures that the instances's policy is loaded into the kernel so the it can boot.
func ForkproxyProfileName ¶
func ForkproxyProfileName(inst instance, dev device) string
ForkproxyProfileName returns the AppArmor profile name.
func ForkproxyUnload ¶
ForkproxyUnload ensures that the instances's policy namespace is unloaded to free kernel memory. This does not delete the policy from disk or cache.
func InstanceDelete ¶
InstanceDelete removes the policy from cache/disk.
func InstanceLoad ¶
InstanceLoad ensures that the instances's policy is loaded into the kernel so the it can boot.
func InstanceNamespaceName ¶
func InstanceNamespaceName(inst instance) string
InstanceNamespaceName returns the instance's AppArmor namespace.
func InstanceProfileName ¶
func InstanceProfileName(inst instance) string
InstanceProfileName returns the instance's AppArmor profile name.
func InstanceUnload ¶
InstanceUnload ensures that the instances's policy namespace is unloaded to free kernel memory. This does not delete the policy from disk or cache.
func InstanceValidate ¶
InstanceValidate generates the instance profile file and validates it.
func NetworkDelete ¶
NetworkDelete removes the profiles from cache/disk.
func NetworkLoad ¶
NetworkLoad ensures that the network's profiles are loaded into the kernel.
func NetworkUnload ¶
NetworkUnload ensures that the network's profiles are unloaded to free kernel memory. This does not delete the policy from disk or cache.
func QemuImg ¶
QemuImg runs qemu-img with an AppArmor profile based on the imgPath and dstPath supplied. The first element of the cmd slice is expected to be a priority limiting command (such as nice or prlimit) and will be added as an allowed command to the AppArmor profile. The remaining elements of the cmd slice are expected to be the qemu-img command and its arguments.
Types ¶
This section is empty.
Source Files