mirror of
https://github.com/containers/podman.git
synced 2025-12-01 02:27:13 +08:00
feb36e4fe6
* Added flags to point to TLS PEM files to use for exposing and connecting to an encrypted remote API socket with server and client authentication. * Added TLS fields for system connection ls templates. * Added special "tls" format for system connection ls to list TLS fields in human-readable table format. * Updated remote integration and system tests to allow specifying a "transport" to run the full suite against a unix, tcp, tls, or mtls system service. * Added system tests to verify basic operation of unix, tcp, tls, and mtls services, clients, and connections. Signed-off-by: Andrew Melnick <meln5674.5674@gmail.com>
29 lines
587 B
Go
29 lines
587 B
Go
//go:build seccomp
|
|
|
|
package seccomp
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
)
|
|
|
|
// ValidateProfile does a basic validation for the provided seccomp profile
|
|
// string.
|
|
func ValidateProfile(content string) error {
|
|
profile := &Seccomp{}
|
|
if err := json.Unmarshal([]byte(content), &profile); err != nil {
|
|
return fmt.Errorf("decoding seccomp profile: %w", err)
|
|
}
|
|
|
|
spec, err := setupSeccomp(profile, nil)
|
|
if err != nil {
|
|
return fmt.Errorf("create seccomp spec: %w", err)
|
|
}
|
|
|
|
if _, err := BuildFilter(spec); err != nil {
|
|
return fmt.Errorf("build seccomp filter: %w", err)
|
|
}
|
|
|
|
return nil
|
|
}
|