package label

import "github.com/opencontainers/selinux/go-selinux/label"

Index ¶

• func ClearLabels()
• func DisableSecOpt() []string
• func DupSecOpt(src string) ([]string, error)
• func FileLabel(path string) (string, error)
• func FormatMountLabel(src string, mountLabel string) string
• func GenLabels(options string) (string, string, error)
• func Init()
• func InitLabels(options []string) (string, string, error)
• func IsShared(label string) bool
• func KeyLabel() (string, error)
• func PidLabel(pid int) (string, error)
• func ProcessLabel() (string, error)
• func ROMountLabel() string
• func Relabel(path string, fileLabel string, shared bool) error
• func RelabelNeeded(label string) bool
• func ReleaseLabel(label string) error
• func ReserveLabel(label string) error
• func SetFileCreateLabel(fileLabel string) error
• func SetFileLabel(path string, fileLabel string) error
• func SetKeyLabel(processLabel string) error
• func SetProcessLabel(processLabel string) error
• func SetSocketLabel(processLabel string) error
• func SocketLabel() (string, error)
• func Validate(label string) error

Functions ¶

func ClearLabels ¶

func ClearLabels()

ClearLabels clears all reserved labels

func DisableSecOpt ¶

func DisableSecOpt() []string

DisableSecOpt returns a security opt that can disable labeling support for future container processes

func DupSecOpt ¶

func DupSecOpt(src string) ([]string, error)

DupSecOpt takes a process label and returns security options that can be used to set duplicate labels on future container processes

func FileLabel ¶

func FileLabel(path string) (string, error)

func FormatMountLabel ¶

func FormatMountLabel(src string, mountLabel string) string

func GenLabels ¶

func GenLabels(options string) (string, string, error)

func Init ¶

func Init()

func InitLabels ¶

func InitLabels(options []string) (string, string, error)

InitLabels returns the process label and file labels to be used within the container. A list of options can be passed into this function to alter the labels.

func IsShared ¶

func IsShared(label string) bool

IsShared checks that the label includes a "shared" mark

func KeyLabel ¶

func KeyLabel() (string, error)

func PidLabel ¶

func PidLabel(pid int) (string, error)

func ProcessLabel ¶

func ProcessLabel() (string, error)

func ROMountLabel ¶

func ROMountLabel() string

func Relabel ¶

func Relabel(path string, fileLabel string, shared bool) error

func RelabelNeeded ¶

func RelabelNeeded(label string) bool

RelabelNeeded checks whether the user requested a relabel

func ReleaseLabel ¶

func ReleaseLabel(label string) error

func ReserveLabel ¶

func ReserveLabel(label string) error

func SetFileCreateLabel ¶

func SetFileCreateLabel(fileLabel string) error

func SetFileLabel ¶

func SetFileLabel(path string, fileLabel string) error

func SetKeyLabel ¶

func SetKeyLabel(processLabel string) error

func SetProcessLabel ¶

func SetProcessLabel(processLabel string) error

func SetSocketLabel ¶

func SetSocketLabel(processLabel string) error

func SocketLabel ¶

func SocketLabel() (string, error)

func Validate ¶

func Validate(label string) error

Validate checks that the label does not include unexpected options

Source Files ¶

label.go