FlatImage
A configurable Linux containerization system
Loading...
Searching...
No Matches
Classes | Typedefs | Functions | Variables
ns_reserved::ns_unshare Namespace Reference

Unshare namespace options bitfield management in reserved space. More...

Classes

class  Unshares
 Manages FlatImage unshare options stored in reserved space. More...
 

Typedefs

using Bits = uint16_t
 

Functions

 ENUM (Unshare, ALL, USER, IPC, PID, NET, UTS, CGROUP)
 
Value< void > bit_set (Bits &bits, Unshare const &unshare, bool value) noexcept
 Sets a bit unshare option with the target value.
 
std::set< std::string > to_strings (Bits const &bits) noexcept
 Creates a set of lowercase string unshare option representations.
 
Value< void > write (fs::path const &path_file_binary, Bits const &bits) noexcept
 Write the Bits struct to the given binary.
 
Value< Bits > read (fs::path const &path_file_binary) noexcept
 Read the Bits struct from the given binary.
 

Variables

std::map< Unshare, Bits > const unshare_mask
 

Detailed Description

Unshare namespace options bitfield management in reserved space.

This namespace manages the namespace unshare options for bubblewrap. It provides operations for setting, adding, removing, and querying unshare options such as user, ipc, pid, net, uts, and cgroup namespaces. Options default to zero (no unsharing), and must be explicitly enabled by the user.

Note: USER and CGROUP options will use the '-try' variants in bwrap for permissiveness.

Typedef Documentation

◆ Bits

using ns_reserved::ns_unshare::Bits = uint16_t

Definition at line 42 of file unshare.hpp.

Function Documentation

◆ bit_set()

Value< void > ns_reserved::ns_unshare::bit_set ( Bits & bits,
Unshare const & unshare,
bool value )
inlinenodiscardnoexcept

Sets a bit unshare option with the target value.

Parameters
bitsUnshare bits
unshareUnshare option to change in the bits
valueValue to set the target unshare option
Returns
Value<void> Nothing on success, or the respective error

Definition at line 66 of file unshare.hpp.

◆ read()

Value< Bits > ns_reserved::ns_unshare::read ( fs::path const & path_file_binary)
inlinenoexcept

Read the Bits struct from the given binary.

Parameters
path_file_binaryBinary which to read the Bits struct from
Returns
The Bits struct on success, or the respective error

Definition at line 118 of file unshare.hpp.

Here is the call graph for this function:
Here is the caller graph for this function:

◆ to_strings()

std::set< std::string > ns_reserved::ns_unshare::to_strings ( Bits const & bits)
inlinenodiscardnoexcept

Creates a set of lowercase string unshare option representations.

Parameters
bitsUnshare bits
Returns
std::set<std::string> The string unshare option list

Definition at line 82 of file unshare.hpp.

◆ write()

Value< void > ns_reserved::ns_unshare::write ( fs::path const & path_file_binary,
Bits const & bits )
inlinenoexcept

Write the Bits struct to the given binary.

Parameters
path_file_binaryBinary in which to write the Bits struct
bitsThe bits struct to write into the binary
Returns
Value<void> Nothing on success, or the respective error

Definition at line 104 of file unshare.hpp.

Here is the call graph for this function:
Here is the caller graph for this function:

Variable Documentation

◆ unshare_mask

std::map<Unshare,Bits> const ns_reserved::ns_unshare::unshare_mask
inline
Initial value:
=
{
{Unshare::USER, Bits{1} << 0},
{Unshare::IPC, Bits{1} << 1},
{Unshare::PID, Bits{1} << 2},
{Unshare::NET, Bits{1} << 3},
{Unshare::UTS, Bits{1} << 4},
{Unshare::CGROUP, Bits{1} << 5},
}

Definition at line 48 of file unshare.hpp.