Documentation ¶
Index ¶
Constants ¶
View Source
const ( // FlagOutputFile is the flag for defining the output file location. FlagOutputFile string = cli.FlagOutputFile // FlagType is the flag for defining the recorder type. FlagType string = "type" // FlagBaseSyscalls are the syscalls included in every seccomp profile to // ensure compatibility with OCI runtimes like runc and crun. FlagBaseSyscalls string = "base-syscalls" // FlagNoBaseSyscalls can be used to indicate that no base syscalls should // be added at all. FlagNoBaseSyscalls string = "no-base-syscalls" )
Variables ¶
View Source
var ( // DefaultOutputFile defines the default output location for the recorder. DefaultOutputFile = cli.DefaultFile // DefaultBaseSyscalls are the syscalls included in every seccomp profile // to ensure compatibility with OCI runtimes like runc and crun. // // Please note that the syscalls may vary depending on which container // runtime we choose. DefaultBaseSyscalls = []string{ "access", "arch_prctl", "brk", "capget", "capset", "chdir", "chmod", "chown", "clone", "close", "close_range", "dup2", "dup3", "epoll_create1", "epoll_ctl", "epoll_pwait", "execve", "exit_group", "faccessat2", "fchdir", "fchmodat", "fchown", "fchownat", "fcntl", "fstat", "fstatfs", "futex", "getdents64", "getegid", "geteuid", "getgid", "getpid", "getppid", "gettid", "getuid", "ioctl", "keyctl", "lseek", "mkdirat", "mknodat", "mmap", "mount", "mprotect", "munmap", "nanosleep", "newfstatat", "openat", "openat2", "pipe2", "pivot_root", "prctl", "pread64", "pselect6", "read", "readlink", "readlinkat", "rt_sigaction", "rt_sigprocmask", "rt_sigreturn", "sched_getaffinity", "sched_yield", "seccomp", "set_robust_list", "set_tid_address", "setgid", "setgroups", "sethostname", "setns", "setresgid", "setresuid", "setsid", "setuid", "sigaltstack", "statfs", "statx", "symlinkat", "tgkill", "umask", "umount2", "unlinkat", "unshare", "utimensat", "write", } )
Functions ¶
This section is empty.
Types ¶
type Options ¶
type Options struct {
// contains filtered or unexported fields
}
Options define all possible options for the recorder.
func FromContext ¶
FromContext can be used to create Options from an CLI context.
type Recorder ¶
type Recorder struct {
// contains filtered or unexported fields
}
Recorder is the main structure of this package.
Click to show internal directories.
Click to hide internal directories.