opencontainers/runc
1
0
Fork 0
mirror of https://github.com/opencontainers/runc.git synced 2025-04-18 19:44:09 +03:00
Code

libct/apparmor: don't use vars for public functions

Browse Source 
Unfortunately, Go documentation formatter does a sloppy job formatting
documentation for variables -- it is rendered as comments (see [1]).

Switch to using wrapper functions, solely for the sake of better
documentation formatting.

[1]: https://pkg.go.dev/github.com/opencontainers/runc@v1.3.0-rc.2/libcontainer/apparmor

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
This commit is contained in:
Kir Kolyshkin 2025-04-14 13:59:39 -07:00
parent 021973353f
commit 5f4d3f3670
2 changed files with 15 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
libcontainer/apparmor/apparmor.go
View File

@ -2,15 +2,17 @@ package apparmor
import "errors"
var (
// IsEnabled returns true if apparmor is enabled for the host.
IsEnabled = isEnabled
// IsEnabled returns true if apparmor is enabled for the host.
func IsEnabled() bool {
return isEnabled()
}
// ApplyProfile will apply the profile with the specified name to the process after
// the next exec. It is only supported on Linux and produces an ErrApparmorNotEnabled
// on other platforms.
ApplyProfile = applyProfile
// ApplyProfile will apply the profile with the specified name to the process
// after the next exec. It is only supported on Linux and produces an
// [ErrApparmorNotEnabled] on other platforms.
func ApplyProfile(name string) error {
return applyProfile(name)
}
// ErrApparmorNotEnabled indicates that AppArmor is not enabled or not supported.
ErrApparmorNotEnabled = errors.New("apparmor: config provided but apparmor not supported")
)
// ErrApparmorNotEnabled indicates that AppArmor is not enabled or not supported.
var ErrApparmorNotEnabled = errors.New("apparmor: config provided but apparmor not supported")

7
libcontainer/apparmor/apparmor_linux.go
View File

@ -53,7 +53,7 @@ func setProcAttr(attr, value string) error {
return err
}
// changeOnExec reimplements aa_change_onexec from libapparmor in Go
// changeOnExec reimplements aa_change_onexec from libapparmor in Go.
func changeOnExec(name string) error {
if err := setProcAttr("exec", "exec "+name); err != nil {
return fmt.Errorf("apparmor failed to apply profile: %w", err)
@ -61,9 +61,8 @@ func changeOnExec(name string) error {
return nil
}
// applyProfile will apply the profile with the specified name to the process after
// the next exec. It is only supported on Linux and produces an error on other
// platforms.
// applyProfile will apply the profile with the specified name to the process
// after the next exec.
func applyProfile(name string) error {
if name == "" {
return nil