CoCalc -- updateSeccompProfile.js

GitHub Repository: ulixee/secret-agent
Path: blob/main/tools/docker/updateSeccompProfile.js
¹⁰²⁸ views

1
const Https = require('https');
2
const Fs = require('fs');
3

4
const extraPermissions = {
5
  comment: 'Allow create user namespaces',
6
  names: ['clone', 'setns', 'unshare'],
7
  action: 'SCMP_ACT_ALLOW',
8
  args: [],
9
  includes: {},
10
  excludes: {},
11
};
12

13
Https.get('https://raw.githubusercontent.com/docker/engine/master/profiles/seccomp/default.json')
14
  .on('response', async response => {
15
    let json = '';
16
    for await (const chunk of response) {
17
      json += chunk.toString();
18
    }
19
    const defaultProfile = JSON.parse(json);
20
    defaultProfile.syscalls.unshift(extraPermissions);
21
    Fs.writeFileSync(
22
      `${__dirname}/docker_seccomp_profile.json`,
23
      JSON.stringify(defaultProfile, null, 2),
24
    );
25
  })
26
  .end();
27

28