apparmor

package
v0.0.0-...-115137c Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 7, 2021 License: GPL-3.0 Imports: 12 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	ConfDir        string
	CacheDir       string
	SystemCacheDir string
)

Functions

func DecodeLabel

func DecodeLabel(label string) (snap, app, hook string, err error)

func KernelFeatures

func KernelFeatures() ([]string, error)

KernelFeatures returns a sorted list of apparmor features like []string{"dbus", "network"}. The result is cached internally.

func MockFeatures

func MockFeatures(kernelFeatures []string, kernelError error, parserFeatures []string, parserError error) (restore func())

MockAppArmorFeatures makes the system believe it has certain kernel and parser features.

AppArmor level and summary are automatically re-assessed as needed on both the change and the restore process. Use this function to observe real assessment of arbitrary features.

func MockLevel

func MockLevel(level LevelType) (restore func())

MockAppArmorLevel makes the system believe it has certain level of apparmor support.

AppArmor kernel and parser features are set to unrealistic values that do not match the requested level. Use this function to observe behavior that relies solely on the apparmor level value.

func ParserFeatures

func ParserFeatures() ([]string, error)

ParserFeatures returns a sorted list of apparmor parser features like []string{"unsafe", ...}. The computation is costly to perform. The result is cached internally.

func ParserMtime

func ParserMtime() int64

ParserMtime returns the mtime of the AppArmor parser, else 0.

func SnapAppFromPid

func SnapAppFromPid(pid int) (snap, app, hook string, err error)

func Summary

func Summary() string

Summary describes how well apparmor is supported on the current kernel. The computation is costly to perform. The result is cached internally.

Types

type LevelType

type LevelType int

LevelType encodes the kind of support for apparmor found on this system.

const (
	// Unknown indicates that apparmor was not probed yet.
	Unknown LevelType = iota
	// Unsupported indicates that apparmor is not enabled.
	Unsupported
	// Unusable indicates that apparmor is enabled but cannot be used.
	Unusable
	// Partial indicates that apparmor is enabled but some
	// features are missing.
	Partial
	// Full indicates that all features are supported.
	Full
)

func ProbedLevel

func ProbedLevel() LevelType

ProbedLevel quantifies how well apparmor is supported on the current kernel. The computation is costly to perform. The result is cached internally.

func (LevelType) String

func (level LevelType) String() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL