Documentation ¶
Overview ¶
Binary runsc is an implementation of the Open Container Initiative Runtime that runs applications inside a sandbox.
Directories ¶
Path | Synopsis |
---|---|
Package boot loads the kernel and runs the application.
|
Package boot loads the kernel and runs the application. |
filter
Package filter defines all syscalls the sandbox is allowed to make to the host, and installs seccomp filters to prevent prohibited syscalls in case it's compromised.
|
Package filter defines all syscalls the sandbox is allowed to make to the host, and installs seccomp filters to prevent prohibited syscalls in case it's compromised. |
Package cmd holds implementations of the runsc commands.
|
Package cmd holds implementations of the runsc commands. |
Package fsgofer implements p9.File giving access to local files using a simple mapping from a path prefix that is added to the path requested by the sandbox.
|
Package fsgofer implements p9.File giving access to local files using a simple mapping from a path prefix that is added to the path requested by the sandbox. |
Package sandbox creates and manipulates sandboxes.
|
Package sandbox creates and manipulates sandboxes. |
Package specutils contains utility functions for working with OCI runtime specs.
|
Package specutils contains utility functions for working with OCI runtime specs. |
Click to show internal directories.
Click to hide internal directories.