diff options
| author | Daniel J Walsh <dwalsh@redhat.com> | 2020-12-21 10:10:47 -0500 |
|---|---|---|
| committer | Daniel J Walsh <dwalsh@redhat.com> | 2020-12-22 08:13:14 -0500 |
| commit | 04b43ccf64dd5166539743b44a95c9921ddc8a9f (patch) | |
| tree | f72eacef4d2725be9d3c3c44d4fff6e433371ce0 /libpod/info.go | |
| parent | 182646b01a4544902c9fdf9326889a0ced7d9a8e (diff) | |
| download | podman-04b43ccf64dd5166539743b44a95c9921ddc8a9f.tar.gz podman-04b43ccf64dd5166539743b44a95c9921ddc8a9f.tar.bz2 podman-04b43ccf64dd5166539743b44a95c9921ddc8a9f.zip | |
Add Security information to podman info
When debugging issues, it would be helpful to know the
security settings of the system running into the problem.
Adding security info to `podman info` is also useful to users.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'libpod/info.go')
| -rw-r--r-- | libpod/info.go | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/libpod/info.go b/libpod/info.go index 2f64a107e..1b3550abd 100644 --- a/libpod/info.go +++ b/libpod/info.go @@ -13,6 +13,8 @@ import ( "time" "github.com/containers/buildah" + "github.com/containers/common/pkg/apparmor" + "github.com/containers/common/pkg/seccomp" "github.com/containers/podman/v2/libpod/define" "github.com/containers/podman/v2/libpod/linkmode" "github.com/containers/podman/v2/pkg/cgroups" @@ -20,6 +22,7 @@ import ( "github.com/containers/podman/v2/pkg/rootless" "github.com/containers/storage" "github.com/containers/storage/pkg/system" + "github.com/opencontainers/selinux/go-selinux" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) @@ -98,10 +101,16 @@ func (r *Runtime) hostInfo() (*define.HostInfo, error) { MemFree: mi.MemFree, MemTotal: mi.MemTotal, OS: runtime.GOOS, - Rootless: rootless.IsRootless(), - Slirp4NetNS: define.SlirpInfo{}, - SwapFree: mi.SwapFree, - SwapTotal: mi.SwapTotal, + Security: define.SecurityInfo{ + AppArmorEnabled: apparmor.IsEnabled(), + DefaultCapabilities: strings.Join(r.config.Containers.DefaultCapabilities, ","), + Rootless: rootless.IsRootless(), + SECCOMPEnabled: seccomp.IsEnabled(), + SELinuxEnabled: selinux.GetEnabled(), + }, + Slirp4NetNS: define.SlirpInfo{}, + SwapFree: mi.SwapFree, + SwapTotal: mi.SwapTotal, } // CGroups version |