kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-03 17:05:43 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
bb54d16e4a7d35a112fe9fc701139bd1e3944b9d
nomad/command/agent
History
Seth Hoenig 05937ab75b exec2: add client support for unveil filesystem isolation mode (#20115) 
* exec2: add client support for unveil filesystem isolation mode

This PR adds support for a new filesystem isolation mode, "Unveil". The
mode introduces a "alloc_mounts" directory where tasks have user-owned
directory structure which are bind mounts into the real alloc directory
structure. This enables a task driver to use landlock (and maybe the
real unveil on openbsd one day) to isolate a task to the task owned
directory structure, providing sandboxing.

* actually create alloc-mounts-dir directory

* fix doc strings about alloc mount dir paths
2024-03-13 08:24:17 -05:00
..
consul
exec2: add client support for unveil filesystem isolation mode (#20115)
2024-03-13 08:24:17 -05:00
event
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
host
tests: swap testify for test in more places (#20028)
2024-02-29 12:11:35 -06:00
monitor
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
pprof
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
test-resources
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
testdata
exec2: add client support for unveil filesystem isolation mode (#20115)
2024-03-13 08:24:17 -05:00
acl_endpoint_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
acl_endpoint.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
agent_ce.go
admin: rename _oss files to _ce (#18209)
2023-08-18 07:47:24 +01:00
agent_endpoint_test.go
config: remove old Vault/Consul config blocks from parser (#18997)
2023-11-08 09:30:08 -05:00
agent_endpoint.go
config: remove old Vault/Consul config blocks from parser (#18997)
2023-11-08 09:30:08 -05:00
agent_test.go
Adds support for failures before warning to Consul service checks (#19336)
2023-12-14 11:33:31 -08:00
agent.go
exec2: add client support for unveil filesystem isolation mode (#20115)
2024-03-13 08:24:17 -05:00
alloc_endpoint_test.go
alloc exec: fix panics after stream close (#19932)
2024-02-12 09:43:34 -05:00
alloc_endpoint.go
alloc exec: fix panics after stream close (#19932)
2024-02-12 09:43:34 -05:00
bindata_assetfs.go
Generate files for 1.7.6 release
2024-03-12 12:04:04 +01:00
command_test.go
exec2: add client support for unveil filesystem isolation mode (#20115)
2024-03-13 08:24:17 -05:00
command.go
exec2: add client support for unveil filesystem isolation mode (#20115)
2024-03-13 08:24:17 -05:00
config_ce.go
admin: rename _oss files to _ce (#18209)
2023-08-18 07:47:24 +01:00
config_parse_test.go
exec2: add client support for unveil filesystem isolation mode (#20115)
2024-03-13 08:24:17 -05:00
config_parse.go
config: remove old Vault/Consul config blocks from parser (#18997)
2023-11-08 09:30:08 -05:00
config_test.go
cli: add -dev-consul and -dev-vault agent mode (#19327)
2023-12-07 11:51:20 -05:00
config.go
exec2: add client support for unveil filesystem isolation mode (#20115)
2024-03-13 08:24:17 -05:00
csi_endpoint_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
csi_endpoint.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
deployment_endpoint_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
deployment_endpoint.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
eval_endpoint_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
eval_endpoint.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
event_endpoint_test.go
auth: add client-only ACL (#18730)
2023-10-12 12:21:48 -04:00
event_endpoint.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
fs_endpoint_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
fs_endpoint.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
helpers_test.go
tests: swap testify for test in more places (#20028)
2024-02-29 12:11:35 -06:00
helpers.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
http_ce.go
admin: rename _oss files to _ce (#18209)
2023-08-18 07:47:24 +01:00
http_stdlog_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
http_stdlog.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
http_test.go
identity: default to RS256 for new workload ids (#18882)
2023-10-31 11:25:20 -07:00
http.go
vault: add new nomad setup vault -check commmand (#19720)
2024-01-12 15:48:30 -05:00
job_endpoint_test.go
Introduces Disconnect block into the TaskGroup configuration (#19886)
2024-02-19 16:41:35 +01:00
job_endpoint.go
Introduces Disconnect block into the TaskGroup configuration (#19886)
2024-02-19 16:41:35 +01:00
keyring_endpoint_test.go
OpenID Configuration Discovery Endpoint (#18691)
2023-10-20 17:11:41 -07:00
keyring_endpoint.go
agent: log using error keyword not err in keyring endpoint (#19243)
2023-11-30 16:40:13 +00:00
keyring_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
keyring.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
log_file_bsd.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
log_file_linux.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
log_file_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
log_file_windows.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
log_file.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
log_levels_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
log_levels.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
meta_endpoint.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
metrics_endpoint_test.go
Revert "deps: update go-metrics to v0.5.3 (#19190)" (#19374)
2023-12-08 08:46:55 -05:00
metrics_endpoint.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
namespace_endpoint_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
namespace_endpoint.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
node_endpoint_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
node_endpoint.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
node_pool_endpoint_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
node_pool_endpoint.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
operator_endpoint_ce.go
admin: rename _oss files to _ce (#18209)
2023-08-18 07:47:24 +01:00
operator_endpoint_test.go
vault: add new nomad setup vault -check commmand (#19720)
2024-01-12 15:48:30 -05:00
operator_endpoint.go
vault: add new nomad setup vault -check commmand (#19720)
2024-01-12 15:48:30 -05:00
plugins_test.go
auth: add client-only ACL (#18730)
2023-10-12 12:21:48 -04:00
plugins.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
region_endpoint_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
region_endpoint.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
retry_join_test.go
Add go-netaddrs support to retry_join (#18745)
2023-11-15 10:07:18 -05:00
retry_join.go
Add go-netaddrs support to retry_join (#18745)
2023-11-15 10:07:18 -05:00
scaling_endpoint_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
scaling_endpoint.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
search_endpoint_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
search_endpoint.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
service_registration_endpoint_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
service_registration_endpoint.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
stats_endpoint_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
stats_endpoint.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
status_endpoint_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
status_endpoint.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
stub_asset.go
docs: update all URLs to developer.hashicorp.com (#16247)
2023-10-24 11:00:11 -04:00
syslog_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
syslog.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
system_endpoint_test.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
system_endpoint.go
Update copyright file headers to BUSL-1.1
2023-08-10 17:27:29 -05:00
testagent_ce.go
admin: rename _oss files to _ce (#18209)
2023-08-18 07:47:24 +01:00
testagent.go
Revert "deps: update go-metrics to v0.5.3 (#19190)" (#19374)
2023-12-08 08:46:55 -05:00
testingutils_test.go
action: add job action name validation (#19145)
2023-11-22 08:02:49 +00:00
variable_endpoint_test.go
[17449] Introduces a locking mechanism over variables (#18207)
2023-09-21 17:56:33 +02:00
variable_endpoint.go
[17449] Introduces a locking mechanism over variables (#18207)
2023-09-21 17:56:33 +02:00