lockdown

package
v1.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 7, 2026 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DisableSudoLockdown 

func DisableSudoLockdown(cfg *SudoLockdownConfig, logger *slog.Logger) error

DisableSudoLockdown removes the sudoers lockdown configuration, restores disabled sudoers.d files, and re-adds the user to removed groups.

func EnableSudoLockdown 

func EnableSudoLockdown(cfg *SudoLockdownConfig, logger *slog.Logger) error

EnableSudoLockdown configures sudoers to restrict what commands can be run with sudo, removes the target user from sudo-granting and docker groups, and disables competing sudoers.d files.

Types

type SudoLockdownConfig 

type SudoLockdownConfig struct {
	// AllowCommands is a list of command paths to whitelist via NOPASSWD
	AllowCommands []string
	// Username is the user to configure sudoers for (auto-detected if empty)
	Username string
}

SudoLockdownConfig configures the sudo lockdown behavior

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.