2020-03-18 17:24:33 +08:00
|
|
|
/*
|
|
|
|
|
* v1_security_context.h
|
|
|
|
|
*
|
|
|
|
|
* SecurityContext holds security configuration that will be applied to a container. Some fields are present in both SecurityContext and PodSecurityContext. When both are set, the values in SecurityContext take precedence.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#ifndef _v1_security_context_H_
|
|
|
|
|
#define _v1_security_context_H_
|
|
|
|
|
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include "../external/cJSON.h"
|
|
|
|
|
#include "../include/list.h"
|
|
|
|
|
#include "../include/keyValuePair.h"
|
2020-06-20 09:41:15 +08:00
|
|
|
#include "../include/binary.h"
|
|
|
|
|
|
|
|
|
|
typedef struct v1_security_context_t v1_security_context_t;
|
|
|
|
|
|
2024-05-18 13:20:54 +00:00
|
|
|
#include "v1_app_armor_profile.h"
|
2020-03-18 17:24:33 +08:00
|
|
|
#include "v1_capabilities.h"
|
|
|
|
|
#include "v1_se_linux_options.h"
|
2021-09-14 21:52:06 +08:00
|
|
|
#include "v1_seccomp_profile.h"
|
2020-03-18 17:24:33 +08:00
|
|
|
#include "v1_windows_security_context_options.h"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
typedef struct v1_security_context_t {
|
|
|
|
|
int allow_privilege_escalation; //boolean
|
2024-05-18 13:20:54 +00:00
|
|
|
struct v1_app_armor_profile_t *app_armor_profile; //model
|
2020-03-18 17:24:33 +08:00
|
|
|
struct v1_capabilities_t *capabilities; //model
|
|
|
|
|
int privileged; //boolean
|
|
|
|
|
char *proc_mount; // string
|
|
|
|
|
int read_only_root_filesystem; //boolean
|
|
|
|
|
long run_as_group; //numeric
|
|
|
|
|
int run_as_non_root; //boolean
|
|
|
|
|
long run_as_user; //numeric
|
|
|
|
|
struct v1_se_linux_options_t *se_linux_options; //model
|
2021-09-14 21:52:06 +08:00
|
|
|
struct v1_seccomp_profile_t *seccomp_profile; //model
|
2020-03-18 17:24:33 +08:00
|
|
|
struct v1_windows_security_context_options_t *windows_options; //model
|
|
|
|
|
|
2025-02-11 19:36:46 +00:00
|
|
|
int _library_owned; // Is the library responsible for freeing this object?
|
2020-03-18 17:24:33 +08:00
|
|
|
} v1_security_context_t;
|
|
|
|
|
|
2025-02-11 19:36:46 +00:00
|
|
|
__attribute__((deprecated)) v1_security_context_t *v1_security_context_create(
|
2020-03-18 17:24:33 +08:00
|
|
|
int allow_privilege_escalation,
|
2024-05-18 13:20:54 +00:00
|
|
|
v1_app_armor_profile_t *app_armor_profile,
|
2020-03-18 17:24:33 +08:00
|
|
|
v1_capabilities_t *capabilities,
|
|
|
|
|
int privileged,
|
|
|
|
|
char *proc_mount,
|
|
|
|
|
int read_only_root_filesystem,
|
|
|
|
|
long run_as_group,
|
|
|
|
|
int run_as_non_root,
|
|
|
|
|
long run_as_user,
|
|
|
|
|
v1_se_linux_options_t *se_linux_options,
|
2021-09-14 21:52:06 +08:00
|
|
|
v1_seccomp_profile_t *seccomp_profile,
|
2020-03-18 17:24:33 +08:00
|
|
|
v1_windows_security_context_options_t *windows_options
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
void v1_security_context_free(v1_security_context_t *v1_security_context);
|
|
|
|
|
|
|
|
|
|
v1_security_context_t *v1_security_context_parseFromJSON(cJSON *v1_security_contextJSON);
|
|
|
|
|
|
|
|
|
|
cJSON *v1_security_context_convertToJSON(v1_security_context_t *v1_security_context);
|
|
|
|
|
|
|
|
|
|
#endif /* _v1_security_context_H_ */
|
|
|
|
|
|
