Google Git
Sign in
chromium / infra / goma / server / v0.0.4 / . / proto / nsjail / config.pb.go
blob: b7c0187b96bade4442ffca5445893ca25944d58a [file] [log] [blame]
// Code generated by protoc-gen-go. DO NOT EDIT.
// source: nsjail/config.proto
package nsjail
import (
fmt "fmt"
proto "github.com/golang/protobuf/proto"
math "math"
)
// Reference imports to suppress errors if they are not otherwise used.
var _ = proto.Marshal
var _ = fmt.Errorf
var _ = math.Inf
// This is a compile-time assertion to ensure that this generated file
// is compatible with the proto package it is being compiled against.
// A compilation error at this line likely means your copy of the
// proto package needs to be updated.
const _ = proto.ProtoPackageIsVersion3 // please upgrade the proto package
type Mode int32
const (
Mode_LISTEN Mode = 0
Mode_ONCE Mode = 1
Mode_RERUN Mode = 2
Mode_EXECVE Mode = 3
)
var Mode_name = map[int32]string{
0: "LISTEN",
1: "ONCE",
2: "RERUN",
3: "EXECVE",
}
var Mode_value = map[string]int32{
"LISTEN": 0,
"ONCE": 1,
"RERUN": 2,
"EXECVE": 3,
}
func (x Mode) Enum() *Mode {
p := new(Mode)
*p = x
return p
}
func (x Mode) String() string {
return proto.EnumName(Mode_name, int32(x))
}
func (x *Mode) UnmarshalJSON(data []byte) error {
value, err := proto.UnmarshalJSONEnum(Mode_value, data, "Mode")
if err != nil {
return err
}
*x = Mode(value)
return nil
}
func (Mode) EnumDescriptor() ([]byte, []int) {
return fileDescriptor_82b7e3129c410694, []int{0}
}
// Should be self explanatory
type LogLevel int32
const (
LogLevel_DEBUG LogLevel = 0
LogLevel_INFO LogLevel = 1
LogLevel_WARNING LogLevel = 2
LogLevel_ERROR LogLevel = 3
LogLevel_FATAL LogLevel = 4
)
var LogLevel_name = map[int32]string{
0: "DEBUG",
1: "INFO",
2: "WARNING",
3: "ERROR",
4: "FATAL",
}
var LogLevel_value = map[string]int32{
"DEBUG": 0,
"INFO": 1,
"WARNING": 2,
"ERROR": 3,
"FATAL": 4,
}
func (x LogLevel) Enum() *LogLevel {
p := new(LogLevel)
*p = x
return p
}
func (x LogLevel) String() string {
return proto.EnumName(LogLevel_name, int32(x))
}
func (x *LogLevel) UnmarshalJSON(data []byte) error {
value, err := proto.UnmarshalJSONEnum(LogLevel_value, data, "LogLevel")
if err != nil {
return err
}
*x = LogLevel(value)
return nil
}
func (LogLevel) EnumDescriptor() ([]byte, []int) {
return fileDescriptor_82b7e3129c410694, []int{1}
}
type RLimit int32
const (
RLimit_VALUE RLimit = 0
RLimit_SOFT RLimit = 1
RLimit_HARD RLimit = 2
RLimit_INF RLimit = 3
)
var RLimit_name = map[int32]string{
0: "VALUE",
1: "SOFT",
2: "HARD",
3: "INF",
}
var RLimit_value = map[string]int32{
"VALUE": 0,
"SOFT": 1,
"HARD": 2,
"INF": 3,
}
func (x RLimit) Enum() *RLimit {
p := new(RLimit)
*p = x
return p
}
func (x RLimit) String() string {
return proto.EnumName(RLimit_name, int32(x))
}
func (x *RLimit) UnmarshalJSON(data []byte) error {
value, err := proto.UnmarshalJSONEnum(RLimit_value, data, "RLimit")
if err != nil {
return err
}
*x = RLimit(value)
return nil
}
func (RLimit) EnumDescriptor() ([]byte, []int) {
return fileDescriptor_82b7e3129c410694, []int{2}
}
type IdMap struct {
// Empty string means "current uid/gid"
InsideId *string `protobuf:"bytes,1,opt,name=inside_id,json=insideId,def=" json:"inside_id,omitempty"`
OutsideId *string `protobuf:"bytes,2,opt,name=outside_id,json=outsideId,def=" json:"outside_id,omitempty"`
// See 'man user_namespaces' for the meaning of count
Count *uint32 `protobuf:"varint,3,opt,name=count,def=1" json:"count,omitempty"`
// Does this map use /usr/bin/new[u|g]idmap binary?
UseNewidmap *bool `protobuf:"varint,4,opt,name=use_newidmap,json=useNewidmap,def=0" json:"use_newidmap,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
}
func (m *IdMap) Reset() { *m = IdMap{} }
func (m *IdMap) String() string { return proto.CompactTextString(m) }
func (*IdMap) ProtoMessage() {}
func (*IdMap) Descriptor() ([]byte, []int) {
return fileDescriptor_82b7e3129c410694, []int{0}
}
func (m *IdMap) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_IdMap.Unmarshal(m, b)
}
func (m *IdMap) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
return xxx_messageInfo_IdMap.Marshal(b, m, deterministic)
}
func (m *IdMap) XXX_Merge(src proto.Message) {
xxx_messageInfo_IdMap.Merge(m, src)
}
func (m *IdMap) XXX_Size() int {
return xxx_messageInfo_IdMap.Size(m)
}
func (m *IdMap) XXX_DiscardUnknown() {
xxx_messageInfo_IdMap.DiscardUnknown(m)
}
var xxx_messageInfo_IdMap proto.InternalMessageInfo
const Default_IdMap_Count uint32 = 1
const Default_IdMap_UseNewidmap bool = false
func (m *IdMap) GetInsideId() string {
if m != nil && m.InsideId != nil {
return *m.InsideId
}
return ""
}
func (m *IdMap) GetOutsideId() string {
if m != nil && m.OutsideId != nil {
return *m.OutsideId
}
return ""
}
func (m *IdMap) GetCount() uint32 {
if m != nil && m.Count != nil {
return *m.Count
}
return Default_IdMap_Count
}
func (m *IdMap) GetUseNewidmap() bool {
if m != nil && m.UseNewidmap != nil {
return *m.UseNewidmap
}
return Default_IdMap_UseNewidmap
}
type MountPt struct {
// Can be skipped for filesystems like 'proc'
Src *string `protobuf:"bytes,1,opt,name=src,def=" json:"src,omitempty"`
// Should 'src' path be prefixed with this envvar?
PrefixSrcEnv *string `protobuf:"bytes,2,opt,name=prefix_src_env,json=prefixSrcEnv,def=" json:"prefix_src_env,omitempty"`
// If specified, contains buffer that will be written to the dst file
SrcContent []byte `protobuf:"bytes,3,opt,name=src_content,json=srcContent,def=" json:"src_content,omitempty"`
// Mount point inside jail
Dst *string `protobuf:"bytes,4,req,name=dst,def=" json:"dst,omitempty"`
// Should 'dst' path be prefixed with this envvar?
PrefixDstEnv *string `protobuf:"bytes,5,opt,name=prefix_dst_env,json=prefixDstEnv,def=" json:"prefix_dst_env,omitempty"`
// Can be empty for mount --bind mounts
Fstype *string `protobuf:"bytes,6,opt,name=fstype,def=" json:"fstype,omitempty"`
// E.g. size=5000000 for 'tmpfs'
Options *string `protobuf:"bytes,7,opt,name=options,def=" json:"options,omitempty"`
// Is it a 'mount --bind src dst' type of mount?
IsBind *bool `protobuf:"varint,8,opt,name=is_bind,json=isBind,def=0" json:"is_bind,omitempty"`
// Is it a R/W mount?
Rw *bool `protobuf:"varint,9,opt,name=rw,def=0" json:"rw,omitempty"`
// Is it a directory? If not specified an internal
//heuristics will be used to determine that
IsDir *bool `protobuf:"varint,10,opt,name=is_dir,json=isDir" json:"is_dir,omitempty"`
// Should the sandboxing fail if we cannot mount this resource?
Mandatory *bool `protobuf:"varint,11,opt,name=mandatory,def=1" json:"mandatory,omitempty"`
// Is it a symlink (instead of real mount point)?
IsSymlink *bool `protobuf:"varint,12,opt,name=is_symlink,json=isSymlink,def=0" json:"is_symlink,omitempty"`
// Is it a nosuid mount
Nosuid *bool `protobuf:"varint,13,opt,name=nosuid,def=0" json:"nosuid,omitempty"`
// Is it a nodev mount
Nodev *bool `protobuf:"varint,14,opt,name=nodev,def=0" json:"nodev,omitempty"`
// Is it a noexec mount
Noexec *bool `protobuf:"varint,15,opt,name=noexec,def=0" json:"noexec,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
}
func (m *MountPt) Reset() { *m = MountPt{} }
func (m *MountPt) String() string { return proto.CompactTextString(m) }
func (*MountPt) ProtoMessage() {}
func (*MountPt) Descriptor() ([]byte, []int) {
return fileDescriptor_82b7e3129c410694, []int{1}
}
func (m *MountPt) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_MountPt.Unmarshal(m, b)
}
func (m *MountPt) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
return xxx_messageInfo_MountPt.Marshal(b, m, deterministic)
}
func (m *MountPt) XXX_Merge(src proto.Message) {
xxx_messageInfo_MountPt.Merge(m, src)
}
func (m *MountPt) XXX_Size() int {
return xxx_messageInfo_MountPt.Size(m)
}
func (m *MountPt) XXX_DiscardUnknown() {
xxx_messageInfo_MountPt.DiscardUnknown(m)
}
var xxx_messageInfo_MountPt proto.InternalMessageInfo
const Default_MountPt_IsBind bool = false
const Default_MountPt_Rw bool = false
const Default_MountPt_Mandatory bool = true
const Default_MountPt_IsSymlink bool = false
const Default_MountPt_Nosuid bool = false
const Default_MountPt_Nodev bool = false
const Default_MountPt_Noexec bool = false
func (m *MountPt) GetSrc() string {
if m != nil && m.Src != nil {
return *m.Src
}
return ""
}
func (m *MountPt) GetPrefixSrcEnv() string {
if m != nil && m.PrefixSrcEnv != nil {
return *m.PrefixSrcEnv
}
return ""
}
func (m *MountPt) GetSrcContent() []byte {
if m != nil {
return m.SrcContent
}
return nil
}
func (m *MountPt) GetDst() string {
if m != nil && m.Dst != nil {
return *m.Dst
}
return ""
}
func (m *MountPt) GetPrefixDstEnv() string {
if m != nil && m.PrefixDstEnv != nil {
return *m.PrefixDstEnv
}
return ""
}
func (m *MountPt) GetFstype() string {
if m != nil && m.Fstype != nil {
return *m.Fstype
}
return ""
}
func (m *MountPt) GetOptions() string {
if m != nil && m.Options != nil {
return *m.Options
}
return ""
}
func (m *MountPt) GetIsBind() bool {
if m != nil && m.IsBind != nil {
return *m.IsBind
}
return Default_MountPt_IsBind
}
func (m *MountPt) GetRw() bool {
if m != nil && m.Rw != nil {
return *m.Rw
}
return Default_MountPt_Rw
}
func (m *MountPt) GetIsDir() bool {
if m != nil && m.IsDir != nil {
return *m.IsDir
}
return false
}
func (m *MountPt) GetMandatory() bool {
if m != nil && m.Mandatory != nil {
return *m.Mandatory
}
return Default_MountPt_Mandatory
}
func (m *MountPt) GetIsSymlink() bool {
if m != nil && m.IsSymlink != nil {
return *m.IsSymlink
}
return Default_MountPt_IsSymlink
}
func (m *MountPt) GetNosuid() bool {
if m != nil && m.Nosuid != nil {
return *m.Nosuid
}
return Default_MountPt_Nosuid
}
func (m *MountPt) GetNodev() bool {
if m != nil && m.Nodev != nil {
return *m.Nodev
}
return Default_MountPt_Nodev
}
func (m *MountPt) GetNoexec() bool {
if m != nil && m.Noexec != nil {
return *m.Noexec
}
return Default_MountPt_Noexec
}
type Exe struct {
// Will be used both as execv's path and as argv[0]
Path *string `protobuf:"bytes,1,req,name=path" json:"path,omitempty"`
// This will be argv[1] and so on..
Arg []string `protobuf:"bytes,2,rep,name=arg" json:"arg,omitempty"`
// Override argv[0]
Arg0 *string `protobuf:"bytes,3,opt,name=arg0" json:"arg0,omitempty"`
// Should execveat() be used to execute a file-descriptor instead?
ExecFd *bool `protobuf:"varint,4,opt,name=exec_fd,json=execFd,def=0" json:"exec_fd,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
}
func (m *Exe) Reset() { *m = Exe{} }
func (m *Exe) String() string { return proto.CompactTextString(m) }
func (*Exe) ProtoMessage() {}
func (*Exe) Descriptor() ([]byte, []int) {
return fileDescriptor_82b7e3129c410694, []int{2}
}
func (m *Exe) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_Exe.Unmarshal(m, b)
}
func (m *Exe) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
return xxx_messageInfo_Exe.Marshal(b, m, deterministic)
}
func (m *Exe) XXX_Merge(src proto.Message) {
xxx_messageInfo_Exe.Merge(m, src)
}
func (m *Exe) XXX_Size() int {
return xxx_messageInfo_Exe.Size(m)
}
func (m *Exe) XXX_DiscardUnknown() {
xxx_messageInfo_Exe.DiscardUnknown(m)
}
var xxx_messageInfo_Exe proto.InternalMessageInfo
const Default_Exe_ExecFd bool = false
func (m *Exe) GetPath() string {
if m != nil && m.Path != nil {
return *m.Path
}
return ""
}
func (m *Exe) GetArg() []string {
if m != nil {
return m.Arg
}
return nil
}
func (m *Exe) GetArg0() string {
if m != nil && m.Arg0 != nil {
return *m.Arg0
}
return ""
}
func (m *Exe) GetExecFd() bool {
if m != nil && m.ExecFd != nil {
return *m.ExecFd
}
return Default_Exe_ExecFd
}
type NsJailConfig struct {
// Optional name and description for this config
Name *string `protobuf:"bytes,1,opt,name=name,def=" json:"name,omitempty"`
Description []string `protobuf:"bytes,2,rep,name=description" json:"description,omitempty"`
// Execution mode: see 'msg Mode' description for more
Mode *Mode `protobuf:"varint,3,opt,name=mode,enum=nsjail.Mode,def=1" json:"mode,omitempty"`
// Equivalent to a bind mount with dst='/'. DEPRECATED: Use bind mounts.
ChrootDir *string `protobuf:"bytes,4,opt,name=chroot_dir,json=chrootDir" json:"chroot_dir,omitempty"` // Deprecated: Do not use.
// Applies both to the chroot_dir and to /proc mounts. DEPRECATED: Use bind mounts
IsRootRw *bool `protobuf:"varint,5,opt,name=is_root_rw,json=isRootRw,def=0" json:"is_root_rw,omitempty"` // Deprecated: Do not use.
// Hostname inside jail
Hostname *string `protobuf:"bytes,8,opt,name=hostname,def=NSJAIL" json:"hostname,omitempty"`
// Initial current working directory for the binary
Cwd *string `protobuf:"bytes,9,opt,name=cwd,def=/" json:"cwd,omitempty"`
// TCP port to listen to. Valid with mode=LISTEN only
Port *uint32 `protobuf:"varint,10,opt,name=port,def=0" json:"port,omitempty"`
// Host to bind to for mode=LISTEN. Must be in IPv6 format
Bindhost *string `protobuf:"bytes,11,opt,name=bindhost,def=::" json:"bindhost,omitempty"`
// For mode=LISTEN, maximum number of connections from a single IP
MaxConnsPerIp *uint32 `protobuf:"varint,12,opt,name=max_conns_per_ip,json=maxConnsPerIp,def=0" json:"max_conns_per_ip,omitempty"`
// Wall-time time limit for commands
TimeLimit *uint32 `protobuf:"varint,13,opt,name=time_limit,json=timeLimit,def=600" json:"time_limit,omitempty"`
// Should nsjail go into background?
Daemon *bool `protobuf:"varint,14,opt,name=daemon,def=0" json:"daemon,omitempty"`
// Maximum number of CPUs to use: 0 - no limit
MaxCpus *uint32 `protobuf:"varint,15,opt,name=max_cpus,json=maxCpus,def=0" json:"max_cpus,omitempty"`
// FD to log to.
LogFd *int32 `protobuf:"varint,16,opt,name=log_fd,json=logFd" json:"log_fd,omitempty"`
// File to save lofs to
LogFile *string `protobuf:"bytes,17,opt,name=log_file,json=logFile" json:"log_file,omitempty"`
// Minimum log level displayed.
//See 'msg LogLevel' description for more
LogLevel *LogLevel `protobuf:"varint,18,opt,name=log_level,json=logLevel,enum=nsjail.LogLevel" json:"log_level,omitempty"`
// Should the current environment variables be kept
//when executing the binary
KeepEnv *bool `protobuf:"varint,19,opt,name=keep_env,json=keepEnv,def=0" json:"keep_env,omitempty"`
// EnvVars to be set before executing binaries. If the envvar doesn't contain '='
//(e.g. just the 'DISPLAY' string), the current envvar value will be used
Envar []string `protobuf:"bytes,20,rep,name=envar" json:"envar,omitempty"`
// Should capabilities be preserved or dropped
KeepCaps *bool `protobuf:"varint,21,opt,name=keep_caps,json=keepCaps,def=0" json:"keep_caps,omitempty"`
// Which capabilities should be preserved if keep_caps == false.
//Format: "CAP_SYS_PTRACE"
Cap []string `protobuf:"bytes,22,rep,name=cap" json:"cap,omitempty"`
// Should nsjail close FD=0,1,2 before executing the process
Silent *bool `protobuf:"varint,23,opt,name=silent,def=0" json:"silent,omitempty"`
// Should the child process have control over terminal?
//Can be useful to allow /bin/sh to provide
//job control / signals. Dangerous, can be used to put
//characters into the controlling terminal back
SkipSetsid *bool `protobuf:"varint,24,opt,name=skip_setsid,json=skipSetsid,def=0" json:"skip_setsid,omitempty"`
// Redirect sdterr of the process to /dev/null instead of the socket or original TTY
StderrToNull *bool `protobuf:"varint,25,opt,name=stderr_to_null,json=stderrToNull,def=0" json:"stderr_to_null,omitempty"`
// Which FDs should be passed to the newly executed process
//By default only FD=0,1,2 are passed
PassFd []int32 `protobuf:"varint,26,rep,name=pass_fd,json=passFd" json:"pass_fd,omitempty"`
// Setting it to true will allow to have set-uid binaries
//inside the jail
DisableNoNewPrivs *bool `protobuf:"varint,27,opt,name=disable_no_new_privs,json=disableNoNewPrivs,def=0" json:"disable_no_new_privs,omitempty"`
// Various rlimits, the rlimit_as/rlimit_core/... are used only if
//rlimit_as_type/rlimit_core_type/... are set to RLimit::VALUE
RlimitAs *uint64 `protobuf:"varint,28,opt,name=rlimit_as,json=rlimitAs,def=512" json:"rlimit_as,omitempty"`
RlimitAsType *RLimit `protobuf:"varint,29,opt,name=rlimit_as_type,json=rlimitAsType,enum=nsjail.RLimit,def=0" json:"rlimit_as_type,omitempty"`
RlimitCore *uint64 `protobuf:"varint,30,opt,name=rlimit_core,json=rlimitCore,def=0" json:"rlimit_core,omitempty"`
RlimitCoreType *RLimit `protobuf:"varint,31,opt,name=rlimit_core_type,json=rlimitCoreType,enum=nsjail.RLimit,def=0" json:"rlimit_core_type,omitempty"`
RlimitCpu *uint64 `protobuf:"varint,32,opt,name=rlimit_cpu,json=rlimitCpu,def=600" json:"rlimit_cpu,omitempty"`
RlimitCpuType *RLimit `protobuf:"varint,33,opt,name=rlimit_cpu_type,json=rlimitCpuType,enum=nsjail.RLimit,def=0" json:"rlimit_cpu_type,omitempty"`
RlimitFsize *uint64 `protobuf:"varint,34,opt,name=rlimit_fsize,json=rlimitFsize,def=1" json:"rlimit_fsize,omitempty"`
RlimitFsizeType *RLimit `protobuf:"varint,35,opt,name=rlimit_fsize_type,json=rlimitFsizeType,enum=nsjail.RLimit,def=0" json:"rlimit_fsize_type,omitempty"`
RlimitNofile *uint64 `protobuf:"varint,36,opt,name=rlimit_nofile,json=rlimitNofile,def=32" json:"rlimit_nofile,omitempty"`
RlimitNofileType *RLimit `protobuf:"varint,37,opt,name=rlimit_nofile_type,json=rlimitNofileType,enum=nsjail.RLimit,def=0" json:"rlimit_nofile_type,omitempty"`
// RLIMIT_NPROC is system-wide - tricky to use; use the soft limit value by
// default here
RlimitNproc *uint64 `protobuf:"varint,38,opt,name=rlimit_nproc,json=rlimitNproc,def=1024" json:"rlimit_nproc,omitempty"`
RlimitNprocType *RLimit `protobuf:"varint,39,opt,name=rlimit_nproc_type,json=rlimitNprocType,enum=nsjail.RLimit,def=1" json:"rlimit_nproc_type,omitempty"`
// In MiB, use the soft limit value by default
RlimitStack *uint64 `protobuf:"varint,40,opt,name=rlimit_stack,json=rlimitStack,def=1048576" json:"rlimit_stack,omitempty"`
RlimitStackType *RLimit `protobuf:"varint,41,opt,name=rlimit_stack_type,json=rlimitStackType,enum=nsjail.RLimit,def=1" json:"rlimit_stack_type,omitempty"`
// See 'man personality' for more
PersonaAddrCompatLayout *bool `protobuf:"varint,42,opt,name=persona_addr_compat_layout,json=personaAddrCompatLayout,def=0" json:"persona_addr_compat_layout,omitempty"`
PersonaMmapPageZero *bool `protobuf:"varint,43,opt,name=persona_mmap_page_zero,json=personaMmapPageZero,def=0" json:"persona_mmap_page_zero,omitempty"`
PersonaReadImpliesExec *bool `protobuf:"varint,44,opt,name=persona_read_implies_exec,json=personaReadImpliesExec,def=0" json:"persona_read_implies_exec,omitempty"`
PersonaAddrLimit_3Gb *bool `protobuf:"varint,45,opt,name=persona_addr_limit_3gb,json=personaAddrLimit3gb,def=0" json:"persona_addr_limit_3gb,omitempty"`
PersonaAddrNoRandomize *bool `protobuf:"varint,46,opt,name=persona_addr_no_randomize,json=personaAddrNoRandomize,def=0" json:"persona_addr_no_randomize,omitempty"`
// Which name-spaces should be used?
CloneNewnet *bool `protobuf:"varint,47,opt,name=clone_newnet,json=cloneNewnet,def=1" json:"clone_newnet,omitempty"`
CloneNewuser *bool `protobuf:"varint,48,opt,name=clone_newuser,json=cloneNewuser,def=1" json:"clone_newuser,omitempty"`
CloneNewns *bool `protobuf:"varint,49,opt,name=clone_newns,json=cloneNewns,def=1" json:"clone_newns,omitempty"`
CloneNewpid *bool `protobuf:"varint,50,opt,name=clone_newpid,json=cloneNewpid,def=1" json:"clone_newpid,omitempty"`
CloneNewipc *bool `protobuf:"varint,51,opt,name=clone_newipc,json=cloneNewipc,def=1" json:"clone_newipc,omitempty"`
CloneNewuts *bool `protobuf:"varint,52,opt,name=clone_newuts,json=cloneNewuts,def=1" json:"clone_newuts,omitempty"`
// Disable for kernel versions < 4.6 as it's not supported there
CloneNewcgroup *bool `protobuf:"varint,53,opt,name=clone_newcgroup,json=cloneNewcgroup,def=1" json:"clone_newcgroup,omitempty"`
// Mappings for UIDs and GIDs. See the description for 'msg IdMap'
//for more
Uidmap []*IdMap `protobuf:"bytes,54,rep,name=uidmap" json:"uidmap,omitempty"`
Gidmap []*IdMap `protobuf:"bytes,55,rep,name=gidmap" json:"gidmap,omitempty"`
// Should /proc be mounted (R/O)? This can also be added in the 'mount'
//section below
MountProc *bool `protobuf:"varint,56,opt,name=mount_proc,json=mountProc,def=0" json:"mount_proc,omitempty"`
// Mount points inside the jail. See the description for 'msg MountPt'
//for more
Mount []*MountPt `protobuf:"bytes,57,rep,name=mount" json:"mount,omitempty"`
// Kafel seccomp-bpf policy file or a string:
//Homepage of the project: https://github.com/google/kafel
SeccompPolicyFile *string `protobuf:"bytes,58,opt,name=seccomp_policy_file,json=seccompPolicyFile" json:"seccomp_policy_file,omitempty"`
SeccompString []string `protobuf:"bytes,59,rep,name=seccomp_string,json=seccompString" json:"seccomp_string,omitempty"`
// Setting it to true makes audit write seccomp logs to dmesg
SeccompLog *bool `protobuf:"varint,60,opt,name=seccomp_log,json=seccompLog,def=0" json:"seccomp_log,omitempty"`
// If > 0, maximum cumulative size of RAM used inside any jail
CgroupMemMax *uint64 `protobuf:"varint,61,opt,name=cgroup_mem_max,json=cgroupMemMax,def=0" json:"cgroup_mem_max,omitempty"`
// Mount point for cgroups-memory in your system
CgroupMemMount *string `protobuf:"bytes,62,opt,name=cgroup_mem_mount,json=cgroupMemMount,def=/sys/fs/cgroup/memory" json:"cgroup_mem_mount,omitempty"`
// Writeable directory (for the nsjail user) under cgroup_mem_mount
CgroupMemParent *string `protobuf:"bytes,63,opt,name=cgroup_mem_parent,json=cgroupMemParent,def=NSJAIL" json:"cgroup_mem_parent,omitempty"`
// If > 0, maximum number of PIDs (threads/processes) inside jail
CgroupPidsMax *uint64 `protobuf:"varint,64,opt,name=cgroup_pids_max,json=cgroupPidsMax,def=0" json:"cgroup_pids_max,omitempty"`
// Mount point for cgroups-pids in your system
CgroupPidsMount *string `protobuf:"bytes,65,opt,name=cgroup_pids_mount,json=cgroupPidsMount,def=/sys/fs/cgroup/pids" json:"cgroup_pids_mount,omitempty"`
// Writeable directory (for the nsjail user) under cgroup_pids_mount
CgroupPidsParent *string `protobuf:"bytes,66,opt,name=cgroup_pids_parent,json=cgroupPidsParent,def=NSJAIL" json:"cgroup_pids_parent,omitempty"`
// If > 0, Class identifier of network packets inside jail
CgroupNetClsClassid *uint32 `protobuf:"varint,67,opt,name=cgroup_net_cls_classid,json=cgroupNetClsClassid,def=0" json:"cgroup_net_cls_classid,omitempty"`
// Mount point for cgroups-net-cls in your system
CgroupNetClsMount *string `protobuf:"bytes,68,opt,name=cgroup_net_cls_mount,json=cgroupNetClsMount,def=/sys/fs/cgroup/net_cls" json:"cgroup_net_cls_mount,omitempty"`
// Writeable directory (for the nsjail user) under cgroup_net_mount
CgroupNetClsParent *string `protobuf:"bytes,69,opt,name=cgroup_net_cls_parent,json=cgroupNetClsParent,def=NSJAIL" json:"cgroup_net_cls_parent,omitempty"`
// If > 0 number of milliseconds of CPU that jail processes can use per each second
CgroupCpuMsPerSec *uint32 `protobuf:"varint,70,opt,name=cgroup_cpu_ms_per_sec,json=cgroupCpuMsPerSec,def=0" json:"cgroup_cpu_ms_per_sec,omitempty"`
// Mount point for cgroups-cpu in your system
CgroupCpuMount *string `protobuf:"bytes,71,opt,name=cgroup_cpu_mount,json=cgroupCpuMount,def=/sys/fs/cgroup/cpu" json:"cgroup_cpu_mount,omitempty"`
// Writeable directory (for the nsjail user) under cgroup_cpu_mount
CgroupCpuParent *string `protobuf:"bytes,72,opt,name=cgroup_cpu_parent,json=cgroupCpuParent,def=NSJAIL" json:"cgroup_cpu_parent,omitempty"`
// Should the 'lo' interface be brought up (active) inside this jail?
IfaceNoLo *bool `protobuf:"varint,73,opt,name=iface_no_lo,json=ifaceNoLo,def=0" json:"iface_no_lo,omitempty"`
// Put this interface inside the jail
IfaceOwn []string `protobuf:"bytes,74,rep,name=iface_own,json=ifaceOwn" json:"iface_own,omitempty"`
// Parameters for the cloned MACVLAN interface inside jail
MacvlanIface *string `protobuf:"bytes,75,opt,name=macvlan_iface,json=macvlanIface" json:"macvlan_iface,omitempty"`
MacvlanVsIp *string `protobuf:"bytes,76,opt,name=macvlan_vs_ip,json=macvlanVsIp,def=192.168.0.2" json:"macvlan_vs_ip,omitempty"`
MacvlanVsNm *string `protobuf:"bytes,77,opt,name=macvlan_vs_nm,json=macvlanVsNm,def=255.255.255.0" json:"macvlan_vs_nm,omitempty"`
MacvlanVsGw *string `protobuf:"bytes,78,opt,name=macvlan_vs_gw,json=macvlanVsGw,def=192.168.0.1" json:"macvlan_vs_gw,omitempty"`
MacvlanVsMa *string `protobuf:"bytes,79,opt,name=macvlan_vs_ma,json=macvlanVsMa,def=" json:"macvlan_vs_ma,omitempty"`
// Binary path (with arguments) to be executed. If not specified here, it
//can be specified with cmd-line as "-- /path/to/command arg1 arg2"
ExecBin *Exe `protobuf:"bytes,80,opt,name=exec_bin,json=execBin" json:"exec_bin,omitempty"`
XXX_NoUnkeyedLiteral struct{} `json:"-"`
XXX_unrecognized []byte `json:"-"`
XXX_sizecache int32 `json:"-"`
}
func (m *NsJailConfig) Reset() { *m = NsJailConfig{} }
func (m *NsJailConfig) String() string { return proto.CompactTextString(m) }
func (*NsJailConfig) ProtoMessage() {}
func (*NsJailConfig) Descriptor() ([]byte, []int) {
return fileDescriptor_82b7e3129c410694, []int{3}
}
func (m *NsJailConfig) XXX_Unmarshal(b []byte) error {
return xxx_messageInfo_NsJailConfig.Unmarshal(m, b)
}
func (m *NsJailConfig) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
return xxx_messageInfo_NsJailConfig.Marshal(b, m, deterministic)
}
func (m *NsJailConfig) XXX_Merge(src proto.Message) {
xxx_messageInfo_NsJailConfig.Merge(m, src)
}
func (m *NsJailConfig) XXX_Size() int {
return xxx_messageInfo_NsJailConfig.Size(m)
}
func (m *NsJailConfig) XXX_DiscardUnknown() {
xxx_messageInfo_NsJailConfig.DiscardUnknown(m)
}
var xxx_messageInfo_NsJailConfig proto.InternalMessageInfo
const Default_NsJailConfig_Mode Mode = Mode_ONCE
const Default_NsJailConfig_IsRootRw bool = false
const Default_NsJailConfig_Hostname string = "NSJAIL"
const Default_NsJailConfig_Cwd string = "/"
const Default_NsJailConfig_Port uint32 = 0
const Default_NsJailConfig_Bindhost string = "::"
const Default_NsJailConfig_MaxConnsPerIp uint32 = 0
const Default_NsJailConfig_TimeLimit uint32 = 600
const Default_NsJailConfig_Daemon bool = false
const Default_NsJailConfig_MaxCpus uint32 = 0
const Default_NsJailConfig_KeepEnv bool = false
const Default_NsJailConfig_KeepCaps bool = false
const Default_NsJailConfig_Silent bool = false
const Default_NsJailConfig_SkipSetsid bool = false
const Default_NsJailConfig_StderrToNull bool = false
const Default_NsJailConfig_DisableNoNewPrivs bool = false
const Default_NsJailConfig_RlimitAs uint64 = 512
const Default_NsJailConfig_RlimitAsType RLimit = RLimit_VALUE
const Default_NsJailConfig_RlimitCore uint64 = 0
const Default_NsJailConfig_RlimitCoreType RLimit = RLimit_VALUE
const Default_NsJailConfig_RlimitCpu uint64 = 600
const Default_NsJailConfig_RlimitCpuType RLimit = RLimit_VALUE
const Default_NsJailConfig_RlimitFsize uint64 = 1
const Default_NsJailConfig_RlimitFsizeType RLimit = RLimit_VALUE
const Default_NsJailConfig_RlimitNofile uint64 = 32
const Default_NsJailConfig_RlimitNofileType RLimit = RLimit_VALUE
const Default_NsJailConfig_RlimitNproc uint64 = 1024
const Default_NsJailConfig_RlimitNprocType RLimit = RLimit_SOFT
const Default_NsJailConfig_RlimitStack uint64 = 1048576
const Default_NsJailConfig_RlimitStackType RLimit = RLimit_SOFT
const Default_NsJailConfig_PersonaAddrCompatLayout bool = false
const Default_NsJailConfig_PersonaMmapPageZero bool = false
const Default_NsJailConfig_PersonaReadImpliesExec bool = false
const Default_NsJailConfig_PersonaAddrLimit_3Gb bool = false
const Default_NsJailConfig_PersonaAddrNoRandomize bool = false
const Default_NsJailConfig_CloneNewnet bool = true
const Default_NsJailConfig_CloneNewuser bool = true
const Default_NsJailConfig_CloneNewns bool = true
const Default_NsJailConfig_CloneNewpid bool = true
const Default_NsJailConfig_CloneNewipc bool = true
const Default_NsJailConfig_CloneNewuts bool = true
const Default_NsJailConfig_CloneNewcgroup bool = true
const Default_NsJailConfig_MountProc bool = false
const Default_NsJailConfig_SeccompLog bool = false
const Default_NsJailConfig_CgroupMemMax uint64 = 0
const Default_NsJailConfig_CgroupMemMount string = "/sys/fs/cgroup/memory"
const Default_NsJailConfig_CgroupMemParent string = "NSJAIL"
const Default_NsJailConfig_CgroupPidsMax uint64 = 0
const Default_NsJailConfig_CgroupPidsMount string = "/sys/fs/cgroup/pids"
const Default_NsJailConfig_CgroupPidsParent string = "NSJAIL"
const Default_NsJailConfig_CgroupNetClsClassid uint32 = 0
const Default_NsJailConfig_CgroupNetClsMount string = "/sys/fs/cgroup/net_cls"
const Default_NsJailConfig_CgroupNetClsParent string = "NSJAIL"
const Default_NsJailConfig_CgroupCpuMsPerSec uint32 = 0
const Default_NsJailConfig_CgroupCpuMount string = "/sys/fs/cgroup/cpu"
const Default_NsJailConfig_CgroupCpuParent string = "NSJAIL"
const Default_NsJailConfig_IfaceNoLo bool = false
const Default_NsJailConfig_MacvlanVsIp string = "192.168.0.2"
const Default_NsJailConfig_MacvlanVsNm string = "255.255.255.0"
const Default_NsJailConfig_MacvlanVsGw string = "192.168.0.1"
func (m *NsJailConfig) GetName() string {
if m != nil && m.Name != nil {
return *m.Name
}
return ""
}
func (m *NsJailConfig) GetDescription() []string {
if m != nil {
return m.Description
}
return nil
}
func (m *NsJailConfig) GetMode() Mode {
if m != nil && m.Mode != nil {
return *m.Mode
}
return Default_NsJailConfig_Mode
}
// Deprecated: Do not use.
func (m *NsJailConfig) GetChrootDir() string {
if m != nil && m.ChrootDir != nil {
return *m.ChrootDir
}
return ""
}
// Deprecated: Do not use.
func (m *NsJailConfig) GetIsRootRw() bool {
if m != nil && m.IsRootRw != nil {
return *m.IsRootRw
}
return Default_NsJailConfig_IsRootRw
}
func (m *NsJailConfig) GetHostname() string {
if m != nil && m.Hostname != nil {
return *m.Hostname
}
return Default_NsJailConfig_Hostname
}
func (m *NsJailConfig) GetCwd() string {
if m != nil && m.Cwd != nil {
return *m.Cwd
}
return Default_NsJailConfig_Cwd
}
func (m *NsJailConfig) GetPort() uint32 {
if m != nil && m.Port != nil {
return *m.Port
}
return Default_NsJailConfig_Port
}
func (m *NsJailConfig) GetBindhost() string {
if m != nil && m.Bindhost != nil {
return *m.Bindhost
}
return Default_NsJailConfig_Bindhost
}
func (m *NsJailConfig) GetMaxConnsPerIp() uint32 {
if m != nil && m.MaxConnsPerIp != nil {
return *m.MaxConnsPerIp
}
return Default_NsJailConfig_MaxConnsPerIp
}
func (m *NsJailConfig) GetTimeLimit() uint32 {
if m != nil && m.TimeLimit != nil {
return *m.TimeLimit
}
return Default_NsJailConfig_TimeLimit
}
func (m *NsJailConfig) GetDaemon() bool {
if m != nil && m.Daemon != nil {
return *m.Daemon
}
return Default_NsJailConfig_Daemon
}
func (m *NsJailConfig) GetMaxCpus() uint32 {
if m != nil && m.MaxCpus != nil {
return *m.MaxCpus
}
return Default_NsJailConfig_MaxCpus
}
func (m *NsJailConfig) GetLogFd() int32 {
if m != nil && m.LogFd != nil {
return *m.LogFd
}
return 0
}
func (m *NsJailConfig) GetLogFile() string {
if m != nil && m.LogFile != nil {
return *m.LogFile
}
return ""
}
func (m *NsJailConfig) GetLogLevel() LogLevel {
if m != nil && m.LogLevel != nil {
return *m.LogLevel
}
return LogLevel_DEBUG
}
func (m *NsJailConfig) GetKeepEnv() bool {
if m != nil && m.KeepEnv != nil {
return *m.KeepEnv
}
return Default_NsJailConfig_KeepEnv
}
func (m *NsJailConfig) GetEnvar() []string {
if m != nil {
return m.Envar
}
return nil
}
func (m *NsJailConfig) GetKeepCaps() bool {
if m != nil && m.KeepCaps != nil {
return *m.KeepCaps
}
return Default_NsJailConfig_KeepCaps
}
func (m *NsJailConfig) GetCap() []string {
if m != nil {
return m.Cap
}
return nil
}
func (m *NsJailConfig) GetSilent() bool {
if m != nil && m.Silent != nil {
return *m.Silent
}
return Default_NsJailConfig_Silent
}
func (m *NsJailConfig) GetSkipSetsid() bool {
if m != nil && m.SkipSetsid != nil {
return *m.SkipSetsid
}
return Default_NsJailConfig_SkipSetsid
}
func (m *NsJailConfig) GetStderrToNull() bool {
if m != nil && m.StderrToNull != nil {
return *m.StderrToNull
}
return Default_NsJailConfig_StderrToNull
}
func (m *NsJailConfig) GetPassFd() []int32 {
if m != nil {
return m.PassFd
}
return nil
}
func (m *NsJailConfig) GetDisableNoNewPrivs() bool {
if m != nil && m.DisableNoNewPrivs != nil {
return *m.DisableNoNewPrivs
}
return Default_NsJailConfig_DisableNoNewPrivs
}
func (m *NsJailConfig) GetRlimitAs() uint64 {
if m != nil && m.RlimitAs != nil {
return *m.RlimitAs
}
return Default_NsJailConfig_RlimitAs
}
func (m *NsJailConfig) GetRlimitAsType() RLimit {
if m != nil && m.RlimitAsType != nil {
return *m.RlimitAsType
}
return Default_NsJailConfig_RlimitAsType
}
func (m *NsJailConfig) GetRlimitCore() uint64 {
if m != nil && m.RlimitCore != nil {
return *m.RlimitCore
}
return Default_NsJailConfig_RlimitCore
}
func (m *NsJailConfig) GetRlimitCoreType() RLimit {
if m != nil && m.RlimitCoreType != nil {
return *m.RlimitCoreType
}
return Default_NsJailConfig_RlimitCoreType
}
func (m *NsJailConfig) GetRlimitCpu() uint64 {
if m != nil && m.RlimitCpu != nil {
return *m.RlimitCpu
}
return Default_NsJailConfig_RlimitCpu
}
func (m *NsJailConfig) GetRlimitCpuType() RLimit {
if m != nil && m.RlimitCpuType != nil {
return *m.RlimitCpuType
}
return Default_NsJailConfig_RlimitCpuType
}
func (m *NsJailConfig) GetRlimitFsize() uint64 {
if m != nil && m.RlimitFsize != nil {
return *m.RlimitFsize
}
return Default_NsJailConfig_RlimitFsize
}
func (m *NsJailConfig) GetRlimitFsizeType() RLimit {
if m != nil && m.RlimitFsizeType != nil {
return *m.RlimitFsizeType
}
return Default_NsJailConfig_RlimitFsizeType
}
func (m *NsJailConfig) GetRlimitNofile() uint64 {
if m != nil && m.RlimitNofile != nil {
return *m.RlimitNofile
}
return Default_NsJailConfig_RlimitNofile
}
func (m *NsJailConfig) GetRlimitNofileType() RLimit {
if m != nil && m.RlimitNofileType != nil {
return *m.RlimitNofileType
}
return Default_NsJailConfig_RlimitNofileType
}
func (m *NsJailConfig) GetRlimitNproc() uint64 {
if m != nil && m.RlimitNproc != nil {
return *m.RlimitNproc
}
return Default_NsJailConfig_RlimitNproc
}
func (m *NsJailConfig) GetRlimitNprocType() RLimit {
if m != nil && m.RlimitNprocType != nil {
return *m.RlimitNprocType
}
return Default_NsJailConfig_RlimitNprocType
}
func (m *NsJailConfig) GetRlimitStack() uint64 {
if m != nil && m.RlimitStack != nil {
return *m.RlimitStack
}
return Default_NsJailConfig_RlimitStack
}
func (m *NsJailConfig) GetRlimitStackType() RLimit {
if m != nil && m.RlimitStackType != nil {
return *m.RlimitStackType
}
return Default_NsJailConfig_RlimitStackType
}
func (m *NsJailConfig) GetPersonaAddrCompatLayout() bool {
if m != nil && m.PersonaAddrCompatLayout != nil {
return *m.PersonaAddrCompatLayout
}
return Default_NsJailConfig_PersonaAddrCompatLayout
}
func (m *NsJailConfig) GetPersonaMmapPageZero() bool {
if m != nil && m.PersonaMmapPageZero != nil {
return *m.PersonaMmapPageZero
}
return Default_NsJailConfig_PersonaMmapPageZero
}
func (m *NsJailConfig) GetPersonaReadImpliesExec() bool {
if m != nil && m.PersonaReadImpliesExec != nil {
return *m.PersonaReadImpliesExec
}
return Default_NsJailConfig_PersonaReadImpliesExec
}
func (m *NsJailConfig) GetPersonaAddrLimit_3Gb() bool {
if m != nil && m.PersonaAddrLimit_3Gb != nil {
return *m.PersonaAddrLimit_3Gb
}
return Default_NsJailConfig_PersonaAddrLimit_3Gb
}
func (m *NsJailConfig) GetPersonaAddrNoRandomize() bool {
if m != nil && m.PersonaAddrNoRandomize != nil {
return *m.PersonaAddrNoRandomize
}
return Default_NsJailConfig_PersonaAddrNoRandomize
}
func (m *NsJailConfig) GetCloneNewnet() bool {
if m != nil && m.CloneNewnet != nil {
return *m.CloneNewnet
}
return Default_NsJailConfig_CloneNewnet
}
func (m *NsJailConfig) GetCloneNewuser() bool {
if m != nil && m.CloneNewuser != nil {
return *m.CloneNewuser
}
return Default_NsJailConfig_CloneNewuser
}
func (m *NsJailConfig) GetCloneNewns() bool {
if m != nil && m.CloneNewns != nil {
return *m.CloneNewns
}
return Default_NsJailConfig_CloneNewns
}
func (m *NsJailConfig) GetCloneNewpid() bool {
if m != nil && m.CloneNewpid != nil {
return *m.CloneNewpid
}
return Default_NsJailConfig_CloneNewpid
}
func (m *NsJailConfig) GetCloneNewipc() bool {
if m != nil && m.CloneNewipc != nil {
return *m.CloneNewipc
}
return Default_NsJailConfig_CloneNewipc
}
func (m *NsJailConfig) GetCloneNewuts() bool {
if m != nil && m.CloneNewuts != nil {
return *m.CloneNewuts
}
return Default_NsJailConfig_CloneNewuts
}
func (m *NsJailConfig) GetCloneNewcgroup() bool {
if m != nil && m.CloneNewcgroup != nil {
return *m.CloneNewcgroup
}
return Default_NsJailConfig_CloneNewcgroup
}
func (m *NsJailConfig) GetUidmap() []*IdMap {
if m != nil {
return m.Uidmap
}
return nil
}
func (m *NsJailConfig) GetGidmap() []*IdMap {
if m != nil {
return m.Gidmap
}
return nil
}
func (m *NsJailConfig) GetMountProc() bool {
if m != nil && m.MountProc != nil {
return *m.MountProc
}
return Default_NsJailConfig_MountProc
}
func (m *NsJailConfig) GetMount() []*MountPt {
if m != nil {
return m.Mount
}
return nil
}
func (m *NsJailConfig) GetSeccompPolicyFile() string {
if m != nil && m.SeccompPolicyFile != nil {
return *m.SeccompPolicyFile
}
return ""
}
func (m *NsJailConfig) GetSeccompString() []string {
if m != nil {
return m.SeccompString
}
return nil
}
func (m *NsJailConfig) GetSeccompLog() bool {
if m != nil && m.SeccompLog != nil {
return *m.SeccompLog
}
return Default_NsJailConfig_SeccompLog
}
func (m *NsJailConfig) GetCgroupMemMax() uint64 {
if m != nil && m.CgroupMemMax != nil {
return *m.CgroupMemMax
}
return Default_NsJailConfig_CgroupMemMax
}
func (m *NsJailConfig) GetCgroupMemMount() string {
if m != nil && m.CgroupMemMount != nil {
return *m.CgroupMemMount
}
return Default_NsJailConfig_CgroupMemMount
}
func (m *NsJailConfig) GetCgroupMemParent() string {
if m != nil && m.CgroupMemParent != nil {
return *m.CgroupMemParent
}
return Default_NsJailConfig_CgroupMemParent
}
func (m *NsJailConfig) GetCgroupPidsMax() uint64 {
if m != nil && m.CgroupPidsMax != nil {
return *m.CgroupPidsMax
}
return Default_NsJailConfig_CgroupPidsMax
}
func (m *NsJailConfig) GetCgroupPidsMount() string {
if m != nil && m.CgroupPidsMount != nil {
return *m.CgroupPidsMount
}
return Default_NsJailConfig_CgroupPidsMount
}
func (m *NsJailConfig) GetCgroupPidsParent() string {
if m != nil && m.CgroupPidsParent != nil {
return *m.CgroupPidsParent
}
return Default_NsJailConfig_CgroupPidsParent
}
func (m *NsJailConfig) GetCgroupNetClsClassid() uint32 {
if m != nil && m.CgroupNetClsClassid != nil {
return *m.CgroupNetClsClassid
}
return Default_NsJailConfig_CgroupNetClsClassid
}
func (m *NsJailConfig) GetCgroupNetClsMount() string {
if m != nil && m.CgroupNetClsMount != nil {
return *m.CgroupNetClsMount
}
return Default_NsJailConfig_CgroupNetClsMount
}
func (m *NsJailConfig) GetCgroupNetClsParent() string {
if m != nil && m.CgroupNetClsParent != nil {
return *m.CgroupNetClsParent
}
return Default_NsJailConfig_CgroupNetClsParent
}
func (m *NsJailConfig) GetCgroupCpuMsPerSec() uint32 {
if m != nil && m.CgroupCpuMsPerSec != nil {
return *m.CgroupCpuMsPerSec
}
return Default_NsJailConfig_CgroupCpuMsPerSec
}
func (m *NsJailConfig) GetCgroupCpuMount() string {
if m != nil && m.CgroupCpuMount != nil {
return *m.CgroupCpuMount
}
return Default_NsJailConfig_CgroupCpuMount
}
func (m *NsJailConfig) GetCgroupCpuParent() string {
if m != nil && m.CgroupCpuParent != nil {
return *m.CgroupCpuParent
}
return Default_NsJailConfig_CgroupCpuParent
}
func (m *NsJailConfig) GetIfaceNoLo() bool {
if m != nil && m.IfaceNoLo != nil {
return *m.IfaceNoLo
}
return Default_NsJailConfig_IfaceNoLo
}
func (m *NsJailConfig) GetIfaceOwn() []string {
if m != nil {
return m.IfaceOwn
}
return nil
}
func (m *NsJailConfig) GetMacvlanIface() string {
if m != nil && m.MacvlanIface != nil {
return *m.MacvlanIface
}
return ""
}
func (m *NsJailConfig) GetMacvlanVsIp() string {
if m != nil && m.MacvlanVsIp != nil {
return *m.MacvlanVsIp
}
return Default_NsJailConfig_MacvlanVsIp
}
func (m *NsJailConfig) GetMacvlanVsNm() string {
if m != nil && m.MacvlanVsNm != nil {
return *m.MacvlanVsNm
}
return Default_NsJailConfig_MacvlanVsNm
}
func (m *NsJailConfig) GetMacvlanVsGw() string {
if m != nil && m.MacvlanVsGw != nil {
return *m.MacvlanVsGw
}
return Default_NsJailConfig_MacvlanVsGw
}
func (m *NsJailConfig) GetMacvlanVsMa() string {
if m != nil && m.MacvlanVsMa != nil {
return *m.MacvlanVsMa
}
return ""
}
func (m *NsJailConfig) GetExecBin() *Exe {
if m != nil {
return m.ExecBin
}
return nil
}
func init() {
proto.RegisterEnum("nsjail.Mode", Mode_name, Mode_value)
proto.RegisterEnum("nsjail.LogLevel", LogLevel_name, LogLevel_value)
proto.RegisterEnum("nsjail.RLimit", RLimit_name, RLimit_value)
proto.RegisterType((*IdMap)(nil), "nsjail.IdMap")
proto.RegisterType((*MountPt)(nil), "nsjail.MountPt")
proto.RegisterType((*Exe)(nil), "nsjail.Exe")
proto.RegisterType((*NsJailConfig)(nil), "nsjail.NsJailConfig")
}
func init() { proto.RegisterFile("nsjail/config.proto", fileDescriptor_82b7e3129c410694) }
var fileDescriptor_82b7e3129c410694 = []byte{
// 2041 bytes of a gzipped FileDescriptorProto
0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x84, 0x57, 0x6d, 0x73, 0xd3, 0x48,
0x12, 0x5e, 0xc7, 0xef, 0xed, 0x97, 0x38, 0x13, 0x02, 0x03, 0x2c, 0xac, 0xc9, 0x12, 0x30, 0xd9,
0x23, 0x71, 0x1c, 0xc8, 0x82, 0x77, 0xf7, 0x96, 0xc4, 0x38, 0xac, 0x39, 0xc7, 0x49, 0x29, 0xc0,
0x5d, 0xdd, 0x17, 0x95, 0x90, 0x26, 0x66, 0x0e, 0x49, 0xa3, 0xd2, 0x48, 0x71, 0xb2, 0x3f, 0xe1,
0x3e, 0xdd, 0x1f, 0xbb, 0xff, 0x74, 0x35, 0x3d, 0x92, 0x23, 0xa7, 0x52, 0xdc, 0x07, 0x57, 0x79,
0xba, 0x9f, 0xa7, 0x9f, 0x9e, 0x99, 0x9e, 0x99, 0x16, 0xac, 0xfa, 0xf2, 0x5f, 0x16, 0x77, 0xb7,
0x6d, 0xe1, 0x9f, 0xf1, 0xe9, 0x56, 0x10, 0x8a, 0x48, 0x90, 0x92, 0x36, 0xae, 0xff, 0x3b, 0x07,
0xc5, 0x91, 0x73, 0x64, 0x05, 0xe4, 0x01, 0x54, 0xb9, 0x2f, 0xb9, 0xc3, 0x4c, 0xee, 0xd0, 0x5c,
0x3b, 0xd7, 0xa9, 0xf6, 0xbf, 0x33, 0x2a, 0xda, 0x34, 0x72, 0xc8, 0x0f, 0x00, 0x22, 0x8e, 0x52,
0xff, 0x52, 0xe2, 0xaf, 0x26, 0xb6, 0x91, 0x43, 0xee, 0x40, 0xd1, 0x16, 0xb1, 0x1f, 0xd1, 0x7c,
0x3b, 0xd7, 0x69, 0xf4, 0x73, 0x3b, 0x86, 0x1e, 0x93, 0x0e, 0xd4, 0x63, 0xc9, 0x4c, 0x9f, 0xcd,
0xb8, 0xe3, 0x59, 0x01, 0x2d, 0xb4, 0x73, 0x9d, 0x4a, 0xbf, 0x78, 0x66, 0xb9, 0x92, 0x19, 0xb5,
0x58, 0xb2, 0x49, 0xe2, 0x59, 0xff, 0x6f, 0x1e, 0xca, 0x47, 0x8a, 0x73, 0x12, 0x11, 0x02, 0x79,
0x19, 0xda, 0xf3, 0x44, 0xd4, 0x80, 0x3c, 0x81, 0x66, 0x10, 0xb2, 0x33, 0x7e, 0x61, 0xca, 0xd0,
0x36, 0x99, 0x7f, 0x3e, 0xcf, 0xa3, 0xae, 0xed, 0xa7, 0xa1, 0x3d, 0xf4, 0xcf, 0xc9, 0x23, 0xa8,
0x29, 0x80, 0x2d, 0xfc, 0x88, 0x25, 0x09, 0xd5, 0xfb, 0xdf, 0x19, 0x20, 0x43, 0x7b, 0xa0, 0x6d,
0x2a, 0xbc, 0x23, 0x23, 0x5a, 0x68, 0x2f, 0xe9, 0xf0, 0x8e, 0x8c, 0x32, 0xe1, 0x1d, 0x19, 0x61,
0xf8, 0xe2, 0x62, 0xf8, 0xb7, 0x32, 0x52, 0xe1, 0x29, 0x94, 0xce, 0x64, 0x74, 0x19, 0x30, 0x5a,
0x4a, 0xfc, 0xc9, 0x98, 0xdc, 0x83, 0xb2, 0x08, 0x22, 0x2e, 0x7c, 0x49, 0xcb, 0x89, 0x2b, 0x35,
0x90, 0x87, 0x50, 0xe6, 0xd2, 0xfc, 0xcc, 0x7d, 0x87, 0x56, 0xb2, 0x2b, 0x50, 0xe2, 0xf2, 0x80,
0xfb, 0x0e, 0x59, 0x83, 0xa5, 0x70, 0x46, 0xab, 0x59, 0xd7, 0x52, 0x38, 0x23, 0x6b, 0x50, 0xe2,
0xd2, 0x74, 0x78, 0x48, 0x41, 0xb9, 0x8c, 0x22, 0x97, 0x6f, 0x79, 0x48, 0xd6, 0xa1, 0xea, 0x59,
0xbe, 0x63, 0x45, 0x22, 0xbc, 0xa4, 0x35, 0x24, 0x15, 0xa2, 0x30, 0x66, 0xc6, 0x95, 0x99, 0x3c,
0x06, 0xe0, 0xd2, 0x94, 0x97, 0x9e, 0xcb, 0xfd, 0xaf, 0xb4, 0x9e, 0x8d, 0x5c, 0xe5, 0xf2, 0x54,
0xdb, 0xc9, 0x03, 0x28, 0xf9, 0x42, 0xc6, 0xdc, 0xa1, 0x8d, 0x85, 0xb4, 0xb4, 0x91, 0xdc, 0x87,
0xa2, 0x2f, 0x1c, 0x76, 0x4e, 0x9b, 0x59, 0xaf, 0xb6, 0x69, 0x2e, 0xbb, 0x60, 0x36, 0x5d, 0xbe,
0xc6, 0x55, 0xc6, 0x75, 0x13, 0xf2, 0xc3, 0x0b, 0x46, 0x08, 0x14, 0x02, 0x2b, 0xfa, 0x42, 0x73,
0x6a, 0xb1, 0x0d, 0xfc, 0x4f, 0x5a, 0x90, 0xb7, 0xc2, 0x29, 0x5d, 0x6a, 0xe7, 0x3b, 0x55, 0x43,
0xfd, 0x55, 0x28, 0x2b, 0x9c, 0x76, 0x71, 0xb7, 0xaa, 0x06, 0xfe, 0x57, 0x6b, 0xa6, 0x02, 0x99,
0x67, 0xce, 0x62, 0xd5, 0x94, 0x94, 0xf5, 0xd0, 0x59, 0xff, 0xcf, 0x7d, 0xa8, 0x4f, 0xe4, 0x7b,
0x8b, 0xbb, 0x03, 0x2c, 0x6e, 0x72, 0x0b, 0x0a, 0xbe, 0xe5, 0xb1, 0x79, 0xd9, 0xe0, 0x88, 0xb4,
0xa1, 0xe6, 0x30, 0x69, 0x87, 0x1c, 0xb7, 0x22, 0x11, 0xcd, 0x9a, 0xc8, 0x13, 0x28, 0x78, 0xc2,
0x61, 0x28, 0xde, 0xec, 0xd5, 0xb7, 0xf4, 0xe9, 0xd8, 0x3a, 0x12, 0x0e, 0xeb, 0x17, 0x8e, 0x27,
0x83, 0xa1, 0x81, 0x7e, 0xf2, 0x08, 0xc0, 0xfe, 0x12, 0x0a, 0x11, 0xe1, 0x8e, 0xa8, 0x9c, 0xaa,
0x07, 0x4b, 0x34, 0x67, 0x54, 0xb5, 0x55, 0xed, 0xcc, 0x53, 0x5c, 0x75, 0xc4, 0x84, 0x33, 0xac,
0xa0, 0x34, 0x6d, 0x44, 0x56, 0xb8, 0x34, 0x84, 0x88, 0x8c, 0x19, 0x59, 0x87, 0xca, 0x17, 0x21,
0x23, 0xcc, 0xb7, 0x82, 0xf9, 0x96, 0x26, 0xa7, 0xef, 0xf7, 0x47, 0x63, 0x63, 0x6e, 0x27, 0xab,
0x90, 0xb7, 0x67, 0x0e, 0x56, 0x45, 0xb5, 0x9f, 0xdb, 0x36, 0xd4, 0x88, 0xac, 0x41, 0x21, 0x10,
0x61, 0x84, 0x05, 0xd1, 0xe8, 0xe7, 0xba, 0x06, 0x0e, 0xc9, 0x43, 0xa8, 0xa8, 0xea, 0x52, 0x5c,
0xac, 0x88, 0x6a, 0x7f, 0xa9, 0xdf, 0x37, 0xe6, 0x36, 0xb2, 0x09, 0x2d, 0xcf, 0xba, 0x50, 0xa7,
0xc2, 0x97, 0x66, 0xc0, 0x42, 0x93, 0x07, 0x58, 0x14, 0x18, 0xa2, 0xe1, 0x59, 0x17, 0x03, 0xe5,
0x39, 0x61, 0xe1, 0x28, 0x20, 0xeb, 0x00, 0x11, 0xf7, 0x98, 0xe9, 0x72, 0x8f, 0x47, 0x58, 0x18,
0x8d, 0x7e, 0x7e, 0xaf, 0xdb, 0x35, 0xaa, 0xca, 0x3c, 0x56, 0x56, 0xb5, 0xf9, 0x8e, 0xc5, 0x3c,
0xe1, 0x2f, 0x96, 0x46, 0x62, 0x24, 0xdf, 0x43, 0x05, 0xe5, 0x82, 0x58, 0x62, 0x75, 0xa0, 0x4c,
0x59, 0xc9, 0x04, 0xb1, 0x54, 0x65, 0xed, 0x8a, 0xa9, 0xda, 0xd8, 0x56, 0x3b, 0xd7, 0x29, 0x1a,
0x45, 0x57, 0x4c, 0x0f, 0x1d, 0x72, 0x17, 0x2a, 0x68, 0xe6, 0x2e, 0xa3, 0x2b, 0x58, 0x08, 0x65,
0xe5, 0xe0, 0x2e, 0x23, 0xcf, 0xa1, 0xaa, 0x5c, 0x2e, 0x3b, 0x67, 0x2e, 0x25, 0xb8, 0x4f, 0xad,
0x74, 0x9f, 0xc6, 0x62, 0x3a, 0x56, 0x76, 0x43, 0xb1, 0xf1, 0x1f, 0x69, 0x43, 0xe5, 0x2b, 0x63,
0x01, 0x1e, 0xe3, 0xd5, 0x6c, 0x7e, 0x65, 0x65, 0x56, 0xc7, 0xf8, 0x16, 0x14, 0x99, 0x7f, 0x6e,
0x85, 0xf4, 0x16, 0xd6, 0x83, 0x1e, 0xa8, 0x83, 0x85, 0x3c, 0xdb, 0x0a, 0x24, 0x5d, 0xcb, 0x12,
0x31, 0xde, 0xc0, 0x0a, 0xa4, 0x2a, 0x5e, 0xdb, 0x0a, 0xe8, 0x6d, 0x5d, 0xbc, 0x36, 0x5e, 0x9e,
0x25, 0xc9, 0x5d, 0x75, 0xd9, 0xdc, 0x59, 0x58, 0x0b, 0x6d, 0x24, 0x4f, 0xa0, 0x26, 0xbf, 0xf2,
0xc0, 0x94, 0x4c, 0xdd, 0x96, 0x94, 0x66, 0x31, 0xa0, 0x3c, 0xa7, 0xe8, 0x20, 0x3f, 0x41, 0x53,
0x46, 0x0e, 0x0b, 0x43, 0x33, 0x12, 0xa6, 0x1f, 0xbb, 0x2e, 0xbd, 0x9b, 0x85, 0xd6, 0xb5, 0xf3,
0x83, 0x98, 0xc4, 0xae, 0x4b, 0xee, 0x40, 0x39, 0xb0, 0xa4, 0x54, 0x6b, 0x78, 0xaf, 0x9d, 0xef,
0x14, 0x8d, 0x92, 0x1a, 0x1e, 0x3a, 0x64, 0x0f, 0x6e, 0x39, 0x5c, 0x5a, 0x9f, 0x5d, 0x66, 0xfa,
0x42, 0xdd, 0xbb, 0x66, 0x10, 0xf2, 0x73, 0x49, 0xef, 0x67, 0x63, 0xad, 0x24, 0x90, 0x89, 0x98,
0xb0, 0xd9, 0x89, 0xf2, 0x93, 0x36, 0x54, 0x43, 0xdc, 0x70, 0xd3, 0x92, 0xf4, 0xfb, 0x76, 0xae,
0x53, 0xe8, 0xe7, 0x5f, 0xee, 0xf4, 0x8c, 0x8a, 0xb6, 0xee, 0x4b, 0xf2, 0x0b, 0x34, 0xe7, 0x08,
0x13, 0x6f, 0xc0, 0x07, 0xb8, 0x11, 0xcd, 0x74, 0x23, 0x0c, 0x2c, 0x8d, 0x7e, 0xf1, 0xd3, 0xfe,
0xf8, 0xe3, 0xd0, 0xa8, 0xa7, 0xc4, 0x0f, 0xea, 0x72, 0x5c, 0x87, 0x5a, 0x42, 0xb6, 0x45, 0xc8,
0xe8, 0x43, 0x14, 0xc8, 0x75, 0x0d, 0xd0, 0xd6, 0x81, 0x08, 0x19, 0xf9, 0x1d, 0x5a, 0x19, 0x8c,
0x96, 0xf8, 0xe1, 0x5b, 0x12, 0xcd, 0x2b, 0x72, 0x22, 0x02, 0x69, 0x80, 0x20, 0xa6, 0x6d, 0x3d,
0x09, 0x2c, 0xdc, 0x04, 0x18, 0xc4, 0xe4, 0x37, 0x58, 0xbe, 0xc2, 0x68, 0x8d, 0x47, 0xdf, 0xd2,
0x68, 0xcc, 0xa9, 0x28, 0xf1, 0x18, 0x92, 0x79, 0x99, 0x67, 0x92, 0xff, 0xc9, 0xe8, 0xba, 0x9e,
0xc8, 0x8e, 0x91, 0x4c, 0xef, 0x50, 0x59, 0xc9, 0x3e, 0xac, 0x64, 0x51, 0x5a, 0xe6, 0xc7, 0x6f,
0xc9, 0x2c, 0x67, 0xe8, 0x28, 0xf4, 0x14, 0x12, 0x65, 0xd3, 0x17, 0x78, 0x22, 0x1e, 0xa3, 0xd2,
0xd2, 0x6e, 0x2f, 0x5d, 0xd9, 0x09, 0xda, 0xc9, 0x00, 0xc8, 0x02, 0x50, 0x8b, 0x6d, 0x7c, 0x4b,
0xac, 0x95, 0x0d, 0x90, 0xa8, 0xa5, 0xd3, 0xf2, 0x83, 0x50, 0xd8, 0xf4, 0x09, 0x8a, 0x15, 0x76,
0xba, 0xbd, 0x17, 0xe9, 0xcc, 0x26, 0xca, 0x41, 0xde, 0xcc, 0x67, 0x86, 0x40, 0x2d, 0xf6, 0xf4,
0x46, 0xb1, 0xc2, 0xe9, 0xf1, 0xe1, 0x87, 0x74, 0x62, 0xc8, 0x46, 0xa9, 0xcd, 0xb9, 0x94, 0x8c,
0x2c, 0xfb, 0x2b, 0xed, 0xa0, 0x54, 0x79, 0xa7, 0xfb, 0xe2, 0xd5, 0xcb, 0x9f, 0xf7, 0x52, 0xb5,
0x53, 0xe5, 0xcb, 0xa8, 0x21, 0x56, 0xab, 0x3d, 0xfb, 0xff, 0x6a, 0xc8, 0x46, 0xb5, 0x03, 0xb8,
0x17, 0xb0, 0x50, 0x0a, 0xdf, 0x32, 0x2d, 0xc7, 0x09, 0x4d, 0x5b, 0x78, 0x81, 0x15, 0x99, 0xae,
0x75, 0x29, 0xe2, 0x88, 0x6e, 0x66, 0x0f, 0xc5, 0x9d, 0x04, 0xb8, 0xef, 0x38, 0xe1, 0x00, 0x61,
0x63, 0x44, 0x91, 0x3e, 0xdc, 0x4e, 0x63, 0x78, 0x9e, 0x15, 0x98, 0x81, 0x35, 0x65, 0xe6, 0x9f,
0x2c, 0x14, 0xf4, 0xa7, 0x2c, 0x7f, 0x35, 0x01, 0x1d, 0x79, 0x56, 0x70, 0x62, 0x4d, 0xd9, 0x3f,
0x59, 0x28, 0xc8, 0x1b, 0xb8, 0x9b, 0x72, 0x43, 0x66, 0x39, 0x26, 0xf7, 0x02, 0x97, 0x33, 0x69,
0xe2, 0xbb, 0xf9, 0x97, 0x2c, 0x3d, 0xd5, 0x30, 0x98, 0xe5, 0x8c, 0x34, 0x6a, 0x78, 0xc1, 0xec,
0xac, 0x3a, 0xce, 0x40, 0xaf, 0xc7, 0xee, 0xf4, 0x33, 0x7d, 0x7e, 0x93, 0xba, 0xca, 0x1e, 0x57,
0x64, 0x77, 0xfa, 0x39, 0xab, 0x8e, 0x5c, 0x5f, 0x98, 0xa1, 0xe5, 0x3b, 0xc2, 0x53, 0xa5, 0xbb,
0x75, 0x93, 0xba, 0xa2, 0x4f, 0x84, 0x91, 0x82, 0x54, 0x61, 0xd8, 0xae, 0xf0, 0xb1, 0x83, 0xf3,
0x59, 0x44, 0xb7, 0x33, 0xdd, 0x46, 0x0d, 0x3d, 0x13, 0x74, 0x90, 0x67, 0xd0, 0x98, 0x03, 0x63,
0xc9, 0x42, 0xda, 0xcd, 0x20, 0xeb, 0x29, 0x52, 0x79, 0xc8, 0x06, 0xd4, 0xae, 0x62, 0x4a, 0xba,
0x93, 0x01, 0xc2, 0x3c, 0xa4, 0x5c, 0x90, 0x0e, 0xb8, 0x43, 0x7b, 0x37, 0x49, 0x07, 0xdc, 0x59,
0x00, 0xf2, 0xc0, 0xa6, 0xbb, 0x37, 0x01, 0x79, 0x60, 0x2f, 0x00, 0xe3, 0x48, 0xd2, 0x17, 0x37,
0x01, 0xe3, 0x48, 0x92, 0xe7, 0xb0, 0x3c, 0x07, 0xda, 0xd3, 0x50, 0xc4, 0x01, 0x7d, 0x99, 0xc1,
0x36, 0x53, 0xac, 0xf6, 0x91, 0x0d, 0x28, 0xc5, 0xba, 0xbd, 0xdd, 0x6b, 0xe7, 0x3b, 0xb5, 0x5e,
0x23, 0xad, 0x4d, 0x6c, 0xae, 0x8d, 0xc4, 0xa9, 0x60, 0x53, 0x0d, 0xfb, 0xf9, 0x46, 0x98, 0x76,
0xaa, 0xce, 0xcd, 0x53, 0x7d, 0xb0, 0x89, 0x27, 0xf1, 0xd5, 0x42, 0xe7, 0x86, 0x8e, 0x13, 0x75,
0x10, 0x37, 0xa0, 0x88, 0x03, 0xfa, 0x1a, 0x63, 0x2d, 0x5f, 0x75, 0x2d, 0xd8, 0x42, 0x1b, 0xda,
0x4b, 0xb6, 0x60, 0x55, 0x32, 0x5b, 0x55, 0xbd, 0x19, 0x08, 0x97, 0xdb, 0x97, 0xfa, 0x79, 0xed,
0xe3, 0xf3, 0xba, 0x92, 0xb8, 0x4e, 0xd0, 0x83, 0x0f, 0xed, 0x06, 0x34, 0x53, 0xbc, 0x8c, 0x42,
0xee, 0x4f, 0xe9, 0x2f, 0xf8, 0xd0, 0x35, 0x12, 0xeb, 0x29, 0x1a, 0xf1, 0x4d, 0x4b, 0x60, 0xae,
0x98, 0xd2, 0x5f, 0x17, 0xdf, 0x34, 0xed, 0x19, 0x8b, 0x29, 0x79, 0x0a, 0x4d, 0xbd, 0x46, 0xa6,
0xc7, 0x3c, 0xd3, 0xb3, 0x2e, 0xe8, 0x6f, 0xe9, 0xcd, 0x5f, 0xd7, 0x8e, 0x23, 0xe6, 0x1d, 0x59,
0x17, 0xea, 0xee, 0xcf, 0x02, 0x71, 0x66, 0x7f, 0xc5, 0x3e, 0x66, 0x6d, 0x5b, 0x5e, 0xca, 0xed,
0x33, 0xb9, 0xad, 0xfd, 0xdb, 0x1e, 0xf3, 0x44, 0x78, 0x69, 0x34, 0xaf, 0xe8, 0x38, 0xd1, 0x1e,
0xac, 0x64, 0x02, 0x04, 0x56, 0xa8, 0xde, 0xe3, 0xdf, 0x17, 0x3a, 0xab, 0xe5, 0x39, 0xe5, 0x04,
0xdd, 0xe4, 0x19, 0x24, 0x26, 0x33, 0xe0, 0x8e, 0xc4, 0xf4, 0xde, 0xa4, 0xe9, 0x35, 0xb4, 0xe7,
0x84, 0x3b, 0x52, 0xe7, 0xb7, 0xb2, 0x00, 0xc5, 0x04, 0xf7, 0x31, 0xfc, 0xea, 0xb5, 0x04, 0x15,
0x20, 0xd5, 0x42, 0x3a, 0xe6, 0xf7, 0x02, 0x48, 0x36, 0x40, 0x92, 0xe0, 0xc1, 0x42, 0x82, 0xad,
0x2b, 0x52, 0x92, 0xe1, 0x1e, 0xdc, 0x4e, 0x58, 0x3e, 0x8b, 0x4c, 0xdb, 0x95, 0xa6, 0xed, 0x5a,
0x52, 0xb5, 0x11, 0x83, 0xb4, 0xab, 0x5a, 0xd5, 0x80, 0x09, 0x8b, 0x06, 0xae, 0x1c, 0x68, 0x2f,
0x79, 0x07, 0xb7, 0xae, 0xf1, 0x74, 0xc6, 0x6f, 0x51, 0xef, 0xf6, 0xb5, 0x8c, 0x13, 0x8c, 0xb1,
0x92, 0x0d, 0xa5, 0xd3, 0x7e, 0x0d, 0x6b, 0xd7, 0x02, 0x25, 0x99, 0x0f, 0x17, 0x32, 0x27, 0x59,
0x66, 0x92, 0xfb, 0xee, 0x9c, 0xaa, 0x5e, 0x5a, 0x4f, 0xb7, 0x9d, 0x92, 0xd9, 0xf4, 0x30, 0x4d,
0x3d, 0xd1, 0x1b, 0x04, 0xf1, 0x91, 0x6a, 0x3d, 0x4f, 0x99, 0x4d, 0x7e, 0x9d, 0xd7, 0x01, 0x92,
0x30, 0xe9, 0x77, 0x28, 0x45, 0xae, 0x25, 0x6d, 0x07, 0x71, 0x5a, 0x04, 0x2a, 0xc0, 0xb5, 0x22,
0x50, 0xec, 0x24, 0xd3, 0x3f, 0x6e, 0x2a, 0x82, 0x41, 0x10, 0x27, 0x69, 0x6e, 0x40, 0x8d, 0x9f,
0x59, 0x36, 0xb6, 0x4b, 0xae, 0xa0, 0xa3, 0xc5, 0x2f, 0x25, 0xe5, 0x99, 0x88, 0xb1, 0x20, 0xf7,
0x41, 0x0f, 0x4c, 0x31, 0xf3, 0xe9, 0x7b, 0x3c, 0x13, 0x15, 0x34, 0x1c, 0xcf, 0x7c, 0xf2, 0x23,
0x34, 0x3c, 0xcb, 0x3e, 0x77, 0x2d, 0xdf, 0x44, 0x1b, 0xfd, 0x1b, 0x9e, 0xaf, 0x7a, 0x62, 0x1c,
0x29, 0x1b, 0xd9, 0xbe, 0x02, 0x9d, 0x4b, 0xd5, 0x7f, 0x8f, 0x31, 0xb1, 0xda, 0xce, 0xeb, 0xde,
0xd6, 0xce, 0xde, 0xab, 0xad, 0xee, 0x56, 0xcf, 0xa8, 0x25, 0x88, 0x4f, 0x72, 0x14, 0x90, 0x9d,
0x05, 0x82, 0xef, 0xd1, 0x23, 0x24, 0x34, 0x7a, 0x2f, 0x5f, 0x6e, 0xa5, 0xbf, 0x6e, 0x86, 0x32,
0xf1, 0xae, 0x69, 0x4c, 0x67, 0x74, 0x72, 0x5d, 0x63, 0x27, 0x43, 0x78, 0x37, 0x23, 0x8f, 0x17,
0x08, 0x9e, 0x45, 0x8f, 0x93, 0x8f, 0xa7, 0x2b, 0xd4, 0x91, 0x45, 0x9e, 0x40, 0x05, 0x3f, 0xc5,
0x3e, 0x73, 0x9f, 0x9e, 0xb4, 0x73, 0x9d, 0x5a, 0xaf, 0x96, 0xde, 0x37, 0xc3, 0x0b, 0x66, 0xe0,
0x77, 0xda, 0x01, 0xf7, 0x37, 0x77, 0xa1, 0xa0, 0xbe, 0x9a, 0x08, 0x40, 0x69, 0x3c, 0x3a, 0xfd,
0x30, 0x9c, 0xb4, 0xbe, 0x23, 0x15, 0xc0, 0x6f, 0xa8, 0x56, 0x8e, 0x54, 0xa1, 0x68, 0x0c, 0x8d,
0x8f, 0x93, 0xd6, 0x92, 0x02, 0x0c, 0xff, 0x31, 0x1c, 0x7c, 0x1a, 0xb6, 0xf2, 0x9b, 0x07, 0x50,
0x49, 0x5b, 0x78, 0x05, 0x79, 0x3b, 0x3c, 0xf8, 0xf8, 0x4e, 0xf3, 0x46, 0x93, 0xc3, 0xe3, 0x56,
0x8e, 0xd4, 0xa0, 0xfc, 0xf7, 0x7d, 0x63, 0x32, 0x9a, 0xbc, 0x6b, 0x2d, 0x29, 0xc4, 0xd0, 0x30,
0x8e, 0x8d, 0x56, 0x5e, 0xfd, 0x3d, 0xdc, 0xff, 0xb0, 0x3f, 0x6e, 0x15, 0x36, 0xbb, 0x50, 0xd2,
0x7d, 0x80, 0x32, 0x62, 0x93, 0xa3, 0x23, 0xa8, 0xa6, 0xa0, 0x95, 0x53, 0xff, 0xfe, 0xd8, 0x37,
0xde, 0xb6, 0x96, 0x48, 0x19, 0xf2, 0xa3, 0xc9, 0x61, 0x2b, 0xff, 0xbf, 0x00, 0x00, 0x00, 0xff,
0xff, 0x27, 0xf6, 0x8f, 0xb6, 0x19, 0x11, 0x00, 0x00,
}