containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
podman/vendor/github.com/seccomp/libseccomp-golang
History
cdoern 2792e598c7 podman cgroup enhancement 
currently, setting any sort of resource limit in a pod does nothing. With the newly refactored creation process in c/common, podman ca now set resources at a pod level
meaning that resource related flags can now be exposed to podman pod create.

cgroupfs and systemd are both supported with varying completion. cgroupfs is a much simpler process and one that is virtually complete for all resource types, the flags now just need to be added. systemd on the other hand
has to be handeled via the dbus api meaning that the limits need to be passed as recognized properties to systemd. The properties added so far are the ones that podman pod create supports as well as `cpuset-mems` as this will
be the next flag I work on.

Signed-off-by: Charlie Doern <cdoern@redhat.com>
 		2022-06-24 15:39:15 -04:00
..
.gitignore migrate to go-modules 2019-06-24 13:20:59 +02:00
.golangci.yml Bump github.com/opencontainers/runc from 1.1.2 to 1.1.3 2022-06-09 12:15:39 +00:00
CHANGELOG podman cgroup enhancement 2022-06-24 15:39:15 -04:00
CONTRIBUTING.md Bump github.com/opencontainers/runc from 1.1.2 to 1.1.3 2022-06-09 12:15:39 +00:00
LICENSE Initial checkin from CRI-O repo 2017-11-01 11:24:59 -04:00
Makefile Bump github.com/opencontainers/runc from 1.1.2 to 1.1.3 2022-06-09 12:15:39 +00:00
README.md podman cgroup enhancement 2022-06-24 15:39:15 -04:00
SECURITY.md podman cgroup enhancement 2022-06-24 15:39:15 -04:00
go.mod Switch to containers/common for seccomp 2020-08-27 21:14:59 +02:00
go.sum Bump github.com/opencontainers/runc from 1.1.2 to 1.1.3 2022-06-09 12:15:39 +00:00
seccomp.go podman cgroup enhancement 2022-06-24 15:39:15 -04:00
seccomp_internal.go podman cgroup enhancement 2022-06-24 15:39:15 -04:00

README.md

libseccomp Golang Bindings

https://github.com/seccomp/libseccomp-golang

Go Reference validate test

The libseccomp library provides an easy to use, platform independent, interface to the Linux Kernel's syscall filtering mechanism. The libseccomp API is designed to abstract away the underlying BPF based syscall filter language and present a more conventional function-call based filtering interface that should be familiar to, and easily adopted by, application developers.

The libseccomp-golang library provides a Go based interface to the libseccomp library.

Online Resources

The library source repository currently lives on GitHub at the following URLs:

Documentation for this package is also available at:

Verifying Releases

Starting with libseccomp-golang v0.10.0, the git tag corresponding to each release should be signed by one of the libseccomp-golang maintainers. It is recommended that before use you verify the release tags using the following command:

% git tag -v <tag>

At present, only the following keys, specified via the fingerprints below, are authorized to sign official libseccomp-golang release tags:

Paul Moore <paul@paul-moore.com>
7100 AADF AE6E 6E94 0D2E  0AD6 55E4 5A5A E8CA 7C8A

Tom Hromatka <tom.hromatka@oracle.com>
47A6 8FCE 37C7 D702 4FD6  5E11 356C E62C 2B52 4099

Kir Kolyshkin <kolyshkin@gmail.com>
C242 8CD7 5720 FACD CF76  B6EA 17DE 5ECB 75A1 100E

More information on GnuPG and git tag verification can be found at their respective websites: https://git-scm.com/docs/git and https://gnupg.org.

Installing the package

% go get github.com/seccomp/libseccomp-golang

Contributing

See CONTRIBUTING.md.