Documentation
¶
Index ¶
Constants ¶
View Source
const ( RoleLabel = "kubernetes.io/role" Worker = "node" Master = "master" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AppArmorProfile ¶
type AppArmorProfile struct {
Name string
Rules string
/*
capability net_raw,
capability setuid,
capability setgid,
capability dac_override,
network raw,
network packet,
# for -D
capability sys_module,
@{PROC}/bus/usb/ r,
@{PROC}/bus/usb/** r,
audit deny @{HOME}/bin/ rw,
audit deny @{HOME}/bin/** mrwkl,
@{HOME}/ r,
@{HOME}/** rw,
/usr/sbin/tcpdump r,
*/
Enforced bool
}
func (AppArmorProfile) String ¶
func (p AppArmorProfile) String() string
type AppArmorProfileStatus ¶
func NewAppArmorStatus ¶
func NewAppArmorStatus() *AppArmorProfileStatus
NewAppArmorStatus return apparmor profile status from workder nodes
func (*AppArmorProfileStatus) GetEnforcedProfiles ¶
func (s *AppArmorProfileStatus) GetEnforcedProfiles() []string
GetEnforcedProfiles get enforced profile names
type Node ¶
type NodeList ¶
type NodeList []*Node
func (NodeList) GetEnforcedProfiles ¶
func (NodeList) PrintEnabledStatus ¶
func (nl NodeList) PrintEnabledStatus()
PrintEnabledStatus prints AppArmor enabled status on worker nodes
func (NodeList) PrintEnforcementStatus ¶
func (nl NodeList) PrintEnforcementStatus()
PrintEnforcementStatus prints enforced AppArmor profile on worker nodes
Source Files
Click to show internal directories.
Click to hide internal directories.