Gitiles - git.j3ss.co
git.j3ss.co / genuinetools / amicontained / refs/tags/v0.0.8
tag10c44eb2ea0eeaa5a9dbc8aacc2744873991b6e2
taggerJess Frazelle <acidburn@google.com>Fri Aug 04 14:47:12 2017 -0400
object4ee5544af5138ac357bd90eccfcb058e67b5c044 
v0.0.8
-----BEGIN PGP SIGNATURE-----

iQIcBAABCgAGBQJZhMEwAAoJEBjzaFwAIr/zcdgP/jvGyoRZfFpgLXltk91IJe87
L6376KT4GR9JlB8wfr7x25fTzL9jPs1Mf9FYtR5wySoh0Yjzv6ZZrVxnG8P9p+DL
1QNIhicyUfkcgo9vIX4JhvjDbZOifM+lNuIyqJGVSLueh2w5hD4eEq9N2DQrmc2e
hgflc0JCQ8NcjGpH5LhczcxU5aDjnpfZKamPLTDwmSdFRvyRVEARYlc9KkyI8EE1
UtLNeAwZKD99lhkFHDzKcdS5mtaGeyAGFOaXIRRc/+29xwb+rXMvdQ79rpH0512G
HQJN5ggRDQU5G1I7qHA9A4M/oxUycHQ6VAF01rWzzoqX/tnfolW1D75r5RBRqWwV
RP915su7Bf/v1uHmUXuHixPi8LXFXuHmNdV+NFZ0ab6omLDzVsEknepJ664ajjiU
ztkrclHwdi6l3Ab4TghZLEQuCYoHngVX2nDGjC16y1jyG3By3D9xuQMpttxnIyub
SnFVGB0OMw9Zi3x8vR5Nfw65b/QXn5toIjTdLYcKxPK9PlzdJTJ7/BGcp2WldB6Q
ybPwRKlysmUs5ZRBIpY0PBU1ZwJneRmEj8y4jO5IWNC46XsoA6+vSIrW9jJOyyZs
qVwx0SKyzLpCx1xW/l9S7et2yqcE8AMBZEx/IuPrpv03+yVntGlR/cdtvSQPDulr
LY5XZWfImJQalX6c/qwZ
=kf4l
-----END PGP SIGNATURE-----
commit4ee5544af5138ac357bd90eccfcb058e67b5c044[log] [tgz]
authorJess Frazelle <acidburn@google.com>Fri Aug 04 14:47:04 2017 -0400
committerJess Frazelle <acidburn@google.com>Fri Aug 04 14:47:04 2017 -0400
tree817d0da8bd1ac9dba99e0ae40c4cf77334bedfec
parent0072f4c6f18093d0395181c6fa21be3e0e300d13 [diff]
Bump version to v0.0.8

Signed-off-by: Jess Frazelle <acidburn@google.com>
2 files changed
tree: 817d0da8bd1ac9dba99e0ae40c4cf77334bedfec
  1. .gitignore
  2. .travis.yml
  3. Dockerfile
  4. Makefile
  5. README.md
  6. VERSION
  7. container/
  8. main.go
  9. vendor/
  10. version/
README.md

amicontained

Travis CI

Container introspection tool. Find out what container runtime is being used as well as features available.

Installation

Binaries

Via Go

$ go get github.com/jessfraz/amicontained

Usage

$ amicontained -h
                 _                 _        _                _
  __ _ _ __ ___ (_) ___ ___  _ __ | |_ __ _(_)_ __   ___  __| |
 / _` | '_ ` _ \| |/ __/ _ \| '_ \| __/ _` | | '_ \ / _ \/ _` |
| (_| | | | | | | | (_| (_) | | | | || (_| | | | | |  __/ (_| |
 \__,_|_| |_| |_|_|\___\___/|_| |_|\__\__,_|_|_| |_|\___|\__,_|
 Container introspection tool.
 Version: v0.0.8

  -d	run in debug mode
  -v	print version and exit (shorthand)
  -version
    	print version and exit

Examples

Docker

$ docker run --rm -it r.j3ss.co/amicontained
Container Runtime: docker
Host PID Namespace: false
AppArmor Profile: docker-default (enforce)
User Namespace: true
User Namespace Mappings:
	Container -> 0
	Host -> 886432
	Range -> 65536
Capabilities:
	BOUNDING -> chown dac_override fowner fsetid kill setgid setuid setpcap net_bind_service net_raw sys_chroot mknod audit_write setfcap
Chroot/PivotRoot: true

$ docker run --rm -it --pid host r.j3ss.co/amicontained
Container Runtime: docker
Host PID Namespace: true
AppArmor Profile: docker-default (enforce)
User Namespace: false
Capabilities:
	BOUNDING -> chown dac_override fowner fsetid kill setgid setuid setpcap net_bind_service net_raw sys_chroot mknod audit_write setfcap
Chroot/PivotRoot: true

$ docker run --rm -it --security-opt "apparmor=unconfined" r.j3ss.co/amicontained
Container Runtime: docker
Host PID Namespace: false
AppArmor Profile: unconfined
User Namespace: false
Capabilities:
	BOUNDING -> chown dac_override fowner fsetid kill setgid setuid setpcap net_bind_service net_raw sys_chroot mknod audit_write setfcap
Chroot/PivotRoot: true

lxc

$ lxc-attach -n xenial
root@xenial:/# amicontained
Container Runtime: lxc
Host PID Namespace: false
AppArmor Profile: none
User Namespace: true
User Namespace Mappings:
	Container -> 0	Host -> 100000	Range -> 65536
Capabilities:
	BOUNDING -> chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_chroot sys_ptrace sys_pacct sys_admin sys_boot sys_nice sys_resource sys_tty_config mknod lease audit_write audit_control setfcap syslog wake_alarm block_suspend audit_read
Chroot/PivotRoot: true

$ lxc-execute -n xenial -- /bin/amicontained
Container Runtime: lxc
Host PID Namespace: false
AppArmor Profile: none
User Namespace: true
User Namespace Mappings:
	Container -> 0	Host -> 100000	Range -> 65536
Capabilities:
	BOUNDING -> chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_chroot sys_ptrace sys_pacct sys_admin sys_boot sys_nice sys_resource sys_tty_config mknod lease audit_write audit_control setfcap syslog wake_alarm block_suspend audit_read
Chroot/PivotRoot: true

unshare

$ sudo unshare --user -r
root@coreos:/home/jessie/.go/src/github.com/jessfraz/amicontained# ./amicontained
Container Runtime: not-found
Host PID Namespace: true
AppArmor Profile: unconfined
User Namespace: true
User Namespace Mappings:
	Container -> 0
	Host -> 0
	Range -> 1
Capabilities:
	BOUNDING -> chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_module sys_rawio sys_chroot sys_ptrace sys_pacct sys_admin sys_boot sys_nice sys_resource sys_time sys_tty_config mknod lease audit_write audit_control setfcap mac_override mac_admin syslog wake_alarm block_suspend audit_read
Chroot/PivotRoot: false