tag | a4b6096fdb53e1ab0d55e4a6635c14555708a4a1 | |
---|---|---|
tagger | Jess Frazelle <acidburn@microsoft.com> | Tue Sep 25 10:35:32 2018 -0400 |
object | 1245de9bdd0dd5279639bad87c37b6a9f6fb4602 |
v0.4.5 -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE1MTdYA1m9lqO/FEeGPNoXAAiv/MFAluqR7QACgkQGPNoXAAi v/MPTA//Z/0msb6obaFzq6pte8FT49Cd11Rb054zRxMxLFNODHmHFhakONSG083v /qEE+pgqzZmbrQt8qxu5p8BwX+C5DUgKefGjjSWTmi3uk319hk0OUQhkp/n7VeG4 OSjINVrDqRIXuURsHJyxHq1FxptYfYPz5BgoCp56AsiThXL3KOATci2oan0fxL2L oMqq/V8hMlEOe3bVazY3GcNAk1l/6R6LikWndynzqOnvpXOMt6ntGuru2q0dPsmD kUkgMrMYefLt+57xybk+ln4eRgmlhuP3XzbyD5YjELjy/AdNCT8XhSSPbpSToCjT lkU7ksNMKOanqmCTKYmsmAr1T/47d07Huf4kUOxlnV0EI9DvfipYHWmSY60d1DTF NNVn7CdSKZ06iH5pZgWHPmbDCvDlNCUVaiThStJTSlrT4+8r8o8U+v1ocJw5N56r lwG0VuhBxJXqIaYbJ/V9F1aa4Lf7e3IpkClsD1/fHXfDAGnvNWlqV6qicJV4/TrM BSuPcfFGdDJt8IkCV+4mfbeyJVl7+HObmEeB80e5xV4GNC0rbDJtrdqtvHNZognW 4gIAnZb6Jb0T5MYSQAQwpUacLPrqN3wmr4WJxk7R/3dloaCDUvBy21KGZ8T/7fDR 4Goa5AKnnbu442IpAFDzqLDcWkjKJ1CuoCNijl+18Z4cp/zgSts= =cJZV -----END PGP SIGNATURE-----
commit | 1245de9bdd0dd5279639bad87c37b6a9f6fb4602 | [log] [tgz] |
---|---|---|
author | Jess Frazelle <acidburn@microsoft.com> | Tue Sep 25 10:35:32 2018 -0400 |
committer | Jess Frazelle <acidburn@microsoft.com> | Tue Sep 25 10:35:32 2018 -0400 |
tree | 7308ae7d92125fefc2be418b62a2dd66d42f5321 | |
parent | c6edd9d338b79caa50df181fab1e2997968c4e30 [diff] |
Bump version to v0.4.5 Signed-off-by: Jess Frazelle <acidburn@microsoft.com>
Container introspection tool. Find out what container runtime is being used as well as features available.
For installation instructions from binaries please visit the Releases Page.
$ go get github.com/genuinetools/amicontained
$ amicontained -h amicontained - A container introspection tool. Usage: amicontained <command> Flags: -d enable debug logging (default: false) Commands: version Show the version information.
$ docker run --rm -it r.j3ss.co/amicontained Container Runtime: docker Has Namespaces: pid: true user: true User Namespace Mappings: Container -> 0 Host -> 886432 Range -> 65536 AppArmor Profile: docker-default (enforce) Capabilities: BOUNDING -> chown dac_override fowner fsetid kill setgid setuid setpcap net_bind_service net_raw sys_chroot mknod audit_write setfcap Chroot (not pivot_root): false $ docker run --rm -it --pid host r.j3ss.co/amicontained Container Runtime: docker Has Namespaces: pid: false user: false AppArmor Profile: docker-default (enforce) Capabilities: BOUNDING -> chown dac_override fowner fsetid kill setgid setuid setpcap net_bind_service net_raw sys_chroot mknod audit_write setfcap Chroot (not pivot_root): false $ docker run --rm -it --security-opt "apparmor=unconfined" r.j3ss.co/amicontained Container Runtime: docker Has Namespaces: pid: true user: false AppArmor Profile: unconfined Capabilities: BOUNDING -> chown dac_override fowner fsetid kill setgid setuid setpcap net_bind_service net_raw sys_chroot mknod audit_write setfcap Chroot (not pivot_root): false
$ lxc-attach -n xenial root@xenial:/# amicontained Container Runtime: lxc Has Namespaces: pid: true user: true User Namespace Mappings: Container -> 0 Host -> 100000 Range -> 65536 AppArmor Profile: none Capabilities: BOUNDING -> chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_chroot sys_ptrace sys_pacct sys_admin sys_boot sys_nice sys_resource sys_tty_config mknod lease audit_write audit_control setfcap syslog wake_alarm block_suspend audit_read Chroot (not pivot_root): false $ lxc-execute -n xenial -- /bin/amicontained Container Runtime: lxc Has Namespaces: pid: true user: true User Namespace Mappings: Container -> 0 Host -> 100000 Range -> 65536 AppArmor Profile: none Capabilities: BOUNDING -> chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_chroot sys_ptrace sys_pacct sys_admin sys_boot sys_nice sys_resource sys_tty_config mknod lease audit_write audit_control setfcap syslog wake_alarm block_suspend audit_read Chroot (not pivot_root): false
$ sudo systemd-nspawn --machine amicontained --directory nspawn-amicontained /usr/bin/amicontained Spawning container amicontained on /home/genuinetools/nspawn-amicontained. Press ^] three times within 1s to kill container. Timezone UTC does not exist in container, not updating container timezone. Container Runtime: systemd-nspawn Has Namespaces: pid: true user: false AppArmor Profile: none Capabilities: BOUNDING -> chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_raw ipc_owner sys_chroot sys_ptrace sys_admin sys_boot sys_nice sys_resource sys_tty_config mknod lease audit_write audit_control setfcap Chroot (not pivot_root): false Container amicontained exited successfully.
$ sudo rkt --insecure-options=image run docker://r.j3ss.co/amicontained [ 631.522121] amicontained[5]: Container Runtime: rkt [ 631.522471] amicontained[5]: Host PID Namespace: false [ 631.522617] amicontained[5]: AppArmor Profile: none [ 631.522768] amicontained[5]: User Namespace: false [ 631.522922] amicontained[5]: Capabilities: [ 631.523075] amicontained[5]: BOUNDING -> chown dac_override fowner fsetid kill setgid setuid setpcap net_bind_service net_raw sys_chroot mknod audit_write setfcap [ 631.523213] amicontained[5]: Chroot (not pivot_root): false $ sudo rkt --insecure-options=image run --private-users=true --no-overlay docker://r.j3ss.co/amicontained [ 785.547050] amicontained[5]: Container Runtime: rkt [ 785.547360] amicontained[5]: Host PID Namespace: false [ 785.547567] amicontained[5]: AppArmor Profile: none [ 785.547717] amicontained[5]: User Namespace: true [ 785.547856] amicontained[5]: User Namespace Mappings: [ 785.548064] amicontained[5]: Container -> 0 Host -> 229834752 Range -> 65536 [ 785.548335] amicontained[5]: Capabilities: [ 785.548537] amicontained[5]: BOUNDING -> chown dac_override fowner fsetid kill setgid setuid setpcap net_bind_service net_raw sys_chroot mknod audit_write setfcap [ 785.548679] amicontained[5]: Chroot (not pivot_root): false
$ sudo unshare --user -r root@coreos:/home/jessie/.go/src/github.com/genuinetools/amicontained# ./amicontained Container Runtime: not-found Has Namespaces: pid: false user: true User Namespace Mappings: Container -> 0 Host -> 0 Range -> 1 AppArmor Profile: unconfined Capabilities: BOUNDING -> chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_module sys_rawio sys_chroot sys_ptrace sys_pacct sys_admin sys_boot sys_nice sys_resource sys_time sys_tty_config mknod lease audit_write audit_control setfcap mac_override mac_admin syslog wake_alarm block_suspend audit_read Chroot (not pivot_root): false