Documentation
¶
Index ¶
- func DefaultCapabilities() []string
- func GetAllCapabilities() []string
- func NormalizeLegacyCapabilities(caps []string) ([]string, error)
- func TweakCapabilities(basics, adds, drops []string, privileged bool) ([]string, error)
- func ValidateCapabilities(caps []string) error
- type Capabilities
- type CapabilityMapping
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func DefaultCapabilities ¶
func DefaultCapabilities() []string
DefaultCapabilities returns a Linux kernel default capabilities
func GetAllCapabilities ¶
func GetAllCapabilities() []string
GetAllCapabilities returns all of the capabilities
func NormalizeLegacyCapabilities ¶
NormalizeLegacyCapabilities normalizes, and validates CapAdd/CapDrop capabilities by upper-casing them, and adding a CAP_ prefix (if not yet present).
This function also accepts the "ALL" magic-value, that's used by CapAdd/CapDrop.
func TweakCapabilities ¶
TweakCapabilities tweaks capabilities by adding, dropping, or overriding capabilities in the basics capabilities list.
func ValidateCapabilities ¶
ValidateCapabilities validates if caps only contains valid capabilities
Types ¶
type Capabilities ¶
type Capabilities []*CapabilityMapping
Capabilities contains all CapabilityMapping
type CapabilityMapping ¶
type CapabilityMapping struct {
Key string `json:"key,omitempty"`
Value capability.Cap `json:"value,omitempty"`
}
CapabilityMapping maps linux capability name to its value of capability.Cap type Capabilities is one of the security systems in Linux Security Module (LSM) framework provided by the kernel. For more details on capabilities, see http://man7.org/linux/man-pages/man7/capabilities.7.html
func GetCapability ¶
func GetCapability(key string) *CapabilityMapping
GetCapability returns CapabilityMapping which contains specific key
func (*CapabilityMapping) String ¶
func (c *CapabilityMapping) String() string
String returns <key> of CapabilityMapping
Source Files