sysenv

package
v0.0.0-...-47a5711 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 17, 2024 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	SMDisabled        string          = "0"
	SeccompMNDisabled SeccompModeName = "disabled"
	SMStrict          string          = "1"
	SeccompMNStrict   SeccompModeName = "strict"
	SMFiltering       string          = "2"
	SeccompMFiltering SeccompModeName = "filtering"
)

Variables

View Source 
var DefaultCapNums = map[capability.Cap]string{
	capability.CAP_SETPCAP:          capability.CAP_SETPCAP.String(),
	capability.CAP_MKNOD:            capability.CAP_MKNOD.String(),
	capability.CAP_AUDIT_WRITE:      capability.CAP_AUDIT_WRITE.String(),
	capability.CAP_CHOWN:            capability.CAP_CHOWN.String(),
	capability.CAP_NET_RAW:          capability.CAP_NET_RAW.String(),
	capability.CAP_DAC_OVERRIDE:     capability.CAP_DAC_OVERRIDE.String(),
	capability.CAP_FOWNER:           capability.CAP_FOWNER.String(),
	capability.CAP_FSETID:           capability.CAP_FSETID.String(),
	capability.CAP_KILL:             capability.CAP_KILL.String(),
	capability.CAP_SETGID:           capability.CAP_SETGID.String(),
	capability.CAP_SETUID:           capability.CAP_SETUID.String(),
	capability.CAP_NET_BIND_SERVICE: capability.CAP_NET_BIND_SERVICE.String(),
	capability.CAP_SYS_CHROOT:       capability.CAP_SYS_CHROOT.String(),
	capability.CAP_SETFCAP:          capability.CAP_SETFCAP.String(),
}
View Source 
var DefaultCapStrings = map[string]struct{}{
	capability.CAP_SETPCAP.String():          {},
	capability.CAP_MKNOD.String():            {},
	capability.CAP_AUDIT_WRITE.String():      {},
	capability.CAP_CHOWN.String():            {},
	capability.CAP_NET_RAW.String():          {},
	capability.CAP_DAC_OVERRIDE.String():     {},
	capability.CAP_FOWNER.String():           {},
	capability.CAP_FSETID.String():           {},
	capability.CAP_KILL.String():             {},
	capability.CAP_SETGID.String():           {},
	capability.CAP_SETUID.String():           {},
	capability.CAP_NET_BIND_SERVICE.String(): {},
	capability.CAP_SYS_CHROOT.String():       {},
	capability.CAP_SETFCAP.String():          {},
}

Functions

func Capabilities 

func Capabilities(pid int) (map[string]struct{}, map[string]struct{}, error)

func HasContainerCgroups 

func HasContainerCgroups() bool

func HasDSImageFlag 

func HasDSImageFlag() bool

func HasDockerEnvPath 

func HasDockerEnvPath() bool

func InContainer 

func InContainer() bool

func InDSContainer 

func InDSContainer() (bool, bool)

func IsDefaultCapSet 

func IsDefaultCapSet(set map[string]struct{}) bool

func IsPrivileged 

func IsPrivileged() bool

func WithAllCapabilities 

func WithAllCapabilities() bool

Types

type SeccompModeName 

type SeccompModeName string

func SeccompMode 

func SeccompMode(pid int) (SeccompModeName, error)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.