validate

package
v1.79.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 8, 2026 License: MPL-2.0 Imports: 7 Imported by: 0

Documentation

Overview

============================================================================= NFTBan v1.73 - Installer Post-Install Assertions ============================================================================= SPDX-License-Identifier: MPL-2.0 meta:name="installer-validate-assertions" meta:type="lib" meta:owner="Antonios Voulvoulis <contact@nftban.com>" meta:created_date="2026-04-04" meta:description="Post-install kernel + service + state assertions" meta:inventory.files="internal/installer/validate/assertions.go" meta:inventory.binaries="" meta:inventory.env_vars="" meta:inventory.config_files="" meta:inventory.systemd_units="" meta:inventory.network="" meta:inventory.privileges="root" =============================================================================

============================================================================= NFTBan v1.73 - Installer Authority File Write ============================================================================= SPDX-License-Identifier: MPL-2.0 meta:name="installer-validate-authority" meta:type="lib" meta:owner="Antonios Voulvoulis <contact@nftban.com>" meta:created_date="2026-04-04" meta:description="Write /var/lib/nftban/state/authority and .firewall_authority" meta:inventory.files="internal/installer/validate/authority.go" meta:inventory.binaries="" meta:inventory.env_vars="" meta:inventory.config_files="" meta:inventory.systemd_units="" meta:inventory.network="" meta:inventory.privileges="root" =============================================================================

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AllPassed 

func AllPassed(results []AssertionResult) bool

AllPassed returns true if all assertions passed.

func FailedNames 

func FailedNames(results []AssertionResult) []string

FailedNames returns the names of all failed assertions.

func RunPermissionsEnforce added in v1.76.0 

func RunPermissionsEnforce(exec executor.Executor, log *logging.Logger)

RunPermissionsEnforce calls `nftban permissions enforce` for full FHS fix (G10 parity).

func SetImmutableFlags added in v1.76.0 

func SetImmutableFlags(exec executor.Executor, log *logging.Logger)

SetImmutableFlags sets chattr +i on security-critical files (G8 parity). Shell postinst set immutable on nftban.conf and nft_schema.sh to prevent accidental or malicious modification.

func WriteAuthorityFiles 

func WriteAuthorityFiles(exec executor.Executor, decision authority.Decision, log *logging.Logger)

WriteAuthorityFiles records the authority decision to state files. Two locations for compatibility:

  • /var/lib/nftban/state/authority (primary, read by Go daemon)
  • /etc/nftban/.firewall_authority (legacy, read by CLI scripts)

Types

type AssertionResult 

type AssertionResult struct {
	Name   string
	Passed bool
	Detail string
}

AssertionResult holds the outcome of a single assertion.

func RunAssertions 

func RunAssertions(exec executor.Executor, sshPort int, log *logging.Logger) []AssertionResult

RunAssertions performs all post-install assertions and returns the results. None of these are individually fatal — the caller decides based on the aggregate.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.