grantseltzer/karn

Issues

• Add subcommand for listing system calls a specific entitlement corresponds to

  #37 opened 5 years ago by grantseltzer
  0

• Add chmod entitlement

  #36 opened 5 years ago by grantseltzer
  0

• Proposal: A command like sudo which would run a program using specified entitlements (or linux capabilities?)

  #35 opened 5 years ago by grantseltzer
  0

• Update man page

  #29 opened 5 years ago by grantseltzer
  0

• Library package for taking a Karn declarations to run processes with the outputted seccomp/apparmor configurations

  #6 opened 5 years ago by grantseltzer
  1

• Add a declaration field for including names of other declarations

  #25 opened 5 years ago by grantseltzer
  0

• Docs with full examples

  #9 opened 5 years ago by grantseltzer
  0

• Create standard declaration bundles for shipping with karn

  #8 opened 5 years ago by grantseltzer
  0

• Add a 'notes' field to declarations for extensible documentation

  #26 opened 5 years ago by grantseltzer
  0

• Set up build bot

  #12 opened 5 years ago by grantseltzer
  0

• Output options for installing apparmor/seccomp profiles for use in various container runtimes

  #5 opened 5 years ago by grantseltzer
  0

• Cut 0.1 release semver

  #19 opened 5 years ago by grantseltzer
  0

• Need validation for spec fields

  #1 opened 5 years ago by grantseltzer
  4

• Add a command for printing a list of available entitlements

  #31 opened 5 years ago by grantseltzer
  1

• Fix missing "MockWriter" type from old 'tests' package

  #33 opened 5 years ago by grantseltzer
  0

• Add example CLI commands to README

  #34 opened 5 years ago by grantseltzer
  0

• Install make step

  #16 opened 7 years ago by grantseltzer
  5

• Add documentation for individual entitlements and introduce command for printing it

  #32 opened 7 years ago by grantseltzer
  0

• Use gobindata to embed standard declaration bundle into the binary

  #21 opened 7 years ago by grantseltzer
  3

• fix lint and gofmt issues

  #24 opened 7 years ago by grantseltzer
  0

• Use asciinema to record demo's of various usage

  #23 opened 7 years ago by grantseltzer
  0

• When a syscall is specified, if there's a corresponding CAP it should add that to the apparmor prof

  #4 opened 7 years ago by grantseltzer
  1

• Implement order of precedence for default seccomp action

  #22 opened 7 years ago by grantseltzer
  1

• Verification of accepted values for all apparmor and seccomp fields

  #20 opened 7 years ago by grantseltzer
  1

• If nothing is specified, generate produces error for missing default action

  #17 opened 7 years ago by grantseltzer
  1

• Reverse default seccomp/apparmor profiles into declarations, have them auto included

  #15 opened 7 years ago by grantseltzer
  0

• Create defaults for unspecified fields

  #14 opened 7 years ago by grantseltzer
  1

• Document best usage cases, now including default declarations

  #18 opened 7 years ago by grantseltzer
  0

• Flag for location of declaration directory

  #2 opened 7 years ago by grantseltzer
  0

• Conflicting rules are appended instead of replacing each other

  #11 opened 7 years ago by grantseltzer
  0

• Check syscall duplicates on add

  #7 opened 7 years ago by grantseltzer
  0

• Unit tests

  #3 opened 7 years ago by grantseltzer
  0