Documentation ¶
Overview ¶
Package udev implements integration between snapd, udev and snap-confine around tagging character and block devices so that they can be accessed by applications.
TODO: Document this better
Index ¶
- type Backend
- func (b *Backend) Initialize(opts *interfaces.SecurityBackendOptions) error
- func (b *Backend) Name() interfaces.SecuritySystem
- func (b *Backend) NewSpecification(appSet *interfaces.SnapAppSet, opts interfaces.ConfinementOptions) interfaces.Specification
- func (b *Backend) Remove(snapName string) error
- func (b *Backend) SandboxFeatures() []string
- func (b *Backend) Setup(appSet *interfaces.SnapAppSet, opts interfaces.ConfinementOptions, ...) error
- type Specification
- func (spec *Specification) AddConnectedPlug(iface interfaces.Interface, plug *interfaces.ConnectedPlug, ...) error
- func (spec *Specification) AddConnectedSlot(iface interfaces.Interface, plug *interfaces.ConnectedPlug, ...) error
- func (spec *Specification) AddPermanentPlug(iface interfaces.Interface, plug *snap.PlugInfo) error
- func (spec *Specification) AddPermanentSlot(iface interfaces.Interface, slot *snap.SlotInfo) error
- func (spec *Specification) AddSnippet(snippet string)
- func (spec *Specification) ControlsDeviceCgroup() bool
- func (spec *Specification) SetControlsDeviceCgroup()
- func (spec *Specification) SnapAppSet() *interfaces.SnapAppSet
- func (spec *Specification) Snippets() (result []string)
- func (spec *Specification) TagDevice(snippet string)
- func (spec *Specification) TriggerSubsystem(subsystem string)
- func (spec *Specification) TriggeredSubsystems() []string
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Backend ¶
type Backend struct {
// contains filtered or unexported fields
}
Backend is responsible for maintaining udev rules.
func (*Backend) Initialize ¶
func (b *Backend) Initialize(opts *interfaces.SecurityBackendOptions) error
Initialize does nothing.
func (*Backend) Name ¶
func (b *Backend) Name() interfaces.SecuritySystem
Name returns the name of the backend.
func (*Backend) NewSpecification ¶
func (b *Backend) NewSpecification(appSet *interfaces.SnapAppSet, opts interfaces.ConfinementOptions) interfaces.Specification
func (*Backend) Remove ¶
Remove removes udev rules specific to a given snap. If any of the rules are removed then udev database is reloaded.
This method should be called after removing a snap.
If the method fails it should be re-tried (with a sensible strategy) by the caller.
func (*Backend) SandboxFeatures ¶
SandboxFeatures returns the list of features supported by snapd for mediating access to kernel devices.
func (*Backend) Setup ¶
func (b *Backend) Setup(appSet *interfaces.SnapAppSet, opts interfaces.ConfinementOptions, repo *interfaces.Repository, tm timings.Measurer) error
Setup creates udev rules specific to a given snap. If any of the rules are changed or removed then udev database is reloaded.
UDev has no concept of a complain mode so confinement options are ignored.
If the method fails it should be re-tried (with a sensible strategy) by the caller.
type Specification ¶
type Specification struct {
// contains filtered or unexported fields
}
Specification assists in collecting udev snippets associated with an interface.
func NewSpecification ¶
func NewSpecification(appSet *interfaces.SnapAppSet) *Specification
func (*Specification) AddConnectedPlug ¶
func (spec *Specification) AddConnectedPlug(iface interfaces.Interface, plug *interfaces.ConnectedPlug, slot *interfaces.ConnectedSlot) error
AddConnectedPlug records udev-specific side-effects of having a connected plug.
func (*Specification) AddConnectedSlot ¶
func (spec *Specification) AddConnectedSlot(iface interfaces.Interface, plug *interfaces.ConnectedPlug, slot *interfaces.ConnectedSlot) error
AddConnectedSlot records mount-specific side-effects of having a connected slot.
func (*Specification) AddPermanentPlug ¶
func (spec *Specification) AddPermanentPlug(iface interfaces.Interface, plug *snap.PlugInfo) error
AddPermanentPlug records mount-specific side-effects of having a plug.
func (*Specification) AddPermanentSlot ¶
func (spec *Specification) AddPermanentSlot(iface interfaces.Interface, slot *snap.SlotInfo) error
AddPermanentSlot records mount-specific side-effects of having a slot.
func (*Specification) AddSnippet ¶
func (spec *Specification) AddSnippet(snippet string)
AddSnippet adds a new udev snippet.
func (*Specification) ControlsDeviceCgroup ¶
func (spec *Specification) ControlsDeviceCgroup() bool
ControlsDeviceCgroup returns whether a specification was marked as needing to control its own device cgroup which prevents generation of any udev tagging rules for this snap name.
func (*Specification) SetControlsDeviceCgroup ¶
func (spec *Specification) SetControlsDeviceCgroup()
SetControlsDeviceCgroup marks a specification as needing to control its own device cgroup which prevents generation of any udev tagging rules for this snap name TODO: this setting should also imply setting Delegates=true in the ServicePermanentPlug somehow, perhaps just for the commonInterface
func (*Specification) SnapAppSet ¶
func (spec *Specification) SnapAppSet() *interfaces.SnapAppSet
func (*Specification) Snippets ¶
func (spec *Specification) Snippets() (result []string)
Snippets returns a copy of all the snippets added so far.
func (*Specification) TagDevice ¶
func (spec *Specification) TagDevice(snippet string)
TagDevice adds an app/hook specific udev tag to devices described by the snippet and adds an app/hook-specific RUN rule for hotplugging.
func (*Specification) TriggerSubsystem ¶
func (spec *Specification) TriggerSubsystem(subsystem string)
TriggerSubsystem informs ReloadRules() to also do 'udevadm trigger <subsystem specific>'. IMPORTANT: because there is currently no way to call TriggerSubsystem during interface disconnect, TriggerSubsystem() should typically only by used in UDevPermanentSlot since the rules are permanent until the snap is removed.
func (*Specification) TriggeredSubsystems ¶
func (spec *Specification) TriggeredSubsystems() []string