gaia: go.aporeto.io/gaia/types Index | Files

package types

import "go.aporeto.io/gaia/types"

Index

Package Files

auditconstants.go audittypes.go claims.go isolationprofile.go

type ArchitecturesType Uses

type ArchitecturesType string

ArchitecturesType is the type for different architectures supported.

const (
    ArchitectureTypeX86         ArchitecturesType = "x86"
    ArchitectureTypeX86_64      ArchitecturesType = "amd64"
    ArchitectureTypeX32         ArchitecturesType = "x32"
    ArchitectureTypeARM         ArchitecturesType = "arm"
    ArchitectureTypeAARCH64     ArchitecturesType = "arm64"
    ArchitectureTypeMIPS        ArchitecturesType = "mips"
    ArchitectureTypeMIPS64      ArchitecturesType = "mips64"
    ArchitectureTypeMIPS64N32   ArchitecturesType = "mips64n32"
    ArchitectureTypeMIPSEL      ArchitecturesType = "mipsel"
    ArchitectureTypeMIPSEL64    ArchitecturesType = "mipsel64"
    ArchitectureTypeMIPSEL64N32 ArchitecturesType = "mipsel64n32"
    ArchitectureTypePPC         ArchitecturesType = "ppc"
    ArchitectureTypePPC64       ArchitecturesType = "ppc64"
    ArchitectureTypePPC64LE     ArchitecturesType = "ppc64le"
    ArchitectureTypeS390        ArchitecturesType = "s390"
    ArchitectureTypeS390X       ArchitecturesType = "s390x"
)

Values of ArchitecturesType.

func (ArchitecturesType) Validate Uses

func (a ArchitecturesType) Validate() error

Validate validates the architectures.

type ArchitecturesTypeList Uses

type ArchitecturesTypeList []ArchitecturesType

ArchitecturesTypeList is a list of ArchitectureTypes.

func (ArchitecturesTypeList) Validate Uses

func (a ArchitecturesTypeList) Validate() error

Validate validates an architectures type list.

type AuditFilePermissions Uses

type AuditFilePermissions string

AuditFilePermissions is the type of file permissions

const (
    AuditFilePermissionsWrite     AuditFilePermissions = "w"
    AuditFilePermissionsRead      AuditFilePermissions = "r"
    AuditFilePermissionsExecute   AuditFilePermissions = "x"
    AuditFilePermissionsAttribute AuditFilePermissions = "a"
)

Values of AuditFilePermissions

func (AuditFilePermissions) Validate Uses

func (a AuditFilePermissions) Validate(attribute string) error

Validate validates the audit file permissions

type AuditFilterActionType Uses

type AuditFilterActionType string

AuditFilterActionType are the types allowed in the audit filter action

const (
    AuditFilterActionTypeNever  AuditFilterActionType = "never"
    AuditFilterActionTypeAlways AuditFilterActionType = "always"
)

Values of AuditFilterActionType

func AuditFilterActionTypeFromString Uses

func AuditFilterActionTypeFromString(value string) (AuditFilterActionType, error)

AuditFilterActionTypeFromString returns the AuditFilterActionType from a given string value.

func (AuditFilterActionType) Validate Uses

func (a AuditFilterActionType) Validate(attribute string) error

Validate validates the AuditFilterActionType

type AuditFilterKind Uses

type AuditFilterKind uint8

AuditFilterKind specifies a type of filter to apply to a syscall rule.

const (
    AuditFilterKindInterFieldFilter AuditFilterKind = iota + 1 // Inter-field comparison filtering (-C).
    AuditFilteRKindValueFilter                                 // Filtering based on values (-F).
)

The type of filters that can be applied.

func AuditFilterKindFromInt Uses

func AuditFilterKindFromInt(value int) (AuditFilterKind, error)

AuditFilterKindFromInt converts an int to an AuditFilterKind.

type AuditFilterListType Uses

type AuditFilterListType string

AuditFilterListType are the types allowed in the list argument of audit filters

const (
    AuditFilterListTypeTask    AuditFilterListType = "task"
    AuditFilterListTypeExit    AuditFilterListType = "exit"
    AuditFilterListTypeUser    AuditFilterListType = "user"
    AuditFilterListTypeExclude AuditFilterListType = "exclude"
)

Values of AuditFilterListType

func AuditFilterListTypeFromString Uses

func AuditFilterListTypeFromString(value string) (AuditFilterListType, error)

AuditFilterListTypeFromString returns the AuditFilterListType from a given string value.

func (AuditFilterListType) Validate Uses

func (a AuditFilterListType) Validate(attribute string) error

Validate validates the AuditFilterListType

type AuditFilterOperator Uses

type AuditFilterOperator string

AuditFilterOperator is the operator for filters.

const (
    AuditFilterOperatorEqual           AuditFilterOperator = "="
    AuditFilterOperatorNotEqual        AuditFilterOperator = "!="
    AuditFilterOperatorGreater         AuditFilterOperator = ">"
    AuditFilterOperatorLessThan        AuditFilterOperator = "<"
    AuditFilterOperatorGreaterOrEqual  AuditFilterOperator = ">="
    AuditFilterOperatorLessThanOrEqual AuditFilterOperator = "<="
    AuditFilterOperatorBitMask         AuditFilterOperator = "&"
    AuditFilterOperatorBitTest         AuditFilterOperator = "&="
)

Values of AuditFilterOperator

func AuditFilterOperatorFromString Uses

func AuditFilterOperatorFromString(value string) (AuditFilterOperator, error)

AuditFilterOperatorFromString returns the AuditFilterOperator from a given string value.

func (AuditFilterOperator) Validate Uses

func (a AuditFilterOperator) Validate(attribute string) error

Validate validates the audit filter operator

type AuditFilterSpec Uses

type AuditFilterSpec struct {
    Kind       AuditFilterKind     `msgpack:"kind" json:"kind"`
    LHS        AuditFilterType     `msgpack:"lhs" json:"lhs"`
    Comparator AuditFilterOperator `msgpack:"comparator" json:"comparator"`
    RHS        string              `msgpack:"rhs" json:"rhs"`
}

AuditFilterSpec defines a filter to apply to a syscall rule.

func (*AuditFilterSpec) String Uses

func (f *AuditFilterSpec) String() string

func (*AuditFilterSpec) Validate Uses

func (f *AuditFilterSpec) Validate() error

Validate validates and AuditFilterSpec

type AuditFilterType Uses

type AuditFilterType string

AuditFilterType are the valid IDs of the audit filters.

const (
    AuditFilterTypeA0         AuditFilterType = "a0"
    AuditFilterTypeA1         AuditFilterType = "a1"
    AuditFilterTypeA2         AuditFilterType = "a2"
    AuditFilterTypeA3         AuditFilterType = "a3"
    AuditFilterTypeArch       AuditFilterType = "arch"
    AuditFilterTypeDevMajor   AuditFilterType = "devmajor"
    AuditFilterTypeDevMinor   AuditFilterType = "devminor"
    AuditFilterTypeDir        AuditFilterType = "dir"
    AuditFilterTypeEgid       AuditFilterType = "egid"
    AuditFilterTypeEuid       AuditFilterType = "euid"
    AuditFilterTypeExit       AuditFilterType = "exit"
    AuditFilterTypeFiletype   AuditFilterType = "filetye"
    AuditFilterTypeFsgid      AuditFilterType = "fsgid"
    AuditFilterTypeFsuid      AuditFilterType = "fsuid"
    AuditFilterTypeGid        AuditFilterType = "gid"
    AuditFilterTypeInode      AuditFilterType = "inode"
    AuditFilterTypeMsgtype    AuditFilterType = "msgtype"
    AuditFilterTypeObjgid     AuditFilterType = "obj_gid"
    AuditFilterTypeObjlevhigh AuditFilterType = "obj_lev_highj"
    AuditFilterTypeObjlevlow  AuditFilterType = "obj_lev_low"
    AuditFilterTypeObjrole    AuditFilterType = "obj_role"
    AuditFilterTypeObjtype    AuditFilterType = "obj_type"
    AuditFilterTypeObjuid     AuditFilterType = "obj_uid"
    AuditFilterTypeObjuser    AuditFilterType = "obj_user"
    AuditFilterTypePath       AuditFilterType = "path"
    AuditFilterTypePerm       AuditFilterType = "perm"
    AuditFilterTypePers       AuditFilterType = "pers"
    AuditFilterTypePid        AuditFilterType = "pid"
    AuditFilterTypePpid       AuditFilterType = "ppid"
    AuditFilterTypeSgid       AuditFilterType = "sgid"
    AuditFilterTypeSubclr     AuditFilterType = "subj_clr"
    AuditFilterTypeSubjrole   AuditFilterType = "subj_role"
    AuditFilterTypeSubjtype   AuditFilterType = "subj_type"
    AuditFilterTypeSubsen     AuditFilterType = "subj_sen"
    AuditFilterTypeSubuser    AuditFilterType = "subj_user"
    AuditFilterTypeSuccess    AuditFilterType = "success"
    AuditFilterTypeSuid       AuditFilterType = "suid"
    AuditFilterTypeUserid     AuditFilterType = "uid"
    AuditFilterTypeAuid       AuditFilterType = "auid"
    AuditFilterTypeKey        AuditFilterType = "key"
    AuditFilterTypeExe        AuditFilterType = "exe"
)

Values of AuditFilterType.

func AuditFilterTypeFromString Uses

func AuditFilterTypeFromString(value string) (AuditFilterType, error)

AuditFilterTypeFromString returns the AuditFilterType from a given string value.

func (AuditFilterType) Validate Uses

func (a AuditFilterType) Validate(attribute string) error

Validate validates the AuditFilterType

type AuditProfileRule Uses

type AuditProfileRule struct {
    Type     AuditProfileRuleType `msgpack:"type" json:"type"`
    Files    *FileWatchRule       `msgpack:"files,omitempty" json:"files,omitempty"`
    Syscalls *SyscallRule         `msgpack:"syscalls,omitempty" json:"syscalls,omitempty"`
}

AuditProfileRule is a generic audit rule

func (*AuditProfileRule) Validate Uses

func (a *AuditProfileRule) Validate() error

Validate validates an audit rule

type AuditProfileRuleList Uses

type AuditProfileRuleList []*AuditProfileRule

AuditProfileRuleList is a list of AuditProfileRules

func (AuditProfileRuleList) Validate Uses

func (a AuditProfileRuleList) Validate() error

Validate will validate all rules in the list

type AuditProfileRuleType Uses

type AuditProfileRuleType int

AuditProfileRuleType specifies the audit rule type.

const (
    DeleteAllRuleType      AuditProfileRuleType = iota + 1 // DeleteAllRule
    FileWatchRuleType                                      // FileWatchRule
    AppendSyscallRuleType                                  // SyscallRule
    PrependSyscallRuleType                                 // SyscallRule
)

The rule types supported by this package.

type AuditSystemCallType Uses

type AuditSystemCallType string

AuditSystemCallType is the type for the system calls.

const (
    AuditSystemCallTypeREAD                AuditSystemCallType = "read"
    AuditSystemCallTypeWRITE               AuditSystemCallType = "write"
    AuditSystemCallTypeOPEN                AuditSystemCallType = "open"
    AuditSystemCallTypeCLOSE               AuditSystemCallType = "close"
    AuditSystemCallTypeSTAT                AuditSystemCallType = "stat"
    AuditSystemCallTypeFSTAT               AuditSystemCallType = "fstat"
    AuditSystemCallTypeLSTAT               AuditSystemCallType = "lstat"
    AuditSystemCallTypePOLL                AuditSystemCallType = "poll"
    AuditSystemCallTypeLSEEK               AuditSystemCallType = "lseek"
    AuditSystemCallTypeMMAP                AuditSystemCallType = "mmap"
    AuditSystemCallTypeMPROTECT            AuditSystemCallType = "mprotect"
    AuditSystemCallTypeMUNMAP              AuditSystemCallType = "munmap"
    AuditSystemCallTypeBRK                 AuditSystemCallType = "brk"
    AuditSystemCallTypeRTSIGACTION         AuditSystemCallType = "rt_sigaction"
    AuditSystemCallTypeRTSIGPROCMASK       AuditSystemCallType = "rt_sigprocmask"
    AuditSystemCallTypeRTSIGRETURN         AuditSystemCallType = "rt_sigreturn"
    AuditSystemCallTypeIOCTL               AuditSystemCallType = "ioctl"
    AuditSystemCallTypePREAD64             AuditSystemCallType = "pread64"
    AuditSystemCallTypePWRITE64            AuditSystemCallType = "pwrite64"
    AuditSystemCallTypeREADV               AuditSystemCallType = "readv"
    AuditSystemCallTypeWRITEV              AuditSystemCallType = "writev"
    AuditSystemCallTypeACCESS              AuditSystemCallType = "access"
    AuditSystemCallTypePIPE                AuditSystemCallType = "pipe"
    AuditSystemCallTypeSELECT              AuditSystemCallType = "select"
    AuditSystemCallTypeSCHEDYIELD          AuditSystemCallType = "sched_yield"
    AuditSystemCallTypeMREMAP              AuditSystemCallType = "mremap"
    AuditSystemCallTypeMSYNC               AuditSystemCallType = "msync"
    AuditSystemCallTypeMINCORE             AuditSystemCallType = "mincore"
    AuditSystemCallTypeMADVISE             AuditSystemCallType = "madvise"
    AuditSystemCallTypeSHMGET              AuditSystemCallType = "shmget"
    AuditSystemCallTypeSHMAT               AuditSystemCallType = "shmat"
    AuditSystemCallTypeSHMCTL              AuditSystemCallType = "shmctl"
    AuditSystemCallTypeDUP                 AuditSystemCallType = "dup"
    AuditSystemCallTypeDUP2                AuditSystemCallType = "dup2"
    AuditSystemCallTypePAUSE               AuditSystemCallType = "pause"
    AuditSystemCallTypeNANOSLEEP           AuditSystemCallType = "nanosleep"
    AuditSystemCallTypeGETITIMER           AuditSystemCallType = "getitimer"
    AuditSystemCallTypeALARM               AuditSystemCallType = "alarm"
    AuditSystemCallTypeSETITIMER           AuditSystemCallType = "setitimer"
    AuditSystemCallTypeGETPID              AuditSystemCallType = "getpid"
    AuditSystemCallTypeSENDFILE            AuditSystemCallType = "sendfile"
    AuditSystemCallTypeSOCKET              AuditSystemCallType = "socket"
    AuditSystemCallTypeCONNECT             AuditSystemCallType = "connect"
    AuditSystemCallTypeACCEPT              AuditSystemCallType = "accept"
    AuditSystemCallTypeSENDTO              AuditSystemCallType = "sendto"
    AuditSystemCallTypeRECVFROM            AuditSystemCallType = "recvfrom"
    AuditSystemCallTypeSENDMSG             AuditSystemCallType = "sendmsg"
    AuditSystemCallTypeRECVMSG             AuditSystemCallType = "recvmsg"
    AuditSystemCallTypeSHUTDOWN            AuditSystemCallType = "shutdown"
    AuditSystemCallTypeBIND                AuditSystemCallType = "bind"
    AuditSystemCallTypeLISTEN              AuditSystemCallType = "listen"
    AuditSystemCallTypeGETSOCKNAME         AuditSystemCallType = "getsockname"
    AuditSystemCallTypeGETPEERNAME         AuditSystemCallType = "getpeername"
    AuditSystemCallTypeSOCKETPAIR          AuditSystemCallType = "socketpair"
    AuditSystemCallTypeSETSOCKOPT          AuditSystemCallType = "setsockopt"
    AuditSystemCallTypeGETSOCKOPT          AuditSystemCallType = "getsockopt"
    AuditSystemCallTypeCLONE               AuditSystemCallType = "clone"
    AuditSystemCallTypeFORK                AuditSystemCallType = "fork"
    AuditSystemCallTypeVFORK               AuditSystemCallType = "vfork"
    AuditSystemCallTypeEXECVE              AuditSystemCallType = "execve"
    AuditSystemCallTypeEXIT                AuditSystemCallType = "exit"
    AuditSystemCallTypeWAIT4               AuditSystemCallType = "wait4"
    AuditSystemCallTypeKILL                AuditSystemCallType = "kill"
    AuditSystemCallTypeUNAME               AuditSystemCallType = "uname"
    AuditSystemCallTypeSEMGET              AuditSystemCallType = "semget"
    AuditSystemCallTypeSEMOP               AuditSystemCallType = "semop"
    AuditSystemCallTypeSEMCTL              AuditSystemCallType = "semctl"
    AuditSystemCallTypeSHMDT               AuditSystemCallType = "shmdt"
    AuditSystemCallTypeMSGGET              AuditSystemCallType = "msgget"
    AuditSystemCallTypeMSGSND              AuditSystemCallType = "msgsnd"
    AuditSystemCallTypeMSGRCV              AuditSystemCallType = "msgrcv"
    AuditSystemCallTypeMSGCTL              AuditSystemCallType = "msgctl"
    AuditSystemCallTypeFCNTL               AuditSystemCallType = "fcntl"
    AuditSystemCallTypeFLOCK               AuditSystemCallType = "flock"
    AuditSystemCallTypeFSYNC               AuditSystemCallType = "fsync"
    AuditSystemCallTypeFDATASYNC           AuditSystemCallType = "fdatasync"
    AuditSystemCallTypeTRUNCATE            AuditSystemCallType = "truncate"
    AuditSystemCallTypeFTRUNCATE           AuditSystemCallType = "ftruncate"
    AuditSystemCallTypeGETDENTS            AuditSystemCallType = "getdents"
    AuditSystemCallTypeGETCWD              AuditSystemCallType = "getcwd"
    AuditSystemCallTypeCHDIR               AuditSystemCallType = "chdir"
    AuditSystemCallTypeFCHDIR              AuditSystemCallType = "fchdir"
    AuditSystemCallTypeRENAME              AuditSystemCallType = "rename"
    AuditSystemCallTypeMKDIR               AuditSystemCallType = "mkdir"
    AuditSystemCallTypeRMDIR               AuditSystemCallType = "rmdir"
    AuditSystemCallTypeCREAT               AuditSystemCallType = "creat"
    AuditSystemCallTypeLINK                AuditSystemCallType = "link"
    AuditSystemCallTypeUNLINK              AuditSystemCallType = "unlink"
    AuditSystemCallTypeSYMLINK             AuditSystemCallType = "symlink"
    AuditSystemCallTypeREADLINK            AuditSystemCallType = "readlink"
    AuditSystemCallTypeCHMOD               AuditSystemCallType = "chmod"
    AuditSystemCallTypeFCHMOD              AuditSystemCallType = "fchmod"
    AuditSystemCallTypeCHOWN               AuditSystemCallType = "chown"
    AuditSystemCallTypeFCHOWN              AuditSystemCallType = "fchown"
    AuditSystemCallTypeLCHOWN              AuditSystemCallType = "lchown"
    AuditSystemCallTypeUMASK               AuditSystemCallType = "umask"
    AuditSystemCallTypeGETTIMEOFDAY        AuditSystemCallType = "gettimeofday"
    AuditSystemCallTypeGETRLIMIT           AuditSystemCallType = "getrlimit"
    AuditSystemCallTypeGETRUSAGE           AuditSystemCallType = "getrusage"
    AuditSystemCallTypeSYSINFO             AuditSystemCallType = "sysinfo"
    AuditSystemCallTypeTIMES               AuditSystemCallType = "times"
    AuditSystemCallTypePTRACE              AuditSystemCallType = "ptrace"
    AuditSystemCallTypeGETUID              AuditSystemCallType = "getuid"
    AuditSystemCallTypeSYSLOG              AuditSystemCallType = "syslog"
    AuditSystemCallTypeGETGID              AuditSystemCallType = "getgid"
    AuditSystemCallTypeSETUID              AuditSystemCallType = "setuid"
    AuditSystemCallTypeSETGID              AuditSystemCallType = "setgid"
    AuditSystemCallTypeGETEUID             AuditSystemCallType = "geteuid"
    AuditSystemCallTypeGETEGID             AuditSystemCallType = "getegid"
    AuditSystemCallTypeSETPGID             AuditSystemCallType = "setpgid"
    AuditSystemCallTypeGETPPID             AuditSystemCallType = "getppid"
    AuditSystemCallTypeGETPGRP             AuditSystemCallType = "getpgrp"
    AuditSystemCallTypeSETSID              AuditSystemCallType = "setsid"
    AuditSystemCallTypeSETREUID            AuditSystemCallType = "setreuid"
    AuditSystemCallTypeSETREGID            AuditSystemCallType = "setregid"
    AuditSystemCallTypeGETGROUPS           AuditSystemCallType = "getgroups"
    AuditSystemCallTypeSETGROUPS           AuditSystemCallType = "setgroups"
    AuditSystemCallTypeSETRESUID           AuditSystemCallType = "setresuid"
    AuditSystemCallTypeGETRESUID           AuditSystemCallType = "getresuid"
    AuditSystemCallTypeSETRESGID           AuditSystemCallType = "setresgid"
    AuditSystemCallTypeGETRESGID           AuditSystemCallType = "getresgid"
    AuditSystemCallTypeGETPGID             AuditSystemCallType = "getpgid"
    AuditSystemCallTypeSETFSUID            AuditSystemCallType = "setfsuid"
    AuditSystemCallTypeSETFSGID            AuditSystemCallType = "setfsgid"
    AuditSystemCallTypeGETSID              AuditSystemCallType = "getsid"
    AuditSystemCallTypeCAPGET              AuditSystemCallType = "capget"
    AuditSystemCallTypeCAPSET              AuditSystemCallType = "capset"
    AuditSystemCallTypeRTSIGPENDING        AuditSystemCallType = "rt_sigpending"
    AuditSystemCallTypeRTSIGTIMEDWAIT      AuditSystemCallType = "rt_sigtimedwait"
    AuditSystemCallTypeRTSIGQUEUEINFO      AuditSystemCallType = "rt_sigqueueinfo"
    AuditSystemCallTypeRTSIGSUSPEND        AuditSystemCallType = "rt_sigsuspend"
    AuditSystemCallTypeSIGALTSTACK         AuditSystemCallType = "sigaltstack"
    AuditSystemCallTypeUTIME               AuditSystemCallType = "utime"
    AuditSystemCallTypeMKNOD               AuditSystemCallType = "mknod"
    AuditSystemCallTypeUSELIB              AuditSystemCallType = "uselib"
    AuditSystemCallTypePERSONALITY         AuditSystemCallType = "personality"
    AuditSystemCallTypeUSTAT               AuditSystemCallType = "ustat"
    AuditSystemCallTypeSTATFS              AuditSystemCallType = "statfs"
    AuditSystemCallTypeFSTATFS             AuditSystemCallType = "fstatfs"
    AuditSystemCallTypeSYSFS               AuditSystemCallType = "sysfs"
    AuditSystemCallTypeGETPRIORITY         AuditSystemCallType = "getpriority"
    AuditSystemCallTypeSETPRIORITY         AuditSystemCallType = "setpriority"
    AuditSystemCallTypeSCHEDSETPARAM       AuditSystemCallType = "sched_setparam"
    AuditSystemCallTypeSCHEDGETPARAM       AuditSystemCallType = "sched_getparam"
    AuditSystemCallTypeSCHEDSETSCHEDULER   AuditSystemCallType = "sched_setscheduler"
    AuditSystemCallTypeSCHEDGETSCHEDULER   AuditSystemCallType = "sched_getscheduler"
    AuditSystemCallTypeSCHEDGETPRIORITYMAX AuditSystemCallType = "sched_get_priority_max"
    AuditSystemCallTypeSCHEDGETPRIORITYMIN AuditSystemCallType = "sched_get_priority_min"
    AuditSystemCallTypeSCHEDRRGETINTERVAL  AuditSystemCallType = "sched_rr_get_interval"
    AuditSystemCallTypeMLOCK               AuditSystemCallType = "mlock"
    AuditSystemCallTypeMUNLOCK             AuditSystemCallType = "munlock"
    AuditSystemCallTypeMLOCKALL            AuditSystemCallType = "mlockall"
    AuditSystemCallTypeMUNLOCKALL          AuditSystemCallType = "munlockall"
    AuditSystemCallTypeVHANGUP             AuditSystemCallType = "vhangup"
    AuditSystemCallTypeMODIFYLDT           AuditSystemCallType = "modify_ldt"
    AuditSystemCallTypePIVOTROOT           AuditSystemCallType = "pivot_root"
    AuditSystemCallTypeSYSCTL              AuditSystemCallType = "_sysctl"
    AuditSystemCallTypePRCTL               AuditSystemCallType = "prctl"
    AuditSystemCallTypeARCHPRCTL           AuditSystemCallType = "arch_prctl"
    AuditSystemCallTypeADJTIMEX            AuditSystemCallType = "adjtimex"
    AuditSystemCallTypeSETRLIMIT           AuditSystemCallType = "setrlimit"
    AuditSystemCallTypeCHROOT              AuditSystemCallType = "chroot"
    AuditSystemCallTypeSYNC                AuditSystemCallType = "sync"
    AuditSystemCallTypeACCT                AuditSystemCallType = "acct"
    AuditSystemCallTypeSETTIMEOFDAY        AuditSystemCallType = "settimeofday"
    AuditSystemCallTypeMOUNT               AuditSystemCallType = "mount"
    AuditSystemCallTypeUMOUNT2             AuditSystemCallType = "umount2"
    AuditSystemCallTypeSWAPON              AuditSystemCallType = "swapon"
    AuditSystemCallTypeSWAPOFF             AuditSystemCallType = "swapoff"
    AuditSystemCallTypeREBOOT              AuditSystemCallType = "reboot"
    AuditSystemCallTypeSETHOSTNAME         AuditSystemCallType = "sethostname"
    AuditSystemCallTypeSETDOMAINNAME       AuditSystemCallType = "setdomainname"
    AuditSystemCallTypeIOPL                AuditSystemCallType = "iopl"
    AuditSystemCallTypeIOPERM              AuditSystemCallType = "ioperm"
    AuditSystemCallTypeCREATEMODULE        AuditSystemCallType = "create_module"
    AuditSystemCallTypeINITMODULE          AuditSystemCallType = "init_module"
    AuditSystemCallTypeDELETEMODULE        AuditSystemCallType = "delete_module"
    AuditSystemCallTypeGETKERNELSYMS       AuditSystemCallType = "get_kernel_syms"
    AuditSystemCallTypeQUERYMODULE         AuditSystemCallType = "query_module"
    AuditSystemCallTypeQUOTACTL            AuditSystemCallType = "quotactl"
    AuditSystemCallTypeNFSSERVCTL          AuditSystemCallType = "nfsservctl"
    AuditSystemCallTypeGETPMSG             AuditSystemCallType = "getpmsg"
    AuditSystemCallTypePUTPMSG             AuditSystemCallType = "putpmsg"
    AuditSystemCallTypeAFSSYSCALL          AuditSystemCallType = "afs_syscall"
    AuditSystemCallTypeTUXCALL             AuditSystemCallType = "tuxcall"
    AuditSystemCallTypeSECURITY            AuditSystemCallType = "security"
    AuditSystemCallTypeGETTID              AuditSystemCallType = "gettid"
    AuditSystemCallTypeREADAHEAD           AuditSystemCallType = "readahead"
    AuditSystemCallTypeSETXATTR            AuditSystemCallType = "setxattr"
    AuditSystemCallTypeLSETXATTR           AuditSystemCallType = "lsetxattr"
    AuditSystemCallTypeFSETXATTR           AuditSystemCallType = "fsetxattr"
    AuditSystemCallTypeGETXATTR            AuditSystemCallType = "getxattr"
    AuditSystemCallTypeLGETXATTR           AuditSystemCallType = "lgetxattr"
    AuditSystemCallTypeFGETXATTR           AuditSystemCallType = "fgetxattr"
    AuditSystemCallTypeLISTXATTR           AuditSystemCallType = "listxattr"
    AuditSystemCallTypeLLISTXATTR          AuditSystemCallType = "llistxattr"
    AuditSystemCallTypeFLISTXATTR          AuditSystemCallType = "flistxattr"
    AuditSystemCallTypeREMOVEXATTR         AuditSystemCallType = "removexattr"
    AuditSystemCallTypeLREMOVEXATTR        AuditSystemCallType = "lremovexattr"
    AuditSystemCallTypeFREMOVEXATTR        AuditSystemCallType = "fremovexattr"
    AuditSystemCallTypeTKILL               AuditSystemCallType = "tkill"
    AuditSystemCallTypeTIME                AuditSystemCallType = "time"
    AuditSystemCallTypeFUTEX               AuditSystemCallType = "futex"
    AuditSystemCallTypeSCHEDSETAFFINITY    AuditSystemCallType = "sched_setaffinity"
    AuditSystemCallTypeSCHEDGETAFFINITY    AuditSystemCallType = "sched_getaffinity"
    AuditSystemCallTypeSETTHREADAREA       AuditSystemCallType = "set_thread_area"
    AuditSystemCallTypeIOSETUP             AuditSystemCallType = "io_setup"
    AuditSystemCallTypeIODESTROY           AuditSystemCallType = "io_destroy"
    AuditSystemCallTypeIOGETEVENTS         AuditSystemCallType = "io_getevents"
    AuditSystemCallTypeIOSUBMIT            AuditSystemCallType = "io_submit"
    AuditSystemCallTypeIOCANCEL            AuditSystemCallType = "io_cancel"
    AuditSystemCallTypeGETTHREADAREA       AuditSystemCallType = "get_thread_area"
    AuditSystemCallTypeLOOKUPDCOOKIE       AuditSystemCallType = "lookup_dcookie"
    AuditSystemCallTypeEPOLLCREATE         AuditSystemCallType = "epoll_create"
    AuditSystemCallTypeEPOLLCTLOLD         AuditSystemCallType = "epoll_ctl_old"
    AuditSystemCallTypeEPOLLWAITOLD        AuditSystemCallType = "epoll_wait_old"
    AuditSystemCallTypeREMAPFILEPAGES      AuditSystemCallType = "remap_file_pages"
    AuditSystemCallTypeGETDENTS64          AuditSystemCallType = "getdents64"
    AuditSystemCallTypeSETTIDADDRESS       AuditSystemCallType = "set_tid_address"
    AuditSystemCallTypeRESTARTSYSCALL      AuditSystemCallType = "restart_syscall"
    AuditSystemCallTypeSEMTIMEDOP          AuditSystemCallType = "semtimedop"
    AuditSystemCallTypeFADVISE64           AuditSystemCallType = "fadvise64"
    AuditSystemCallTypeTIMERCREATE         AuditSystemCallType = "timer_create"
    AuditSystemCallTypeTIMERSETTIME        AuditSystemCallType = "timer_settime"
    AuditSystemCallTypeTIMERGETTIME        AuditSystemCallType = "timer_gettime"
    AuditSystemCallTypeTIMERGETOVERRUN     AuditSystemCallType = "timer_getoverrun"
    AuditSystemCallTypeTIMERDELETE         AuditSystemCallType = "timer_delete"
    AuditSystemCallTypeCLOCKSETTIME        AuditSystemCallType = "clock_settime"
    AuditSystemCallTypeCLOCKGETTIME        AuditSystemCallType = "clock_gettime"
    AuditSystemCallTypeCLOCKGETRES         AuditSystemCallType = "clock_getres"
    AuditSystemCallTypeCLOCKNANOSLEEP      AuditSystemCallType = "clock_nanosleep"
    AuditSystemCallTypeEXITGROUP           AuditSystemCallType = "exit_group"
    AuditSystemCallTypeEPOLLWAIT           AuditSystemCallType = "epoll_wait"
    AuditSystemCallTypeEPOLLCTL            AuditSystemCallType = "epoll_ctl"
    AuditSystemCallTypeTGKILL              AuditSystemCallType = "tgkill"
    AuditSystemCallTypeUTIMES              AuditSystemCallType = "utimes"
    AuditSystemCallTypeVSERVER             AuditSystemCallType = "vserver"
    AuditSystemCallTypeMBIND               AuditSystemCallType = "mbind"
    AuditSystemCallTypeSETMEMPOLICY        AuditSystemCallType = "set_mempolicy"
    AuditSystemCallTypeGETMEMPOLICY        AuditSystemCallType = "get_mempolicy"
    AuditSystemCallTypeMQOPEN              AuditSystemCallType = "mq_open"
    AuditSystemCallTypeMQUNLINK            AuditSystemCallType = "mq_unlink"
    AuditSystemCallTypeMQTIMEDSEND         AuditSystemCallType = "mq_timedsend"
    AuditSystemCallTypeMQTIMEDRECEIVE      AuditSystemCallType = "mq_timedreceive"
    AuditSystemCallTypeMQNOTIFY            AuditSystemCallType = "mq_notify"
    AuditSystemCallTypeMQGETSETATTR        AuditSystemCallType = "mq_getsetattr"
    AuditSystemCallTypeKEXECLOAD           AuditSystemCallType = "kexec_load"
    AuditSystemCallTypeWAITID              AuditSystemCallType = "waitid"
    AuditSystemCallTypeADDKEY              AuditSystemCallType = "add_key"
    AuditSystemCallTypeREQUESTKEY          AuditSystemCallType = "request_key"
    AuditSystemCallTypeKEYCTL              AuditSystemCallType = "keyctl"
    AuditSystemCallTypeIOPRIOSET           AuditSystemCallType = "ioprio_set"
    AuditSystemCallTypeIOPRIOGET           AuditSystemCallType = "ioprio_get"
    AuditSystemCallTypeINOTIFYINIT         AuditSystemCallType = "inotify_init"
    AuditSystemCallTypeINOTIFYADDWATCH     AuditSystemCallType = "inotify_add_watch"
    AuditSystemCallTypeINOTIFYRMWATCH      AuditSystemCallType = "inotify_rm_watch"
    AuditSystemCallTypeMIGRATEPAGES        AuditSystemCallType = "migrate_pages"
    AuditSystemCallTypeOPENAT              AuditSystemCallType = "openat"
    AuditSystemCallTypeMKDIRAT             AuditSystemCallType = "mkdirat"
    AuditSystemCallTypeMKNODAT             AuditSystemCallType = "mknodat"
    AuditSystemCallTypeFCHOWNAT            AuditSystemCallType = "fchownat"
    AuditSystemCallTypeFUTIMESAT           AuditSystemCallType = "futimesat"
    AuditSystemCallTypeNEWFSTATAT          AuditSystemCallType = "newfstatat"
    AuditSystemCallTypeUNLINKAT            AuditSystemCallType = "unlinkat"
    AuditSystemCallTypeRENAMEAT            AuditSystemCallType = "renameat"
    AuditSystemCallTypeLINKAT              AuditSystemCallType = "linkat"
    AuditSystemCallTypeSYMLINKAT           AuditSystemCallType = "symlinkat"
    AuditSystemCallTypeREADLINKAT          AuditSystemCallType = "readlinkat"
    AuditSystemCallTypeFCHMODAT            AuditSystemCallType = "fchmodat"
    AuditSystemCallTypeFACCESSAT           AuditSystemCallType = "faccessat"
    AuditSystemCallTypePSELECT6            AuditSystemCallType = "pselect6"
    AuditSystemCallTypePPOLL               AuditSystemCallType = "ppoll"
    AuditSystemCallTypeUNSHARE             AuditSystemCallType = "unshare"
    AuditSystemCallTypeSETROBUSTLIST       AuditSystemCallType = "set_robust_list"
    AuditSystemCallTypeGETROBUSTLIST       AuditSystemCallType = "get_robust_list"
    AuditSystemCallTypeSPLICE              AuditSystemCallType = "splice"
    AuditSystemCallTypeTEE                 AuditSystemCallType = "tee"
    AuditSystemCallTypeSYNCFILERANGE       AuditSystemCallType = "sync_file_range"
    AuditSystemCallTypeVMSPLICE            AuditSystemCallType = "vmsplice"
    AuditSystemCallTypeMOVEPAGES           AuditSystemCallType = "move_pages"
    AuditSystemCallTypeUTIMENSAT           AuditSystemCallType = "utimensat"
    AuditSystemCallTypeEPOLLPWAIT          AuditSystemCallType = "epoll_pwait"
    AuditSystemCallTypeSIGNALFD            AuditSystemCallType = "signalfd"
    AuditSystemCallTypeTIMERFDCREATE       AuditSystemCallType = "timerfd_create"
    AuditSystemCallTypeEVENTFD             AuditSystemCallType = "eventfd"
    AuditSystemCallTypeFALLOCATE           AuditSystemCallType = "fallocate"
    AuditSystemCallTypeTIMERFDSETTIME      AuditSystemCallType = "timerfd_settime"
    AuditSystemCallTypeTIMERFDGETTIME      AuditSystemCallType = "timerfd_gettime"
    AuditSystemCallTypeACCEPT4             AuditSystemCallType = "accept4"
    AuditSystemCallTypeSIGNALFD4           AuditSystemCallType = "signalfd4"
    AuditSystemCallTypeEVENTFD2            AuditSystemCallType = "eventfd2"
    AuditSystemCallTypeEPOLLCREATE1        AuditSystemCallType = "epoll_create1"
    AuditSystemCallTypeDUP3                AuditSystemCallType = "dup3"
    AuditSystemCallTypePIPE2               AuditSystemCallType = "pipe2"
    AuditSystemCallTypeINOTIFYINIT1        AuditSystemCallType = "inotify_init1"
    AuditSystemCallTypePREADV              AuditSystemCallType = "preadv"
    AuditSystemCallTypePWRITEV             AuditSystemCallType = "pwritev"
    AuditSystemCallTypeRTTGSIGQUEUEINFO    AuditSystemCallType = "rt_tgsigqueueinfo"
    AuditSystemCallTypePERFEVENTOPEN       AuditSystemCallType = "perf_event_open"
    AuditSystemCallTypeRECVMMSG            AuditSystemCallType = "recvmmsg"
    AuditSystemCallTypeFANOTIFYINIT        AuditSystemCallType = "fanotify_init"
    AuditSystemCallTypeFANOTIFYMARK        AuditSystemCallType = "fanotify_mark"
    AuditSystemCallTypePRLIMIT64           AuditSystemCallType = "prlimit64"
    AuditSystemCallTypeNAMETOHANDLEAT      AuditSystemCallType = "name_to_handle_at"
    AuditSystemCallTypeOPENBYHANDLEAT      AuditSystemCallType = "open_by_handle_at"
    AuditSystemCallTypeCLOCKADJTIME        AuditSystemCallType = "clock_adjtime"
    AuditSystemCallTypeSYNCFS              AuditSystemCallType = "syncfs"
    AuditSystemCallTypeSENDMMSG            AuditSystemCallType = "sendmmsg"
    AuditSystemCallTypeSETNS               AuditSystemCallType = "setns"
    AuditSystemCallTypeGETCPU              AuditSystemCallType = "getcpu"
    AuditSystemCallTypePROCESSVMREADV      AuditSystemCallType = "process_vm_readv"
    AuditSystemCallTypePROCESSVMWRITEV     AuditSystemCallType = "process_vm_writev"
    AuditSystemCallTypeKCMP                AuditSystemCallType = "kcmp"
    AuditSystemCallTypeFINITMODULE         AuditSystemCallType = "finit_module"
    AuditSystemCallTypeSTIME               AuditSystemCallType = "stime"
)

Values of AuditSystemCallType.

func AuditSystemCallTypeFromString Uses

func AuditSystemCallTypeFromString(value string) (AuditSystemCallType, error)

AuditSystemCallTypeFromString returns the AuditSystemCallType from a given string value.

func (AuditSystemCallType) Validate Uses

func (a AuditSystemCallType) Validate(attribute string) error

Validate validates the AuditSystemCallType

type CapabilitiesActionType Uses

type CapabilitiesActionType int

CapabilitiesActionType is add or drop

const (
    CapabilitiesActionTypeAdd CapabilitiesActionType = iota
    CapabilitiesActionTypeDrop
)

Values for CapabilitiesActionType

type CapabilitiesType Uses

type CapabilitiesType string

CapabilitiesType is the type of capabilities.

const (
    CapabilitiesTypeAuditControl   CapabilitiesType = "AUDIT_CONTROL"
    CapabilitiesTypeAuditRead      CapabilitiesType = "AUDIT_READ"
    CapabilitiesTypeAuditWrite     CapabilitiesType = "AUDIT_WRITE"
    CapabilitiesTypeBlockSuspend   CapabilitiesType = "BLOCK_SUSPEND"
    CapabilitiesTypeChown          CapabilitiesType = "CHOWN"
    CapabilitiesTypeDacOverride    CapabilitiesType = "DAC_OVERRIDE"
    CapabilitiesTypeReadSearch     CapabilitiesType = "DAC_READ_SEARCH"
    CapabilitiesTypeFowner         CapabilitiesType = "FOWNER"
    CapabilitiesTypeFsetid         CapabilitiesType = "FSETID"
    CapabilitiesTypeIPCLock        CapabilitiesType = "IPC_LOCK"
    CapabilitiesTypeIPCOwner       CapabilitiesType = "IPC_OWNER"
    CapabilitiesTypeKill           CapabilitiesType = "KILL"
    CapabilitiesTypeLease          CapabilitiesType = "LEASE"
    CapabilitiesTypeLinuxImmutable CapabilitiesType = "LINUX_IMMUTABLE"
    CapabilitiesTypeMacAdmin       CapabilitiesType = "MAC_ADMIN"
    CapabilitiesTypeMacOverride    CapabilitiesType = "MAC_OVERRIDE"
    CapabilitiesTypeMknod          CapabilitiesType = "MKNOD"
    CapabilitiesTypeNetAdmin       CapabilitiesType = "NET_ADMIN"
    CapabilitiesTypeNetBindService CapabilitiesType = "NET_BIND_SERVICE"
    CapabilitiesTypeNetBroadcast   CapabilitiesType = "NET_BROADCAST"
    CapabilitiesTypeNetRaw         CapabilitiesType = "NET_RAW"
    CapabilitiesTypeSetGid         CapabilitiesType = "SETGID"
    CapabilitiesTypeSetFcap        CapabilitiesType = "SETFCAP"
    CapabilitiesTypeSetPcap        CapabilitiesType = "SETPCAP"
    CapabilitiesTypeSetUID         CapabilitiesType = "SETUID"
    CapabilitiesTypeSysAdmin       CapabilitiesType = "SYS_ADMIN"
    CapabilitiesTypeSysBoot        CapabilitiesType = "SYS_BOOT"
    CapabilitiesTypeSysChroot      CapabilitiesType = "SYS_CHROOT"
    CapabilitiesTypeSysModule      CapabilitiesType = "SYS_MODULE"
    CapabilitiesTypeSysNice        CapabilitiesType = "SYS_NICE"
    CapabilitiesTypeSysPacct       CapabilitiesType = "SYS_PACCT"
    CapabilitiesTypeSysPtrace      CapabilitiesType = "SYS_PTRACE"
    CapabilitiesTypeSysRawIO       CapabilitiesType = "SYS_RAWIO"
    CapabilitiesTypeSysResource    CapabilitiesType = "SYS_RESOURCE"
    CapabilitiesTypeSysTime        CapabilitiesType = "SYS_TIME"
    CapabilitiesTypeSysTTYConfig   CapabilitiesType = "SYS_TTY_CONFIG"
    CapabilitiesTypeCapSyslog      CapabilitiesType = "SYSLOG"
    CapabilitiesTypeWakeAlarm      CapabilitiesType = "WAKE_ALARM"
)

Values of CapabilitiesType.

func (CapabilitiesType) Validate Uses

func (c CapabilitiesType) Validate() error

Validate validates the capabilities.

type CapabilitiesTypeMap Uses

type CapabilitiesTypeMap map[CapabilitiesType]CapabilitiesActionType

CapabilitiesTypeMap is a list of capabilities.

func (CapabilitiesTypeMap) Validate Uses

func (c CapabilitiesTypeMap) Validate() error

Validate validates a capabilities type list.

type FileWatchRule Uses

type FileWatchRule struct {
    Path        string                 `msgpack:"path" bson:"path" json:"path"`
    Permissions []AuditFilePermissions `msgpack:"permissions" bson:"permissions" json:"permissions"`
}

FileWatchRule is used to audit access to particular files or directories that you may be interested in.

func (*FileWatchRule) Validate Uses

func (r *FileWatchRule) Validate() error

Validate validates the filewathc rule.

type MidgardClaims Uses

type MidgardClaims struct {
    Realm        string                     `msgpack:"realm" json:"realm"`
    Quota        int                        `msgpack:"quota,omitempty" json:"quota,omitempty"`
    Data         map[string]string          `msgpack:"data" json:"data"`
    Opaque       map[string]string          `msgpack:"opaque,omitempty" json:"opaque,omitempty"`
    Restrictions *MidgardClaimsRestrictions `msgpack:"restrictions,omitempty" json:"restrictions,omitempty"`

    jwt.StandardClaims
}

MidgardClaims is a struct to represeting the data some a Midgard issued claims.

func NewMidgardClaims Uses

func NewMidgardClaims() *MidgardClaims

NewMidgardClaims returns a new Claims.

type MidgardClaimsRestrictions Uses

type MidgardClaimsRestrictions struct {
    Permissions []string `msgpack:"perms,omitempty" json:"perms,omitempty"`
    Namespace   string   `msgpack:"namespace,omitempty" json:"namespace,omitempty"`
    Networks    []string `msgpack:"networks,omitempty" json:"networks,omitempty"`
}

MidgardClaimsRestrictions represents permissions restrictions declared in the token.

type ServiceToken Uses

type ServiceToken struct {
    User    map[string]interface{} `json:"user,omitempty"`
    Service map[string]interface{} `json:"service,omitempty"`

    jwt.StandardClaims
}

ServiceToken is a struct to represent the service tokens issued by the system.

type SyscallEnforcementAction Uses

type SyscallEnforcementAction int

SyscallEnforcementAction is the action type.

const (
    SyscallEnforcementActionKill SyscallEnforcementAction = iota
    SyscallEnforcementActionErrno
    SyscallEnforcementActionTrap
    SyscallEnforcementActionAllow
    SyscallEnforcementActionTrace
)

Values of SyscallEnforcementAction.

func (SyscallEnforcementAction) Validate Uses

func (s SyscallEnforcementAction) Validate() error

Validate validates a syslcall enforcement action.

type SyscallEnforcementOperator Uses

type SyscallEnforcementOperator int

SyscallEnforcementOperator is a comparison operator to be used when matching syscall arguments in Seccomp./

const (
    SyscallEnforcementOperatorEqualTo SyscallEnforcementOperator = iota
    SyscallEnforcementOperatorNotEqualTo
    SyscallEnforcementOperatorGreaterThan
    SyscallEnforcementOperatorGreaterThanOrEqualTo
    SyscallEnforcementOperatorLessThan
    SyscallEnforcementOperatorLessThanOrEqualTo
    SyscallEnforcementOperatorMaskEqualTo
)

Values of SyscallEnforcementOperator.

func (SyscallEnforcementOperator) Validate Uses

func (s SyscallEnforcementOperator) Validate() error

Validate validates the syscall enforcement operator

type SyscallEnforcementRule Uses

type SyscallEnforcementRule struct {
    DefaultAction SyscallEnforcementAction  `msgpack:"action" json:"action"`
    Args          []*SyscallEnforcermentArg `msgpack:"args" json:"args"`
}

SyscallEnforcementRule is a rule to match a syscall in Seccomp.

func (*SyscallEnforcementRule) Validate Uses

func (s *SyscallEnforcementRule) Validate() error

Validate validates a syscall enforcement rule.

type SyscallEnforcementRulesMap Uses

type SyscallEnforcementRulesMap map[AuditSystemCallType]*SyscallEnforcementRule

SyscallEnforcementRulesMap is a list of SyscallEnforcementRule.

func (SyscallEnforcementRulesMap) Validate Uses

func (s SyscallEnforcementRulesMap) Validate() error

Validate validates a SyscallEnforcementRulesMap

type SyscallEnforcermentArg Uses

type SyscallEnforcermentArg struct {
    Index    uint
    Value    uint64                     `msgpack:"value" json:"value"`
    ValueTwo uint64                     `msgpack:"valueTwo" json:"valueTwo"`
    Op       SyscallEnforcementOperator `msgpack:"op" json:"op"`
    Action   SyscallEnforcementAction
}

SyscallEnforcermentArg is a rule to match a specific syscall argument in Seccomp.

func (*SyscallEnforcermentArg) Validate Uses

func (s *SyscallEnforcermentArg) Validate() error

Validate validates the syscall enforcement arguments.

type SyscallRule Uses

type SyscallRule struct {
    List     AuditFilterListType   `msgpack:"list" json:"list"`
    Action   AuditFilterActionType `msgpack:"action" json:"action"`
    Filters  []AuditFilterSpec     `msgpack:"filters" json:"filters"`
    Syscalls []AuditSystemCallType `msgpack:"syscalls" json:"syscalls"`
}

SyscallRule is used to audit invocations of specific syscalls.

func (*SyscallRule) Validate Uses

func (r *SyscallRule) Validate() error

Validate validates the filewathc rule.

Package types imports 4 packages (graph) and is imported by 2 packages. Updated 2020-06-16. Refresh now. Tools for package owners.