rootfs

package

v0.1.0 Latest Latest Go to latest Published: Mar 18, 2026 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/microsoft/azure-linux-dev-tools

Links

Open Source Insights

Documentation ¶

Overview ¶

Package rootfs provides an afero.Fs implementation backed by Go's os.Root API. This confines all filesystem operations to a root directory with atomic protection against symlink-based escape attacks via openat2/RESOLVE_BENEATH.

Index ¶

type RootFs
- func New(rootPath string) (*RootFs, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type RootFs ¶

type RootFs struct {
	// contains filtered or unexported fields
}

RootFs is an afero.Fs implementation backed by os.Root. All operations are confined to the root directory using Go's os.Root API, which provides atomic protection against symlink-based escape attacks via the kernel's openat2/RESOLVE_BENEATH on Linux.

Security model:

All paths are treated as relative to the root directory
Leading slashes are stripped (e.g., "/foo" becomes "foo")
Symlinks within the root that resolve within the root are allowed
Symlinks that would escape the root are rejected atomically by the kernel
No TOCTOU vulnerabilities: symlink checks happen at the kernel level during file open, not as separate stat+open operations

func New ¶

func New(rootPath string) (*RootFs, error)

New creates a new RootFs rooted at the given directory path. The path must exist and be a directory.

func (*RootFs) Chmod ¶

func (r *RootFs) Chmod(name string, mode os.FileMode) error

Chmod changes the mode of the named file.

func (*RootFs) Chown ¶

func (r *RootFs) Chown(name string, uid, gid int) error

Chown changes the uid and gid of the named file.

func (*RootFs) Chtimes ¶

func (r *RootFs) Chtimes(name string, atime time.Time, mtime time.Time) error

Chtimes changes the access and modification times of the named file.

func (*RootFs) Close ¶

func (r *RootFs) Close() error

Close releases resources held by the RootFs.

func (*RootFs) Create ¶

func (r *RootFs) Create(name string) (afero.File, error)

Create creates a file in the filesystem, returning the file and any error.

func (*RootFs) Mkdir ¶

func (r *RootFs) Mkdir(name string, perm os.FileMode) error

Mkdir creates a directory in the filesystem.

func (*RootFs) MkdirAll ¶

func (r *RootFs) MkdirAll(path string, perm os.FileMode) error

MkdirAll creates a directory path and all parents that do not exist yet.

func (*RootFs) Name ¶

func (r *RootFs) Name() string

Name returns the name of this filesystem.

func (*RootFs) Open ¶

func (r *RootFs) Open(name string) (afero.File, error)

Open opens a file, returning it or an error.

func (*RootFs) OpenFile ¶

func (r *RootFs) OpenFile(name string, flag int, perm os.FileMode) (afero.File, error)

OpenFile opens a file using the given flags and mode.

func (*RootFs) Remove ¶

func (r *RootFs) Remove(name string) error

Remove removes a file or empty directory.

func (*RootFs) RemoveAll ¶

func (r *RootFs) RemoveAll(path string) error

RemoveAll removes a directory path and all children it contains.

func (*RootFs) Rename ¶

func (r *RootFs) Rename(oldname, newname string) error

Rename renames a file or directory within the root atomically.

func (*RootFs) Stat ¶

func (r *RootFs) Stat(name string) (os.FileInfo, error)

Stat returns file info for the named file.

Source Files ¶

View all Source files

rootfs.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL