diff --git a/KubeArmor/monitor/systemMonitor.go b/KubeArmor/monitor/systemMonitor.go index 1aa097591f..3df2804e8a 100644 --- a/KubeArmor/monitor/systemMonitor.go +++ b/KubeArmor/monitor/systemMonitor.go @@ -30,18 +30,15 @@ import ( // System Call Numbers const ( - SysOpen = 2 - SysOpenAt = 257 - SysClose = 3 - Sys_link = 85 - Sys_unlink = 86 - Sys_symlink = 87 - Sys_readlink = 88 - SysSocket = 41 - SysConnect = 42 - SysAccept = 43 - SysBind = 49 - SysListen = 50 + SysOpen = 2 + SysOpenAt = 257 + SysClose = 3 + + SysSocket = 41 + SysConnect = 42 + SysAccept = 43 + SysBind = 49 + SysListen = 50 SysExecve = 59 SysExecveAt = 322 diff --git a/contribution/k3s/install2.sh b/contribution/k3s/install2.sh deleted file mode 100755 index 7a6b415e77..0000000000 --- a/contribution/k3s/install2.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash -# SPDX-License-Identifier: Apache-2.0 -# Copyright 2021 Authors of KubeArmor - -# create a single-node K3s cluster - -KUBEDIR=$HOME/.kube -KUBECONFIG=$KUBEDIR/config - -[[ ! -d $KUBEDIR ]] && mkdir $HOME/.kube/ -if [ -f $KUBECONFIG ]; then - KUBECONFIGBKP=$KUBEDIR/config.backup - echo "Found $KUBECONFIG already in place ... backing it up to $KUBECONFIGBKP" - cp $KUBECONFIG $KUBECONFIGBKP -fi - -cp /etc/rancher/k3s/k3s.yaml $KUBEDIR/config - -echo "wait for initialization" -sleep 15 - -for (( ; ; )) -do - status=$(kubectl get pods -A -o jsonpath={.items[*].status.phase}) - [[ $(echo $status | grep -v Running | wc -l) -eq 0 ]] && break - echo "wait for initialization" - sleep 1 -done - -kubectl get pods -A diff --git a/contribution/k3s/~ b/contribution/k3s/~ deleted file mode 100644 index 51cc898169..0000000000 --- a/contribution/k3s/~ +++ /dev/null @@ -1,38 +0,0 @@ -*help.txt* For Vim version 7.4. Last change: 2016 Sep 07 - - VIM - fake help file for vim-tiny - -The Vim online help is not installed on this Debian GNU/Linux system. - -WHY ? - -Because only the "vim-tiny" package is installed, whose sole purpose is to -provide the vi command for base installations. As such, it contains a minimal -version of Vim compiled with no graphical user interface and a small subset of -features, in order to keep the package size small. - -Since the "vim-runtime" package is rather huge when compared to "vim-tiny", -installing the latter does not automatically install the former. - -HOW TO GET A BETTER VIM - -To get a more featureful Vim binary (and a vim command, rather than just vi), -install one of the following packages: vim, vim-nox, vim-athena, vim-gtk, or -vim-gtk3. - -HOW TO OBTAIN HELP - -either browse the Vim online help via web starting at - - http://vimhelp.appspot.com/help.txt.html#help.txt - -or ask your administrator to install the "vim-doc" package, which contains the - HTML version of the online help and browse it starting at - - /usr/share/doc/vim/html/index.html - -or ask your administrator to install the "vim-runtime" package, re-run vi and - access the online help again. Note that all the above mentioned Vim - variants other then "vim-tiny" automatically install the "vim-runtime" - package. If you don't suffer from disk space shortage using one of them is - recommended. diff --git a/contribution/self-managed-k8s/new.sh b/contribution/self-managed-k8s/new.sh deleted file mode 100644 index 1f25b43629..0000000000 --- a/contribution/self-managed-k8s/new.sh +++ /dev/null @@ -1,86 +0,0 @@ -#!/bin/bash -# SPDX-License-Identifier: Apache-2.0 -# Copyright 2021 Authors of KubeArmor - -. /etc/os-release - -if [ "$NAME" != "Ubuntu" ]; then - echo "Support Ubuntu 18.xx, 20.xx" - exit -fi - -# update repo -sudo apt-get update - -# make a directory to build bcc -sudo rm -rf /tmp/build; mkdir -p /tmp/build; cd /tmp/build - -# download bcc -git -C /tmp/build/ clone --branch v0.24.0 --depth 1 https://github.com/iovisor/bcc.git - -# install dependencies for bcc -sudo apt-get -y install build-essential cmake bison flex git python3 python3-pip \ - clang-9 libllvm9 llvm-9-dev libclang-9-dev zlib1g-dev libelf-dev libedit-dev libfl-dev \ - arping netperf iperf3 - -# install bcc -mkdir -p /tmp/build/bcc/build; cd /tmp/build/bcc/build -cmake .. -DPYTHON_CMD=python3 -DCMAKE_INSTALL_PREFIX=/usr && make -j$(nproc) && sudo make install -if [ $? != 0 ]; then - echo "Failed to install bcc" - exit 1 -fi - - -# install apparmor and audit -sudo apt-get install -y apparmor apparmor-utils auditd - -# enable auditd -sudo systemctl enable auditd && sudo systemctl start auditd - -# install dependency on protoc -sudo apt-get install -y unzip - -# download protoc -mkdir -p /tmp/build/protoc; cd /tmp/build/protoc -wget --quiet https://github.com/protocolbuffers/protobuf/releases/download/v3.14.0/protoc-3.14.0-linux-x86_64.zip -O /tmp/build/protoc/protoc-3.14.0-linux-x86_64.zip - -# install protoc -unzip protoc-3.14.0-linux-x86_64.zip -sudo mv bin/protoc /usr/local/bin/ -sudo chmod 755 /usr/local/bin/protoc - -# apply env -if [[ $(hostname) = kubearmor-dev* ]]; then - export GOPATH=/home/vagrant/go - export GOROOT=/usr/local/go - export PATH=$PATH:/usr/local/go/bin:/home/vagrant/go/bin -elif [ -z "$GOPATH" ]; then - export GOPATH=$HOME/go - export GOROOT=/usr/local/go - export PATH=$PATH:/usr/local/go/bin:$HOME/go/bin -fi - -# download protoc-gen-go -go get -u google.golang.org/grpc -go get -u github.com/golang/protobuf/protoc-gen-go - -# install kubebuilder -wget --quiet https://github.com/kubernetes-sigs/kubebuilder/releases/download/v3.1.0/kubebuilder_linux_amd64 -O /tmp/build/kubebuilder -chmod +x /tmp/build/kubebuilder; sudo mv /tmp/build/kubebuilder /usr/local/bin - -if [[ $(hostname) = kubearmor-dev* ]]; then - echo >> /home/vagrant/.bashrc - echo 'export PATH=$PATH:/usr/local/kubebuilder/bin' >> /home/vagrant/.bashrc -elif [ -z "$GOPATH" ]; then - echo >> ~/.bashrc - echo 'export PATH=$PATH:/usr/local/kubebuilder/bin' >> ~/.bashrc -fi - -# install kustomize -cd /tmp/build/ -curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash -sudo mv kustomize /usr/local/bin - -# remove downloaded files -cd; sudo rm -rf /tmp/build