Documentation ¶
Index ¶
Constants ¶
const (
Wildcard = -1
)
Variables ¶
var ( // ErrNotADevice denotes that a file is not a valid linux device. ErrNotADevice = errors.New("not a device node") )
Functions ¶
This section is empty.
Types ¶
type Device ¶ added in v1.0.0
type Device struct { Rule // Path to the device. Path string `json:"path"` // FileMode permission bits for the device. FileMode os.FileMode `json:"file_mode"` // Uid of the device. Uid uint32 `json:"uid"` // Gid of the device. Gid uint32 `json:"gid"` }
func DeviceFromPath ¶
Given the path to a device and its cgroup_permissions(which cannot be easily queried) look up the information about a linux device and return that information as a Device struct.
func GetDevices ¶ added in v1.0.0
GetDevices recursively traverses a directory specified by path and returns all devices found there.
func HostDevices ¶
HostDevices returns all devices that can be found under /dev directory.
type Permissions ¶ added in v1.0.0
type Permissions string
Permissions is a cgroupv1-style string to represent device access. It has to be a string for backward compatibility reasons, hence why it has methods to do set operations.
func (Permissions) Difference ¶ added in v1.0.0
func (p Permissions) Difference(o Permissions) Permissions
Difference returns the set difference of the two sets of Permissions. In set notation, A.Difference(B) gives you A\B.
func (Permissions) Intersection ¶ added in v1.0.0
func (p Permissions) Intersection(o Permissions) Permissions
Intersection computes the intersection of the two sets of Permissions.
func (Permissions) IsEmpty ¶ added in v1.0.0
func (p Permissions) IsEmpty() bool
IsEmpty returns whether the set of permissions in a Permissions is empty.
func (Permissions) IsValid ¶ added in v1.0.0
func (p Permissions) IsValid() bool
IsValid returns whether the set of permissions is a subset of valid permissions (namely, {r,w,m}).
func (Permissions) Union ¶ added in v1.0.0
func (p Permissions) Union(o Permissions) Permissions
Union returns the union of the two sets of Permissions.
type Rule ¶ added in v1.0.0
type Rule struct { // Type of device ('c' for char, 'b' for block). If set to 'a', this rule // acts as a wildcard and all fields other than Allow are ignored. Type Type `json:"type"` // Major is the device's major number. Major int64 `json:"major"` // Minor is the device's minor number. Minor int64 `json:"minor"` // Permissions is the set of permissions that this rule applies to (in the // cgroupv1 format -- any combination of "rwm"). Permissions Permissions `json:"permissions"` // Allow specifies whether this rule is allowed. Allow bool `json:"allow"` }