Build and install from GOPATH

* Rename 'vendor/src' -> 'vendor' * Ignore vendor/ instead of vendor/src/ for lint * Rename 'cmd/client' -> 'cmd/ocic' to make it 'go install'able * Rename 'cmd/server' -> 'cmd/ocid' to make it 'go install'able * Update Makefile to build and install from GOPATH * Update tests to locate ocid/ocic in GOPATH/bin * Search for binaries in GOPATH/bin instead of PATH * Install tools using `go get -u`, so they are updated on each run Signed-off-by: Jonathan Yu <jawnsy@redhat.com>
2017-01-17 11:57:35 -08:00 · 2017-01-17 11:57:35 -08:00 · 6c9628cdb1
commit 6c9628cdb1
parent 9da2882d49
1111 changed files with 70 additions and 61 deletions
--- a/vendor/github.com/opencontainers/runtime-tools/generate/seccomp/parse_remove.go
+++ b/vendor/github.com/opencontainers/runtime-tools/generate/seccomp/parse_remove.go
@ -0,0 +1,68 @@
+package seccomp
+
+import (
+	"fmt"
+	"reflect"
+	"strings"
+
+	rspec "github.com/opencontainers/runtime-spec/specs-go"
+)
+
+// RemoveAction takes the argument string that was passed with the --remove flag,
+// parses it, and updates the Seccomp config accordingly
+func RemoveAction(arguments string, config *rspec.Seccomp) error {
+	if config == nil {
+		return fmt.Errorf("Cannot remove action from nil Seccomp pointer")
+	}
+
+	var syscallsToRemove []string
+	if strings.Contains(arguments, ",") {
+		syscallsToRemove = strings.Split(arguments, ",")
+	} else {
+		syscallsToRemove = append(syscallsToRemove, arguments)
+	}
+
+	for _, syscall := range syscallsToRemove {
+		for counter, syscallStruct := range config.Syscalls {
+			if syscallStruct.Name == syscall {
+				config.Syscalls = append(config.Syscalls[:counter], config.Syscalls[counter+1:]...)
+			}
+		}
+	}
+	return nil
+}
+
+// RemoveAllSeccompRules removes all seccomp syscall rules
+func RemoveAllSeccompRules(config *rspec.Seccomp) error {
+	if config == nil {
+		return fmt.Errorf("Cannot remove action from nil Seccomp pointer")
+	}
+	newSyscallSlice := []rspec.Syscall{}
+	config.Syscalls = newSyscallSlice
+	return nil
+}
+
+// RemoveAllMatchingRules will remove any syscall rules that match the specified action
+func RemoveAllMatchingRules(config *rspec.Seccomp, action string) error {
+	if config == nil {
+		return fmt.Errorf("Cannot remove action from nil Seccomp pointer")
+	}
+
+	seccompAction, err := parseAction(action)
+	if err != nil {
+		return err
+	}
+
+	syscallsToRemove := []string{}
+	for _, syscall := range config.Syscalls {
+		if reflect.DeepEqual(syscall.Action, seccompAction) {
+			syscallsToRemove = append(syscallsToRemove, syscall.Name)
+		}
+	}
+
+	for i := range syscallsToRemove {
+		RemoveAction(syscallsToRemove[i], config)
+	}
+
+	return nil
+}