@ -5,6 +5,7 @@ import (
"fmt"
"fmt"
"io/ioutil"
"io/ioutil"
"path"
"path"
"strings"
"github.com/subgraph/oz/network"
"github.com/subgraph/oz/network"
) )
@ -42,9 +43,12 @@ type Profile struct {
Environment [ ] EnvVar
Environment [ ] EnvVar
// Networking
// Networking
Networking NetworkProfile
Networking NetworkProfile
// Seccomp
Seccomp SeccompConf
} }
type AudioMode string type AudioMode string
const ( const (
PROFILE_AUDIO_NONE AudioMode = "none"
PROFILE_AUDIO_NONE AudioMode = "none"
PROFILE_AUDIO_SPEAKER AudioMode = "speaker"
PROFILE_AUDIO_SPEAKER AudioMode = "speaker"
@ -62,6 +66,13 @@ type XServerConf struct {
AudioMode AudioMode ` json:"audio_mode" `
AudioMode AudioMode ` json:"audio_mode" `
} }
type SeccompConf struct {
Mode string
Enforce bool
Seccomp_Whitelist string
Seccomp_Blacklist string
}
type WhitelistItem struct { type WhitelistItem struct {
Path string
Path string
ReadOnly bool ` json:"read_only" `
ReadOnly bool ` json:"read_only" `
@ -157,6 +168,8 @@ func LoadProfiles(dir string) (Profiles, error) {
for _ , f := range fs {
for _ , f := range fs {
if ! f . IsDir ( ) {
if ! f . IsDir ( ) {
name := path . Join ( dir , f . Name ( ) )
name := path . Join ( dir , f . Name ( ) )
if strings . Contains ( f . Name ( ) , ".json" ) {
p , err := loadProfileFile ( name )
p , err := loadProfileFile ( name )
if err != nil {
if err != nil {
return nil , fmt . Errorf ( "error loading '%s': %v" , f . Name ( ) , err )
return nil , fmt . Errorf ( "error loading '%s': %v" , f . Name ( ) , err )
@ -164,6 +177,7 @@ func LoadProfiles(dir string) (Profiles, error) {
ps = append ( ps , p )
ps = append ( ps , p )
}
}
}
}
}
loadedProfiles = ps
loadedProfiles = ps
return ps , nil
return ps , nil
dma
10 years ago