mirror of
https://github.com/opencontainers/runc.git
synced 2025-12-24 11:50:58 +08:00
627054d246
This silences all of the "should have a package comment" lint warnings from golangci-lint. Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
37 lines
987 B
Go
37 lines
987 B
Go
// key_label is a simple program to print the current session keyring name and
|
|
// its security label, to be run inside container (see selinux.bats). Can be
|
|
// thought of poor man's keyctl. Written in Go so we can have a static binary
|
|
// (a program in C would require libkeyutils which is usually provided only as
|
|
// a dynamic library).
|
|
//
|
|
// This tool is only intended to be used within runc's integration tests.
|
|
package main
|
|
|
|
import (
|
|
"log"
|
|
"strings"
|
|
|
|
"golang.org/x/sys/unix"
|
|
)
|
|
|
|
func main() {
|
|
id, err := unix.KeyctlGetKeyringID(unix.KEY_SPEC_SESSION_KEYRING, false)
|
|
if err != nil {
|
|
log.Fatalf("GetKeyringID: %v", err)
|
|
}
|
|
|
|
desc, err := unix.KeyctlString(unix.KEYCTL_DESCRIBE, id)
|
|
if err != nil {
|
|
log.Fatalf("KeyctlDescribe: %v", err)
|
|
}
|
|
// keyring;1000;1000;3f030000;_ses
|
|
name := desc[strings.LastIndexByte(desc, ';')+1:]
|
|
|
|
label, err := unix.KeyctlString(unix.KEYCTL_GET_SECURITY, id)
|
|
if err != nil {
|
|
log.Fatalf("KeyctlGetSecurity: %v", err)
|
|
}
|
|
|
|
println(name, label)
|
|
}
|