mirror of
				https://gitea.com/Lydanne/buildx.git
				synced 2025-10-26 05:33:43 +08:00 
			
		
		
		
	
		
			
				
	
	
		
			269 lines
		
	
	
		
			8.5 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
			
		
		
	
	
			269 lines
		
	
	
		
			8.5 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
| // Copyright (c) 2013, Suryandaru Triandana <syndtr@gmail.com>
 | |
| // All rights reserved.
 | |
| //
 | |
| // Use of this source code is governed by a BSD-style license that can be
 | |
| // found in the LICENSE file.
 | |
| 
 | |
| package capability
 | |
| 
 | |
| type CapType uint
 | |
| 
 | |
| func (c CapType) String() string {
 | |
| 	switch c {
 | |
| 	case EFFECTIVE:
 | |
| 		return "effective"
 | |
| 	case PERMITTED:
 | |
| 		return "permitted"
 | |
| 	case INHERITABLE:
 | |
| 		return "inheritable"
 | |
| 	case BOUNDING:
 | |
| 		return "bounding"
 | |
| 	case CAPS:
 | |
| 		return "caps"
 | |
| 	case AMBIENT:
 | |
| 		return "ambient"
 | |
| 	}
 | |
| 	return "unknown"
 | |
| }
 | |
| 
 | |
| const (
 | |
| 	EFFECTIVE CapType = 1 << iota
 | |
| 	PERMITTED
 | |
| 	INHERITABLE
 | |
| 	BOUNDING
 | |
| 	AMBIENT
 | |
| 
 | |
| 	CAPS   = EFFECTIVE | PERMITTED | INHERITABLE
 | |
| 	BOUNDS = BOUNDING
 | |
| 	AMBS   = AMBIENT
 | |
| )
 | |
| 
 | |
| //go:generate go run enumgen/gen.go
 | |
| type Cap int
 | |
| 
 | |
| // POSIX-draft defined capabilities.
 | |
| const (
 | |
| 	// In a system with the [_POSIX_CHOWN_RESTRICTED] option defined, this
 | |
| 	// overrides the restriction of changing file ownership and group
 | |
| 	// ownership.
 | |
| 	CAP_CHOWN = Cap(0)
 | |
| 
 | |
| 	// Override all DAC access, including ACL execute access if
 | |
| 	// [_POSIX_ACL] is defined. Excluding DAC access covered by
 | |
| 	// CAP_LINUX_IMMUTABLE.
 | |
| 	CAP_DAC_OVERRIDE = Cap(1)
 | |
| 
 | |
| 	// Overrides all DAC restrictions regarding read and search on files
 | |
| 	// and directories, including ACL restrictions if [_POSIX_ACL] is
 | |
| 	// defined. Excluding DAC access covered by CAP_LINUX_IMMUTABLE.
 | |
| 	CAP_DAC_READ_SEARCH = Cap(2)
 | |
| 
 | |
| 	// Overrides all restrictions about allowed operations on files, where
 | |
| 	// file owner ID must be equal to the user ID, except where CAP_FSETID
 | |
| 	// is applicable. It doesn't override MAC and DAC restrictions.
 | |
| 	CAP_FOWNER = Cap(3)
 | |
| 
 | |
| 	// Overrides the following restrictions that the effective user ID
 | |
| 	// shall match the file owner ID when setting the S_ISUID and S_ISGID
 | |
| 	// bits on that file; that the effective group ID (or one of the
 | |
| 	// supplementary group IDs) shall match the file owner ID when setting
 | |
| 	// the S_ISGID bit on that file; that the S_ISUID and S_ISGID bits are
 | |
| 	// cleared on successful return from chown(2) (not implemented).
 | |
| 	CAP_FSETID = Cap(4)
 | |
| 
 | |
| 	// Overrides the restriction that the real or effective user ID of a
 | |
| 	// process sending a signal must match the real or effective user ID
 | |
| 	// of the process receiving the signal.
 | |
| 	CAP_KILL = Cap(5)
 | |
| 
 | |
| 	// Allows setgid(2) manipulation
 | |
| 	// Allows setgroups(2)
 | |
| 	// Allows forged gids on socket credentials passing.
 | |
| 	CAP_SETGID = Cap(6)
 | |
| 
 | |
| 	// Allows set*uid(2) manipulation (including fsuid).
 | |
| 	// Allows forged pids on socket credentials passing.
 | |
| 	CAP_SETUID = Cap(7)
 | |
| 
 | |
| 	// Linux-specific capabilities
 | |
| 
 | |
| 	// Without VFS support for capabilities:
 | |
| 	//   Transfer any capability in your permitted set to any pid,
 | |
| 	//   remove any capability in your permitted set from any pid
 | |
| 	// With VFS support for capabilities (neither of above, but)
 | |
| 	//   Add any capability from current's capability bounding set
 | |
| 	//     to the current process' inheritable set
 | |
| 	//   Allow taking bits out of capability bounding set
 | |
| 	//   Allow modification of the securebits for a process
 | |
| 	CAP_SETPCAP = Cap(8)
 | |
| 
 | |
| 	// Allow modification of S_IMMUTABLE and S_APPEND file attributes
 | |
| 	CAP_LINUX_IMMUTABLE = Cap(9)
 | |
| 
 | |
| 	// Allows binding to TCP/UDP sockets below 1024
 | |
| 	// Allows binding to ATM VCIs below 32
 | |
| 	CAP_NET_BIND_SERVICE = Cap(10)
 | |
| 
 | |
| 	// Allow broadcasting, listen to multicast
 | |
| 	CAP_NET_BROADCAST = Cap(11)
 | |
| 
 | |
| 	// Allow interface configuration
 | |
| 	// Allow administration of IP firewall, masquerading and accounting
 | |
| 	// Allow setting debug option on sockets
 | |
| 	// Allow modification of routing tables
 | |
| 	// Allow setting arbitrary process / process group ownership on
 | |
| 	// sockets
 | |
| 	// Allow binding to any address for transparent proxying (also via NET_RAW)
 | |
| 	// Allow setting TOS (type of service)
 | |
| 	// Allow setting promiscuous mode
 | |
| 	// Allow clearing driver statistics
 | |
| 	// Allow multicasting
 | |
| 	// Allow read/write of device-specific registers
 | |
| 	// Allow activation of ATM control sockets
 | |
| 	CAP_NET_ADMIN = Cap(12)
 | |
| 
 | |
| 	// Allow use of RAW sockets
 | |
| 	// Allow use of PACKET sockets
 | |
| 	// Allow binding to any address for transparent proxying (also via NET_ADMIN)
 | |
| 	CAP_NET_RAW = Cap(13)
 | |
| 
 | |
| 	// Allow locking of shared memory segments
 | |
| 	// Allow mlock and mlockall (which doesn't really have anything to do
 | |
| 	// with IPC)
 | |
| 	CAP_IPC_LOCK = Cap(14)
 | |
| 
 | |
| 	// Override IPC ownership checks
 | |
| 	CAP_IPC_OWNER = Cap(15)
 | |
| 
 | |
| 	// Insert and remove kernel modules - modify kernel without limit
 | |
| 	CAP_SYS_MODULE = Cap(16)
 | |
| 
 | |
| 	// Allow ioperm/iopl access
 | |
| 	// Allow sending USB messages to any device via /proc/bus/usb
 | |
| 	CAP_SYS_RAWIO = Cap(17)
 | |
| 
 | |
| 	// Allow use of chroot()
 | |
| 	CAP_SYS_CHROOT = Cap(18)
 | |
| 
 | |
| 	// Allow ptrace() of any process
 | |
| 	CAP_SYS_PTRACE = Cap(19)
 | |
| 
 | |
| 	// Allow configuration of process accounting
 | |
| 	CAP_SYS_PACCT = Cap(20)
 | |
| 
 | |
| 	// Allow configuration of the secure attention key
 | |
| 	// Allow administration of the random device
 | |
| 	// Allow examination and configuration of disk quotas
 | |
| 	// Allow setting the domainname
 | |
| 	// Allow setting the hostname
 | |
| 	// Allow calling bdflush()
 | |
| 	// Allow mount() and umount(), setting up new smb connection
 | |
| 	// Allow some autofs root ioctls
 | |
| 	// Allow nfsservctl
 | |
| 	// Allow VM86_REQUEST_IRQ
 | |
| 	// Allow to read/write pci config on alpha
 | |
| 	// Allow irix_prctl on mips (setstacksize)
 | |
| 	// Allow flushing all cache on m68k (sys_cacheflush)
 | |
| 	// Allow removing semaphores
 | |
| 	// Used instead of CAP_CHOWN to "chown" IPC message queues, semaphores
 | |
| 	// and shared memory
 | |
| 	// Allow locking/unlocking of shared memory segment
 | |
| 	// Allow turning swap on/off
 | |
| 	// Allow forged pids on socket credentials passing
 | |
| 	// Allow setting readahead and flushing buffers on block devices
 | |
| 	// Allow setting geometry in floppy driver
 | |
| 	// Allow turning DMA on/off in xd driver
 | |
| 	// Allow administration of md devices (mostly the above, but some
 | |
| 	// extra ioctls)
 | |
| 	// Allow tuning the ide driver
 | |
| 	// Allow access to the nvram device
 | |
| 	// Allow administration of apm_bios, serial and bttv (TV) device
 | |
| 	// Allow manufacturer commands in isdn CAPI support driver
 | |
| 	// Allow reading non-standardized portions of pci configuration space
 | |
| 	// Allow DDI debug ioctl on sbpcd driver
 | |
| 	// Allow setting up serial ports
 | |
| 	// Allow sending raw qic-117 commands
 | |
| 	// Allow enabling/disabling tagged queuing on SCSI controllers and sending
 | |
| 	// arbitrary SCSI commands
 | |
| 	// Allow setting encryption key on loopback filesystem
 | |
| 	// Allow setting zone reclaim policy
 | |
| 	CAP_SYS_ADMIN = Cap(21)
 | |
| 
 | |
| 	// Allow use of reboot()
 | |
| 	CAP_SYS_BOOT = Cap(22)
 | |
| 
 | |
| 	// Allow raising priority and setting priority on other (different
 | |
| 	// UID) processes
 | |
| 	// Allow use of FIFO and round-robin (realtime) scheduling on own
 | |
| 	// processes and setting the scheduling algorithm used by another
 | |
| 	// process.
 | |
| 	// Allow setting cpu affinity on other processes
 | |
| 	CAP_SYS_NICE = Cap(23)
 | |
| 
 | |
| 	// Override resource limits. Set resource limits.
 | |
| 	// Override quota limits.
 | |
| 	// Override reserved space on ext2 filesystem
 | |
| 	// Modify data journaling mode on ext3 filesystem (uses journaling
 | |
| 	// resources)
 | |
| 	// NOTE: ext2 honors fsuid when checking for resource overrides, so
 | |
| 	// you can override using fsuid too
 | |
| 	// Override size restrictions on IPC message queues
 | |
| 	// Allow more than 64hz interrupts from the real-time clock
 | |
| 	// Override max number of consoles on console allocation
 | |
| 	// Override max number of keymaps
 | |
| 	CAP_SYS_RESOURCE = Cap(24)
 | |
| 
 | |
| 	// Allow manipulation of system clock
 | |
| 	// Allow irix_stime on mips
 | |
| 	// Allow setting the real-time clock
 | |
| 	CAP_SYS_TIME = Cap(25)
 | |
| 
 | |
| 	// Allow configuration of tty devices
 | |
| 	// Allow vhangup() of tty
 | |
| 	CAP_SYS_TTY_CONFIG = Cap(26)
 | |
| 
 | |
| 	// Allow the privileged aspects of mknod()
 | |
| 	CAP_MKNOD = Cap(27)
 | |
| 
 | |
| 	// Allow taking of leases on files
 | |
| 	CAP_LEASE = Cap(28)
 | |
| 
 | |
| 	CAP_AUDIT_WRITE   = Cap(29)
 | |
| 	CAP_AUDIT_CONTROL = Cap(30)
 | |
| 	CAP_SETFCAP       = Cap(31)
 | |
| 
 | |
| 	// Override MAC access.
 | |
| 	// The base kernel enforces no MAC policy.
 | |
| 	// An LSM may enforce a MAC policy, and if it does and it chooses
 | |
| 	// to implement capability based overrides of that policy, this is
 | |
| 	// the capability it should use to do so.
 | |
| 	CAP_MAC_OVERRIDE = Cap(32)
 | |
| 
 | |
| 	// Allow MAC configuration or state changes.
 | |
| 	// The base kernel requires no MAC configuration.
 | |
| 	// An LSM may enforce a MAC policy, and if it does and it chooses
 | |
| 	// to implement capability based checks on modifications to that
 | |
| 	// policy or the data required to maintain it, this is the
 | |
| 	// capability it should use to do so.
 | |
| 	CAP_MAC_ADMIN = Cap(33)
 | |
| 
 | |
| 	// Allow configuring the kernel's syslog (printk behaviour)
 | |
| 	CAP_SYSLOG = Cap(34)
 | |
| 
 | |
| 	// Allow triggering something that will wake the system
 | |
| 	CAP_WAKE_ALARM = Cap(35)
 | |
| 
 | |
| 	// Allow preventing system suspends
 | |
| 	CAP_BLOCK_SUSPEND = Cap(36)
 | |
| 
 | |
| 	// Allow reading audit messages from the kernel
 | |
| 	CAP_AUDIT_READ = Cap(37)
 | |
| )
 | |
| 
 | |
| var (
 | |
| 	// Highest valid capability of the running kernel.
 | |
| 	CAP_LAST_CAP = Cap(63)
 | |
| 
 | |
| 	capUpperMask = ^uint32(0)
 | |
| )
 | 
