interfaces

package
v0.0.0-...-0a0cebb Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 14, 2025 License: GPL-3.0 Imports: 25 Imported by: 334

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ErrSystemKeyVersion = errors.New("system-key versions not comparable")
	ErrSystemKeyMissing = errors.New("system-key missing on disk")
)

ErrSystemKeyIncomparableVersions indicates that the system-key on disk and the system-key calculated from generateSystemKey have different inputs and are therefore incomparable.

This means: - "snapd" needs to re-generate security profiles - "snap run" cannot wait for those security profiles

View Source
var ByName = func(name string) (iface Interface, err error) {
	panic("ByName is unset, import interfaces/builtin to initialize this")
}

ByName returns an Interface for the given interface name. Note that in order for this to work properly, the package "interfaces/builtin" must also eventually be imported to populate the full list of interfaces.

Functions

func BeforeConnectPlug

func BeforeConnectPlug(iface Interface, plug *ConnectedPlug) error

func BeforePreparePlug

func BeforePreparePlug(iface Interface, plugInfo *snap.PlugInfo) error

BeforePreparePlug sanitizes a plug with a given snapd interface.

func BeforePrepareSlot

func BeforePrepareSlot(iface Interface, slotInfo *snap.SlotInfo) error

Sanitize slot with a given snapd interface.

func CurrentSystemKey

func CurrentSystemKey() (interface{}, error)

CurrentSystemKey calculates and returns the current system key as opaque interface{}.

func MockSystemKey

func MockSystemKey(s string) func()

func PermanentPlugServiceSnippets

func PermanentPlugServiceSnippets(iface Interface, plug *snap.PlugInfo) (snips []string, err error)

PermanentPlugServiceSnippets will return the set of snippets for the systemd service unit that should be generated for a snap with the specified plug. The list returned is not unique, callers must de-duplicate themselves. The plug is provided because the snippet may depend on plug attributes for example. The plug is sanitized before the snippets are returned.

func RecordedSystemKey

func RecordedSystemKey() (interface{}, error)

RecordedSystemKey returns the system key read from the disk as opaque interface{}.

func RemoveSystemKey

func RemoveSystemKey() error

RemoveSystemKey removes the system key from the disk.

func ResetRepository

func ResetRepository(repo *Repository)

func SecurityTagGlobs

func SecurityTagGlobs(snapName string) []string

SecurityTagGlobs returns patterns that match all security tags belonging to the same snap as the given app.

func SetupMany

func SetupMany(repo *Repository, backend SecurityBackend, appSets []*SnapAppSet, confinementOpts func(snapName string) ConfinementOptions, tm timings.Measurer) []error

SetupMany generates profiles of snaps using either SetupMany() method of the security backend (if implemented), or Setup(). All errors are logged. The return value indicates if all profiles were successfully generated.

func SystemKeyMismatch

func SystemKeyMismatch(extraData SystemKeyExtraData) (bool, error)

SystemKeyMismatch checks if the running binary expects a different system-key than what is on disk.

This is used in two places:

  • snap run: when there is a mismatch it will wait for snapd to re-generate the security profiles
  • snapd: on startup it checks if the system-key has changed and if so re-generate the security profiles

This ensures that "snap run" and "snapd" have a consistent set of security profiles. Without it we may have the following scenario:

  1. snapd gets refreshed and snaps need updated security profiles to work (e.g. because snap-exec needs a new permission)
  2. The system reboots to start the new snapd. At this point the old security profiles are on disk (because the new snapd did not run yet)
  3. Snaps that run as daemon get started during boot by systemd (e.g. network-manager). This may happen before snapd had a chance to refresh the security profiles.
  4. Because the security profiles are for the old version of the snaps that run before snapd fail to start. For e.g. network-manager this is of course catastrophic.

To prevent this, in step(4) we have this wait-for-snapd step to ensure the expected profiles are on disk.

The apparmor-parser-features system-key is handled specially and not included in this comparison because it is written out to disk whenever apparmor-parser-mtime changes (in this manner snap run only has to obtain the mtime of apparmor_parser and doesn't have to invoke it)

func SystemKeysMatch

func SystemKeysMatch(systemKey1, systemKey2 interface{}) (bool, error)

SystemKeysMatch returns whether the given system keys match.

func UnmarshalJSONSystemKey

func UnmarshalJSONSystemKey(r io.Reader) (interface{}, error)

UnmarshalJSONSystemKey unmarshalls the data from the reader as JSON into a system key usable with SystemKeysMatch.

func ValidateDBusBusName

func ValidateDBusBusName(busName string) error

ValidateDBusBusName checks if a string conforms to https://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-names

func WriteSystemKey

func WriteSystemKey(extraData SystemKeyExtraData) error

WriteSystemKey will write the current system-key to disk

Types

type Attrer

type Attrer interface {
	// Attr returns attribute value for given path, or an error. Dotted paths are supported.
	Attr(path string, value interface{}) error
	// Lookup returns attribute value for given path, or false. Dotted paths are supported.
	Lookup(path string) (value interface{}, ok bool)
}

Attrer is an interface with Attr getter method common to ConnectedSlot, ConnectedPlug, PlugInfo and SlotInfo types.

type ConfinementOptions

type ConfinementOptions struct {
	// DevMode flag switches confinement to non-enforcing mode.
	DevMode bool
	// JailMode flag switches confinement to enforcing mode.
	JailMode bool
	// Classic flag switches the core snap "chroot" off.
	Classic bool
	// ExtraLayouts is a list of extra mount layouts to add to the
	// snap. One example being if the snap is inside a quota group
	// with a journal quota set. This will require an additional layout
	// as systemd provides a mount namespace which will clash with the
	// one snapd sets up.
	ExtraLayouts []snap.Layout
	// AppArmorPrompting indicates whether the prompt prefix should be used in
	// relevant rules when generating AppArmor security profiles.
	AppArmorPrompting bool
	// KernelSnap is the name of the kernel snap in the system
	// (empty for classic systems).
	KernelSnap string
}

ConfinementOptions describe confinement configuration.

The confinement system controls the initial layout of the mount namespace as well as the set of actions a process is allowed to perform. Confinement is initially defined by the ConfinementType declared by the snap. It can be either "strict", "devmode" or "classic".

The "strict" type uses mount layout that puts the core snap as the root filesystem and provides strong isolation from the system and from other snaps. Violations cause permission errors or mandatory process termination.

The "devmode" type uses the same mount layout as "strict" but switches confinement to non-enforcing mode whenever possible. Violations that would result in permission error or process termination are instead permitted. A diagnostic message is logged when this occurs.

The "classic" type uses mount layout that is identical to the runtime of the classic system snapd runs in, in other words there is no "chroot". Most of the confinement is lifted, specifically there's no seccomp filter being applied and apparmor is using complain mode by default.

The three types defined above map to some combinations of the three flags defined below.

The DevMode flag attempts to switch all confinement facilities into non-enforcing mode even if the snap requested otherwise.

The JailMode flag attempts to switch all confinement facilities into enforcing mode even if the snap requested otherwise.

The Classic flag switches the layout of the mount namespace so that there's no "chroot" to the core snap.

type ConnPlugSanitizer

type ConnPlugSanitizer interface {
	BeforeConnectPlug(plug *ConnectedPlug) error
}

ConnPlugSanitizer can be implemented by Interfaces that have reasons to sanitize their plugs specifically before a connection is performed.

type ConnRef

type ConnRef struct {
	PlugRef PlugRef
	SlotRef SlotRef
}

ConnRef holds information about plug and slot reference that form a particular connection.

func NewConnRef

func NewConnRef(plug *snap.PlugInfo, slot *snap.SlotInfo) *ConnRef

NewConnRef creates a connection reference for given plug and slot

func ParseConnRef

func ParseConnRef(id string) (*ConnRef, error)

ParseConnRef parses an ID string

func (*ConnRef) ID

func (conn *ConnRef) ID() string

ID returns a string identifying a given connection.

func (*ConnRef) SortsBefore

func (conn *ConnRef) SortsBefore(other *ConnRef) bool

SortsBefore returns true when connection should be sorted before the other

type ConnectedPlug

type ConnectedPlug struct {
	// contains filtered or unexported fields
}

ConnectedPlug represents a plug that is connected to a slot.

func NewConnectedPlug

func NewConnectedPlug(plug *snap.PlugInfo, appSet *SnapAppSet, staticAttrs, dynamicAttrs map[string]interface{}) *ConnectedPlug

NewConnectedPlug creates an object representing a connected plug.

func (*ConnectedPlug) AppSet

func (plug *ConnectedPlug) AppSet() *SnapAppSet

AppSet return the app set that this plug is associated with.

func (*ConnectedPlug) Attr

func (plug *ConnectedPlug) Attr(key string, val interface{}) error

Attr returns a dynamic attribute with the given name. It falls back to returning static attribute if dynamic one doesn't exist. Error is returned if neither dynamic nor static attribute exist.

func (*ConnectedPlug) DynamicAttrs

func (plug *ConnectedPlug) DynamicAttrs() map[string]interface{}

DynamicAttrs returns all dynamic attributes.

func (*ConnectedPlug) Interface

func (plug *ConnectedPlug) Interface() string

Interface returns the name of the interface for this plug.

func (*ConnectedPlug) LabelExpression

func (plug *ConnectedPlug) LabelExpression() string

LabelExpression returns the label expression for the given plug. It is constructed from the apps and hooks that are associated with the plug.

func (*ConnectedPlug) Lookup

func (plug *ConnectedPlug) Lookup(path string) (interface{}, bool)

func (*ConnectedPlug) Name

func (plug *ConnectedPlug) Name() string

Name returns the name of this plug.

func (*ConnectedPlug) Ref

func (plug *ConnectedPlug) Ref() *PlugRef

Ref returns the PlugRef for this plug.

func (*ConnectedPlug) Runnables

func (plug *ConnectedPlug) Runnables() []snap.Runnable

Runnables returns a list of all runnables that should be connected to the given plug.

func (*ConnectedPlug) SetAttr

func (plug *ConnectedPlug) SetAttr(key string, value interface{}) error

SetAttr sets the given dynamic attribute. Error is returned if the key is already used by a static attribute.

func (*ConnectedPlug) Snap

func (plug *ConnectedPlug) Snap() *snap.Info

Snap returns the snap Info of this plug.

func (*ConnectedPlug) StaticAttr

func (plug *ConnectedPlug) StaticAttr(key string, val interface{}) error

StaticAttr returns a static attribute with the given key, or error if attribute doesn't exist.

func (*ConnectedPlug) StaticAttrs

func (plug *ConnectedPlug) StaticAttrs() map[string]interface{}

StaticAttrs returns all static attributes.

type ConnectedSlot

type ConnectedSlot struct {
	// contains filtered or unexported fields
}

ConnectedSlot represents a slot that is connected to a plug.

func NewConnectedSlot

func NewConnectedSlot(slot *snap.SlotInfo, appSet *SnapAppSet, staticAttrs, dynamicAttrs map[string]interface{}) *ConnectedSlot

NewConnectedSlot creates an object representing a connected slot.

func (*ConnectedSlot) AppSet

func (slot *ConnectedSlot) AppSet() *SnapAppSet

AppSet return the app set that this slot is associated with.

func (*ConnectedSlot) Apps

func (slot *ConnectedSlot) Apps() map[string]*snap.AppInfo

Apps returns all the apps associated with this slot.

func (*ConnectedSlot) Attr

func (slot *ConnectedSlot) Attr(key string, val interface{}) error

Attr returns a dynamic attribute with the given name. It falls back to returning static attribute if dynamic one doesn't exist. Error is returned if neither dynamic nor static attribute exist.

func (*ConnectedSlot) DynamicAttrs

func (slot *ConnectedSlot) DynamicAttrs() map[string]interface{}

DynamicAttrs returns all dynamic attributes.

func (*ConnectedSlot) Interface

func (slot *ConnectedSlot) Interface() string

Interface returns the name of the interface for this slot.

func (*ConnectedSlot) LabelExpression

func (slot *ConnectedSlot) LabelExpression() string

LabelExpression returns the label expression for the given slot. It is constructed from the apps and hooks that are associated with the slot.

func (*ConnectedSlot) Lookup

func (slot *ConnectedSlot) Lookup(path string) (interface{}, bool)

func (*ConnectedSlot) Name

func (slot *ConnectedSlot) Name() string

Name returns the name of this slot.

func (*ConnectedSlot) Ref

func (slot *ConnectedSlot) Ref() *SlotRef

Ref returns the SlotRef for this slot.

func (*ConnectedSlot) Runnables

func (slot *ConnectedSlot) Runnables() []snap.Runnable

Runnables returns a list of all runnables that should be connected to the given slot.

func (*ConnectedSlot) SetAttr

func (slot *ConnectedSlot) SetAttr(key string, value interface{}) error

SetAttr sets the given dynamic attribute. Error is returned if the key is already used by a static attribute.

func (*ConnectedSlot) Snap

func (slot *ConnectedSlot) Snap() *snap.Info

Snap returns the snap Info of this slot.

func (*ConnectedSlot) StaticAttr

func (slot *ConnectedSlot) StaticAttr(key string, val interface{}) error

StaticAttr returns a static attribute with the given key, or error if attribute doesn't exist.

func (*ConnectedSlot) StaticAttrs

func (slot *ConnectedSlot) StaticAttrs() map[string]interface{}

StaticAttrs returns all static attributes.

type Connection

type Connection struct {
	Plug *ConnectedPlug
	Slot *ConnectedSlot
}

Connection represents a connection between a particular plug and slot.

func (*Connection) Interface

func (conn *Connection) Interface() string

Interface returns the name of the interface for this connection.

type EnsureDirSpec

type EnsureDirSpec struct {
	MustExistDir string
	EnsureDir    string
}

EnsureDirSpec contains the information required to ensure the existence of a directory. MustExistDir is the prefix of EnsureDir and must exist as prerequisite for creation for the remainder of missing directories of EnsureDir.

func (*EnsureDirSpec) Validate

func (spec *EnsureDirSpec) Validate() error

Validate returns an error if the ensure directory specification is not valid.

type Info

type Info struct {
	Name    string
	Summary string
	DocURL  string
	Plugs   []*snap.PlugInfo
	Slots   []*snap.SlotInfo
}

Info holds information about a given interface and its instances.

type InfoOptions

type InfoOptions struct {
	Names     []string
	Doc       bool
	Plugs     bool
	Slots     bool
	Connected bool
}

InfoOptions describes options for Info.

Names: return just this subset if non-empty. Doc: return documentation. Plugs: return information about plugs. Slots: return information about slots. Connected: only consider interfaces with at least one connection.

type Interface

type Interface interface {
	// Unique and public name of this interface.
	Name() string

	// AutoConnect returns whether plug and slot should be
	// implicitly auto-connected assuming there will be an
	// unambiguous connection candidate and declaration-based checks
	// allow.
	AutoConnect(plug *snap.PlugInfo, slot *snap.SlotInfo) bool
}

Interface describes a group of interchangeable capabilities with common features. Interfaces act as a contract between system builders, application developers and end users.

type Interfaces

type Interfaces struct {
	Plugs       []*snap.PlugInfo
	Slots       []*snap.SlotInfo
	Connections []*ConnRef
}

Interfaces holds information about a list of plugs, slots and their connections.

type NoPlugOrSlotError

type NoPlugOrSlotError struct {
	// contains filtered or unexported fields
}

NoPlugOrSlotError is returned by Disconnect() if either the plug or slot does no exist.

func (*NoPlugOrSlotError) Error

func (e *NoPlugOrSlotError) Error() string

type NotConnectedError

type NotConnectedError struct {
	// contains filtered or unexported fields
}

NotConnectedError is returned by Disconnect() if the requested connection does not exist.

func (*NotConnectedError) Error

func (e *NotConnectedError) Error() string

type PlugRef

type PlugRef struct {
	Snap string `json:"snap"`
	Name string `json:"plug"`
}

PlugRef is a reference to a plug.

func (PlugRef) SortsBefore

func (ref PlugRef) SortsBefore(other PlugRef) bool

SortsBefore returns true when plug should be sorted before the other

func (PlugRef) String

func (ref PlugRef) String() string

String returns the "snap:plug" representation of a plug reference.

type PlugSanitizer

type PlugSanitizer interface {
	BeforePreparePlug(plug *snap.PlugInfo) error
}

PlugSanitizer can be implemented by Interfaces that have reasons to sanitize their plugs.

type PolicyFunc

type PolicyFunc func(*ConnectedPlug, *ConnectedSlot) (bool, error)

type Repository

type Repository struct {
	// contains filtered or unexported fields
}

Repository stores all known snappy plugs and slots and ifaces.

func NewRepository

func NewRepository() *Repository

NewRepository creates an empty plug repository.

func (*Repository) AddAppSet

func (r *Repository) AddAppSet(appSet *SnapAppSet) error

AddAppSet adds plugs and slots declared by the given app set (snap + components) to the repository.

This function can be used to implement snap install or, when used along with RemoveSnap, snap upgrade.

AddAppSet doesn't change existing plugs/slots. The caller is responsible for ensuring that the app set is not present in the repository in any way prior to calling this function. If this constraint is violated then no changes are made and an error is returned.

Each added plug/slot is validated according to the corresponding interface. Unknown interfaces and plugs/slots that don't validate are not added. Information about those failures are returned to the caller.

func (*Repository) AddBackend

func (r *Repository) AddBackend(backend SecurityBackend) error

AddBackend adds the provided security backend to the repository.

func (*Repository) AddInterface

func (r *Repository) AddInterface(i Interface) error

AddInterface adds the provided interface to the repository.

func (*Repository) AddSlot

func (r *Repository) AddSlot(slot *snap.SlotInfo) error

AddSlot adds a new slot to the repository. Adding a slot with invalid name returns an error. Adding a slot that has the same name and snap name as another slot returns an error.

func (*Repository) AllHotplugInterfaces

func (r *Repository) AllHotplugInterfaces() map[string]Interface

AllHotplugInterfaces returns all interfaces that handle hotplug events.

func (*Repository) AllInterfaces

func (r *Repository) AllInterfaces() []Interface

AllInterfaces returns all the interfaces added to the repository, ordered by name.

func (*Repository) AllPlugs

func (r *Repository) AllPlugs(interfaceName string) []*snap.PlugInfo

AllPlugs returns all plugs of the given interface. If interfaceName is the empty string, all plugs are returned.

func (*Repository) AllSlots

func (r *Repository) AllSlots(interfaceName string) []*snap.SlotInfo

AllSlots returns all slots of the given interface. If interfaceName is the empty string, all slots are returned.

func (*Repository) AutoConnectCandidatePlugs

func (r *Repository) AutoConnectCandidatePlugs(slotSnapName, slotName string, policyCheck func(*ConnectedPlug, *ConnectedSlot) (bool, SideArity, error)) []*snap.PlugInfo

AutoConnectCandidatePlugs finds and returns viable auto-connection candidates for a given slot.

func (*Repository) AutoConnectCandidateSlots

func (r *Repository) AutoConnectCandidateSlots(plugSnapName, plugName string, policyCheck func(*ConnectedPlug, *ConnectedSlot) (bool, SideArity, error)) ([]*snap.SlotInfo, []SideArity)

AutoConnectCandidateSlots finds and returns viable auto-connection candidates for a given plug.

func (*Repository) Backends

func (r *Repository) Backends() []SecurityBackend

Backends returns all the security backends. The order is the same as the order in which they were inserted.

func (*Repository) Connect

func (r *Repository) Connect(ref *ConnRef, plugStaticAttrs, plugDynamicAttrs, slotStaticAttrs, slotDynamicAttrs map[string]interface{}, policyCheck PolicyFunc) (*Connection, error)

Connect establishes a connection between a plug and a slot. The plug and the slot must have the same interface. When connections are reloaded policyCheck is null (we don't check policy again).

func (*Repository) Connected

func (r *Repository) Connected(snapName, plugOrSlotName string) ([]*ConnRef, error)

Connected returns references for all connections that are currently established with the provided plug or slot.

func (*Repository) Connection

func (r *Repository) Connection(connRef *ConnRef) (*Connection, error)

Connection returns the specified Connection object or an error.

func (*Repository) Connections

func (r *Repository) Connections(snapName string) ([]*ConnRef, error)

func (*Repository) ConnectionsForHotplugKey

func (r *Repository) ConnectionsForHotplugKey(ifaceName string, hotplugKey snap.HotplugKey) ([]*ConnRef, error)

ConnectionsForHotplugKey returns all hotplug connections for given interface name and hotplug key.

func (*Repository) Disconnect

func (r *Repository) Disconnect(plugSnapName, plugName, slotSnapName, slotName string) error

Disconnect disconnects the named plug from the slot of the given snap.

Disconnect() finds a specific slot and a specific plug and disconnects that plug from that slot. It is an error if plug or slot cannot be found or if the connect does not exist.

func (*Repository) DisconnectAll

func (r *Repository) DisconnectAll(conns []*ConnRef)

DisconnectAll disconnects all provided connection references.

func (*Repository) DisconnectSnap

func (r *Repository) DisconnectSnap(snapName string) ([]string, error)

DisconnectSnap disconnects all the connections to and from a given snap.

The return value is a list of names that were affected.

func (*Repository) Info

func (r *Repository) Info(opts *InfoOptions) []*Info

Info returns information about interfaces in the system.

If names is empty then all interfaces are considered. Query options decide which data to return but can also skip interfaces without connections. See the documentation of InfoOptions for details.

func (*Repository) Interface

func (r *Repository) Interface(interfaceName string) Interface

Interface returns an interface with a given name.

func (*Repository) Interfaces

func (r *Repository) Interfaces() *Interfaces

Interfaces returns object holding a lists of all the plugs and slots and their connections.

func (*Repository) Plug

func (r *Repository) Plug(snapName, plugName string) *snap.PlugInfo

Plug returns the specified plug from the named snap.

func (*Repository) Plugs

func (r *Repository) Plugs(snapName string) []*snap.PlugInfo

Plugs returns the plugs offered by the named snap.

func (*Repository) RemoveSlot

func (r *Repository) RemoveSlot(snapName, slotName string) error

RemoveSlot removes a named slot from the given snap. Removing a slot that doesn't exist returns an error. Removing a slot that is connected to a plug returns an error.

func (*Repository) RemoveSnap

func (r *Repository) RemoveSnap(snapName string) error

RemoveSnap removes all the plugs and slots associated with a given snap.

This function can be used to implement snap removal or, when used along with AddSnap, snap upgrade.

RemoveSnap does not remove connections. The caller is responsible for ensuring that connections are broken before calling this method. If this constraint is violated then no changes are made and an error is returned.

func (*Repository) ResolveConnect

func (r *Repository) ResolveConnect(plugSnapName, plugName, slotSnapName, slotName string) (*ConnRef, error)

ResolveConnect resolves potentially missing plug or slot names and returns a fully populated connection reference.

func (*Repository) Slot

func (r *Repository) Slot(snapName, slotName string) *snap.SlotInfo

Slot returns the specified slot from the named snap.

func (*Repository) SlotForHotplugKey

func (r *Repository) SlotForHotplugKey(ifaceName string, hotplugKey snap.HotplugKey) (*snap.SlotInfo, error)

SlotForHotplugKey returns a hotplug slot for given interface name and hotplug key or nil if there is no slot.

func (*Repository) Slots

func (r *Repository) Slots(snapName string) []*snap.SlotInfo

Slots returns the slots offered by the named snap.

func (*Repository) SnapSpecification

func (r *Repository) SnapSpecification(securitySystem SecuritySystem, appSet *SnapAppSet, opts ConfinementOptions) (Specification, error)

SnapSpecification returns the specification of a given snap in a given security system.

func (*Repository) UpdateHotplugSlotAttrs

func (r *Repository) UpdateHotplugSlotAttrs(ifaceName string, hotplugKey snap.HotplugKey, staticAttrs map[string]interface{}) (*snap.SlotInfo, error)

UpdateHotplugSlotAttrs updates static attributes of hotplug slot associated with given hotplugkey, and returns the resulting slot. Slots can only be updated if not connected to any plug.

type SecurityBackend

type SecurityBackend interface {
	// Initialize performs any initialization required by the backend.
	// It is called during snapd startup process.
	Initialize(opts *SecurityBackendOptions) error

	// Name returns the name of the backend.
	// This is intended for diagnostic messages.
	Name() SecuritySystem

	// Setup creates and loads security artefacts specific to a given snap.
	// The snap can be in one of three kids onf confinement (strict mode,
	// developer mode or classic mode). In the last two security violations
	// are non-fatal to the offending application process.
	//
	// This method should be called after changing plug, slots, connections
	// between them or application present in the snap.
	Setup(appSet *SnapAppSet, opts ConfinementOptions, repo *Repository, tm timings.Measurer) error

	// Remove removes and unloads security artefacts of a given snap.
	//
	// This method should be called during the process of removing a snap.
	Remove(snapName string) error

	// NewSpecification returns a new specification associated with this backend.
	NewSpecification(*SnapAppSet, ConfinementOptions) Specification

	// SandboxFeatures returns a list of tags that identify sandbox features.
	SandboxFeatures() []string
}

SecurityBackend abstracts interactions between the interface system and the needs of a particular security system.

type SecurityBackendDiscardingLate

type SecurityBackendDiscardingLate interface {
	// RemoveLate removes the security profiles of a snap at the very last
	// step of the remove change.
	RemoveLate(snapName string, rev snap.Revision, typ snap.Type) error
}

SecurityBackendDiscardingLate interface may be implemented by backends that support removal snap profiles late during the very last step of the snap remove process, typically long after the SecuityBackend.Remove() has been invoked.

type SecurityBackendOptions

type SecurityBackendOptions struct {
	// Preseed flag is set when snapd runs in preseed mode.
	Preseed bool
	// CoreSnapInfo is the current revision of the core snap (if it is
	// installed)
	CoreSnapInfo *snap.Info
	// SnapdSnapInfo is the current revision of the snapd snap (if it is
	// installed)
	SnapdSnapInfo *snap.Info
}

SecurityBackendOptions carries extra flags that affect initialization of the backends.

type SecurityBackendSetupMany

type SecurityBackendSetupMany interface {
	// SetupMany creates and loads apparmor profiles of multiple snaps. It tries to process all snaps and doesn't interrupt processing
	// on errors of individual snaps.
	SetupMany(appSets []*SnapAppSet, confinement func(snapName string) ConfinementOptions, repo *Repository, tm timings.Measurer) []error
}

SecurityBackendSetupMany interface may be implemented by backends that can optimize their operations when setting up multiple snaps at once.

type SecuritySystem

type SecuritySystem string

SecuritySystem is a name of a security system.

const (
	// SecurityAppArmor identifies the apparmor security system.
	SecurityAppArmor SecuritySystem = "apparmor"
	// SecuritySecComp identifies the seccomp security system.
	SecuritySecComp SecuritySystem = "seccomp"
	// SecurityDBus identifies the DBus security system.
	SecurityDBus SecuritySystem = "dbus"
	// SecurityUDev identifies the UDev security system.
	SecurityUDev SecuritySystem = "udev"
	// SecurityMount identifies the mount security system.
	SecurityMount SecuritySystem = "mount"
	// SecurityKMod identifies the kernel modules security system.
	SecurityKMod SecuritySystem = "kmod"
	// SecuritySystemd identifies the systemd services security system.
	SecuritySystemd SecuritySystem = "systemd"
	// SecurityPolkit identifies the polkit security system.
	SecurityPolkit SecuritySystem = "polkit"
)

type SideArity

type SideArity interface {
	SlotsPerPlugAny() bool
}

SideArity conveys the arity constraints for an allowed auto-connection. ATM only slots-per-plug might have an interesting non-default value. See: https://forum.snapcraft.io/t/plug-slot-declaration-rules-greedy-plugs/12438

type SlotRef

type SlotRef struct {
	Snap string `json:"snap"`
	Name string `json:"slot"`
}

SlotRef is a reference to a slot.

func (SlotRef) SortsBefore

func (ref SlotRef) SortsBefore(other SlotRef) bool

SortsBefore returns true when slot should be sorted before the other

func (SlotRef) String

func (ref SlotRef) String() string

String returns the "snap:slot" representation of a slot reference.

type SlotSanitizer

type SlotSanitizer interface {
	BeforePrepareSlot(slot *snap.SlotInfo) error
}

SlotSanitizer can be implemented by Interfaces that have reasons to sanitize their slots.

type SnapAppSet

type SnapAppSet struct {
	// contains filtered or unexported fields
}

SnapAppSet is a helper that provides information about executable elements of a snap. This currently includes snap apps and hooks.

func NewSnapAppSet

func NewSnapAppSet(info *snap.Info, components []*snap.ComponentInfo) (*SnapAppSet, error)

NewSnapAppSet returns a new SnapAppSet for the given snap.Info.

func (*SnapAppSet) Components

func (a *SnapAppSet) Components() []*snap.ComponentInfo

Components returns the components that this SnapAppSet was created with.

func (*SnapAppSet) Info

func (a *SnapAppSet) Info() *snap.Info

Info returns the snap.Info that this SnapAppSet is based on.

func (*SnapAppSet) InstanceName

func (a *SnapAppSet) InstanceName() string

InstanceName returns the instance name of the snap that this SnapAppSet is based on.

func (*SnapAppSet) Runnables

func (a *SnapAppSet) Runnables() []snap.Runnable

Runnables returns a list of all runnables known by the app set.

func (*SnapAppSet) SecurityTagsForConnectedPlug

func (a *SnapAppSet) SecurityTagsForConnectedPlug(plug *ConnectedPlug) ([]string, error)

SecurityTagsForConnectedPlug returns the security tags for the given plug. These are derived from the security tags of the apps and hooks that are associated with the plug.

func (*SnapAppSet) SecurityTagsForConnectedSlot

func (a *SnapAppSet) SecurityTagsForConnectedSlot(slot *ConnectedSlot) ([]string, error)

SecurityTagsForConnectedSlot returns the security tags for the given slot. These are derived from the security tags of the apps and hooks that are associated with the slot.

func (*SnapAppSet) SecurityTagsForPlug

func (a *SnapAppSet) SecurityTagsForPlug(plug *snap.PlugInfo) ([]string, error)

SecurityTagsForPlug returns the security tags for the given plug. These are derived from the security tags of the apps and hooks that are associated with the plug.

func (*SnapAppSet) SecurityTagsForSlot

func (a *SnapAppSet) SecurityTagsForSlot(slot *snap.SlotInfo) ([]string, error)

SecurityTagsForSlot returns the security tags for the given slot. These are derived from the security tags of the apps and hooks that are associated with the slot.

type Specification

type Specification interface {
	// AddPermanentSlot records side-effects of having a slot.
	AddPermanentSlot(iface Interface, slot *snap.SlotInfo) error
	// AddPermanentPlug records side-effects of having a plug.
	AddPermanentPlug(iface Interface, plug *snap.PlugInfo) error
	// AddConnectedSlot records side-effects of having a connected slot.
	AddConnectedSlot(iface Interface, plug *ConnectedPlug, slot *ConnectedSlot) error
	// AddConnectedPlug records side-effects of having a connected plug.
	AddConnectedPlug(iface Interface, plug *ConnectedPlug, slot *ConnectedSlot) error
}

Specification describes interactions between backends and interfaces.

type StaticInfo

type StaticInfo struct {
	Summary string
	DocURL  string

	// ImplicitOnCore controls if a slot is automatically added to core (non-classic) systems.
	ImplicitOnCore bool
	// ImplicitOnClassic controls if a slot is automatically added to classic systems.
	ImplicitOnClassic bool

	// AffectsPlugOnRefresh tells if refreshing of a snap with a slot of this interface
	// is disruptive for the snap on the plug side (when the interface is connected),
	// meaning that a refresh of the slot-side affects snap(s) on the plug side
	// due to e.g. namespace changes which require freezing and thawing of the
	// running processes. This flag is consulted when computing snaps affected
	// by refresh for auto-refresh gating with gate-auto-refresh hooks.
	// TODO: if we change the snap-update-ns logic to avoid the freezeing/thawing
	// if there are no changes, there are interfaces like appstream-metadata or
	// system-packages-doc that could get the flag set back to false.
	AffectsPlugOnRefresh bool

	// BaseDeclarationPlugs defines optional plug-side rules in the
	// base-declaration assertion relevant for this interface. See
	// interfaces/builtin/README.md, especially "Base declaration policy
	// patterns".
	BaseDeclarationPlugs string
	// BaseDeclarationSlots defines an optional slot-side rules in the
	// base-declaration assertion relevant for this interface. See
	// interfaces/builtin/README.md, especially "Base declaration policy
	// patterns".
	BaseDeclarationSlots string

	// AppArmorUnconfinedPlugs results in the snap that plugs this interface
	// being granted the AppArmor unconfined profile mode
	AppArmorUnconfinedPlugs bool
	// Similarly, AppArmorUnconfinedSlots results in the snap that slots this interface
	// being granted the AppArmor unconfined profile mode
	AppArmorUnconfinedSlots bool
}

StaticInfo describes various static-info of a given interface.

The Summary must be a one-line string of length suitable for listing views. The DocURL can point to website (e.g. a forum thread) that goes into more depth and documents the interface in detail.

func StaticInfoOf

func StaticInfoOf(iface Interface) (si StaticInfo)

StaticInfoOf returns the static-info of the given interface.

type SystemKeyExtraData

type SystemKeyExtraData struct {
	// AppArmorPrompting indicates whether AppArmorPrompting should be set in
	// the system key, assuming that prompting is supported. If prompting is
	// unsupported, the value in the system key will be set to false.
	AppArmorPrompting bool
}

SystemKeyExtraData holds information about the current state of the system key so that some values do not need to be re-checked and can thus be guaranteed to be consistent across multiple uses of system key functions.

Directories

Path Synopsis
Package apparmor contains primitives for working with apparmor.
Package apparmor contains primitives for working with apparmor.
Package dbus implements interaction between snappy and dbus.
Package dbus implements interaction between snappy and dbus.
Package kmod implements a backend which loads kernel modules on behalf of interfaces.
Package kmod implements a backend which loads kernel modules on behalf of interfaces.
Package mount implements mounts that get mapped into the snap
Package mount implements mounts that get mapped into the snap
Package policy implements the declaration based policy checks for connecting or permitting installation of snaps based on their slots and plugs.
Package policy implements the declaration based policy checks for connecting or permitting installation of snaps based on their slots and plugs.
Package polkit implements interaction between snapd and polkit.
Package polkit implements interaction between snapd and polkit.
Package prompting provides common types and functions related to AppArmor prompting.
Package prompting provides common types and functions related to AppArmor prompting.
errors
The errors package defines common error types which are used across the prompting subsystems, along with constructors for specific errors based on those broader types.
The errors package defines common error types which are used across the prompting subsystems, along with constructors for specific errors based on those broader types.
internal/maxidmmap
Package maxidmmap provides a type for working with atomically unique prompting-related IDs, backed by a memory mapped file.
Package maxidmmap provides a type for working with atomically unique prompting-related IDs, backed by a memory mapped file.
patterns
Package patterns provides types and functions for working with path patterns for request rules related to AppArmor Prompting.
Package patterns provides types and functions for working with path patterns for request rules related to AppArmor Prompting.
requestprompts
Package requestrules provides support for holding outstanding request prompts for AppArmor prompting.
Package requestrules provides support for holding outstanding request prompts for AppArmor prompting.
requestrules
Package requestrules provides support for storing request rules for AppArmor prompting.
Package requestrules provides support for storing request rules for AppArmor prompting.
Package seccomp implements integration between snapd and snap-confine around seccomp.
Package seccomp implements integration between snapd and snap-confine around seccomp.
Package systemd implements integration between snappy interfaces and arbitrary systemd units that may be required for "oneshot" style tasks.
Package systemd implements integration between snappy interfaces and arbitrary systemd units that may be required for "oneshot" style tasks.
Package udev implements integration between snapd, udev and snap-confine around tagging character and block devices so that they can be accessed by applications.
Package udev implements integration between snapd, udev and snap-confine around tagging character and block devices so that they can be accessed by applications.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL