package seccomp

containerd – github.com/containerd/containerd/contrib/seccomp Index | Files

import "github.com/containerd/containerd/contrib/seccomp"

Index ¶

func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp
func WithDefaultProfile() oci.SpecOpts
func WithProfile(profile string) oci.SpecOpts

Functions ¶

func DefaultProfile ¶

func DefaultProfile(sp *specs.Spec) *specs.LinuxSeccomp

DefaultProfile defines the allowed syscalls for the default seccomp profile.

func WithDefaultProfile ¶

func WithDefaultProfile() oci.SpecOpts

WithDefaultProfile sets the default seccomp profile to the spec. Note: must follow the setting of process capabilities

FIXME: pkg/cri/[sb]server/container_create_linux_test.go depends on go:noinline since Go 1.21.

func WithProfile ¶

func WithProfile(profile string) oci.SpecOpts

WithProfile receives the name of a file stored on disk comprising a json formatted seccomp profile, as specified by the opencontainers/runtime-spec. The profile is read from the file, unmarshaled, and set to the spec.

FIXME: pkg/cri/[sb]server/container_create_linux_test.go depends on go:noinline since Go 1.21.

Source Files ¶

seccomp.go seccomp_default_unsupported.go

Version: v1.7.14
Published: Mar 11, 2024
Platform: windows/amd64
Imports: 7 packages
Last checked: 9 seconds ago –

Tools for package owners.

?	: This menu
/	: Search site
f	: Jump to identifier
g then g	: Go to top of page
g then b	: Go to end of page
G	: Go to end of page
g then i	: Go to index
g then e	: Go to examples