mirrors/talos
1
0
Fork 0
mirror of https://github.com/siderolabs/talos.git synced 2025-11-04 02:11:12 +01:00
Code Issues Packages Projects Releases Wiki Activity
talos/internal/pkg/capability/capability.go
Utku Ozdemir f55f5df739
feat: move dashboard package & run it in tty2 
Move dashboard package into a common location where both Talos and talosctl can use it.

Add support for overriding stdin, stdout, stderr and ctt in process runner.

Create a dashboard service which runs the dashboard on /dev/tty2.

Redirect kernel messages to tty1 and switch to tty2 after starting the dashboard on it.

Related to siderolabs/talos#6841, siderolabs/talos#4791.

Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
2023-02-28 12:00:25 +01:00

55 lines
1.6 KiB
Go
Raw Blame History

// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
// Package capability provides utility functions to work with capabilities.
package capability
import (
"strings"
"github.com/siderolabs/gen/maps"
"kernel.org/pub/linux/libs/security/libcap/cap"
"github.com/siderolabs/talos/pkg/machinery/constants"
)
// AllCapabilitiesSet returns the set of all available capabilities.
//
// Returned capabilities are in UPPERCASE.
func AllCapabilitiesSet() map[string]struct{} {
capabilities := make(map[string]struct{})
for v := cap.Value(0); v < cap.MaxBits(); v++ {
if set, _ := cap.GetBound(v); set { //nolint:errcheck
capabilities[strings.ToUpper(v.String())] = struct{}{}
}
}
return capabilities
}
// AllCapabilitiesSetLowercase returns the set of all available capabilities.
//
// Returned capabilities are in lowercase.
func AllCapabilitiesSetLowercase() map[string]struct{} {
return maps.Map(AllCapabilitiesSet(),
func(capability string, _ struct{}) (string, struct{}) {
return strings.ToLower(capability), struct{}{}
})
}
// AllGrantableCapabilities returns list of capabilities that can be granted to the container based on
// process bounding capabilities.
//
// Returned capabilities are in UPPERCASE.
func AllGrantableCapabilities() []string {
allCapabilities := AllCapabilitiesSet()
for dropped := range constants.DefaultDroppedCapabilities {
delete(allCapabilities, strings.ToUpper(dropped))
}
return maps.Keys(allCapabilities)
}
Reference in New Issue View Git Blame Copy Permalink