line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package Mojo::IOLoop::ReadWriteProcess::CGroup::v1::Devices; |
2
|
|
|
|
|
|
|
|
3
|
15
|
|
|
15
|
|
119
|
use Mojo::Base -base; |
|
15
|
|
|
|
|
32
|
|
|
15
|
|
|
|
|
107
|
|
4
|
|
|
|
|
|
|
|
5
|
|
|
|
|
|
|
use constant { |
6
|
15
|
|
|
|
|
3661
|
DEVICES_ALLOW_INTERFACE => 'devices.allow', |
7
|
|
|
|
|
|
|
DEVICES_DENY_INTERFACE => 'devices.deny' |
8
|
15
|
|
|
15
|
|
2442
|
}; |
|
15
|
|
|
|
|
152
|
|
9
|
|
|
|
|
|
|
|
10
|
|
|
|
|
|
|
has cgroup => sub { Mojo::IOLoop::ReadWriteProcess::CGroup::v1->new }; |
11
|
|
|
|
|
|
|
|
12
|
1
|
|
|
1
|
0
|
9
|
sub allow { shift->cgroup->_write(DEVICES_ALLOW_INTERFACE, @_) } |
13
|
1
|
|
|
1
|
0
|
12
|
sub deny { shift->cgroup->_write(DEVICES_DENY_INTERFACE, @_) } |
14
|
|
|
|
|
|
|
|
15
|
|
|
|
|
|
|
1; |
16
|
|
|
|
|
|
|
|
17
|
|
|
|
|
|
|
=encoding utf-8 |
18
|
|
|
|
|
|
|
|
19
|
|
|
|
|
|
|
=head1 NAME |
20
|
|
|
|
|
|
|
|
21
|
|
|
|
|
|
|
Mojo::IOLoop::ReadWriteProcess::CGroup::v1::Devices - CGroups v1 Devices Controller. |
22
|
|
|
|
|
|
|
|
23
|
|
|
|
|
|
|
=head1 SYNOPSIS |
24
|
|
|
|
|
|
|
|
25
|
|
|
|
|
|
|
use Mojo::IOLoop::ReadWriteProcess::CGroup::v1; |
26
|
|
|
|
|
|
|
|
27
|
|
|
|
|
|
|
my $cgroup = Mojo::IOLoop::ReadWriteProcess::CGroup::v1->new( name => "test" ); |
28
|
|
|
|
|
|
|
|
29
|
|
|
|
|
|
|
$cgroup->devices->allow('a *:* rwm'); |
30
|
|
|
|
|
|
|
|
31
|
|
|
|
|
|
|
=head1 DESCRIPTION |
32
|
|
|
|
|
|
|
|
33
|
|
|
|
|
|
|
This module uses features that are only available on Linux, |
34
|
|
|
|
|
|
|
and requires cgroups and capability for unshare syscalls to achieve pid isolation. |
35
|
|
|
|
|
|
|
|
36
|
|
|
|
|
|
|
=head1 METHODS |
37
|
|
|
|
|
|
|
|
38
|
|
|
|
|
|
|
L inherits all methods from L and implements |
39
|
|
|
|
|
|
|
the following new ones. |
40
|
|
|
|
|
|
|
|
41
|
|
|
|
|
|
|
=head1 LICENSE |
42
|
|
|
|
|
|
|
|
43
|
|
|
|
|
|
|
Copyright (C) Ettore Di Giacinto. |
44
|
|
|
|
|
|
|
|
45
|
|
|
|
|
|
|
This library is free software; you can redistribute it and/or modify |
46
|
|
|
|
|
|
|
it under the same terms as Perl itself. |
47
|
|
|
|
|
|
|
|
48
|
|
|
|
|
|
|
=head1 AUTHOR |
49
|
|
|
|
|
|
|
|
50
|
|
|
|
|
|
|
Ettore Di Giacinto Eedigiacinto@suse.comE |
51
|
|
|
|
|
|
|
|
52
|
|
|
|
|
|
|
=cut |