Home Esplora Aiuto
Registrati Accedi
zhouyuhuan
/
Cloudpods
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Albero (Tree): 4e53efd173
Rami (Branch) Tag
Cloudpods
/
backend
/
vendor
/
github.com
/
opencontainers
/
runc
/
libcontainer
/
keys
/
keyctl.go

keyctl.go 1.0 KB
Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445 
  1. package keys
    2. 

  2. 

  3. import (
    4. 

  4. 	"errors"
    5. 

  5. 	"fmt"
    6. 

  6. 	"strconv"
    7. 

  7. 	"strings"
    8. 

  8. 

  9. 	"golang.org/x/sys/unix"
    10. 

  10. )
    11. 

  11. 

  12. type KeySerial uint32
    13. 

  13. 

  14. func JoinSessionKeyring(name string) (KeySerial, error) {
    15. 

  15. 	sessKeyID, err := unix.KeyctlJoinSessionKeyring(name)
    16. 

  16. 	if err != nil {
    17. 

  17. 		return 0, fmt.Errorf("unable to create session key: %w", err)
    18. 

  18. 	}
    19. 

  19. 	return KeySerial(sessKeyID), nil
    20. 

  20. }
    21. 

  21. 

  22. // ModKeyringPerm modifies permissions on a keyring by reading the current permissions,
    23. 

  23. // anding the bits with the given mask (clearing permissions) and setting
    24. 

  24. // additional permission bits
    25. 

  25. func ModKeyringPerm(ringID KeySerial, mask, setbits uint32) error {
    26. 

  26. 	dest, err := unix.KeyctlString(unix.KEYCTL_DESCRIBE, int(ringID))
    27. 

  27. 	if err != nil {
    28. 

  28. 		return err
    29. 

  29. 	}
    30. 

  30. 

  31. 	res := strings.Split(dest, ";")
    32. 

  32. 	if len(res) < 5 {
    33. 

  33. 		return errors.New("Destination buffer for key description is too small")
    34. 

  34. 	}
    35. 

  35. 

  36. 	// parse permissions
    37. 

  37. 	perm64, err := strconv.ParseUint(res[3], 16, 32)
    38. 

  38. 	if err != nil {
    39. 

  39. 		return err
    40. 

  40. 	}
    41. 

  41. 

  42. 	perm := (uint32(perm64) & mask) | setbits
    43. 

  43. 

  44. 	return unix.KeyctlSetperm(int(ringID), perm)
    45. 

  45. }
    46.