OpenShell/crates/openshell-core/src/proto/openshell.sandbox.v1.rs at 13262e1cfadccd575c7e041c349945ac2ffd9f70 · NVIDIA/OpenShell · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
// SPDX-FileCopyrightText: Copyright (c) 2025-2026 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
// SPDX-License-Identifier: Apache-2.0

// This file is @generated by prost-build.
/// Sandbox security policy configuration.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct SandboxPolicy {
    /// Policy version.
    #[prost(uint32, tag = "1")]
    pub version: u32,
    /// Filesystem access policy.
    #[prost(message, optional, tag = "2")]
    pub filesystem: ::core::option::Option<FilesystemPolicy>,
    /// Network access policy.
    #[prost(message, optional, tag = "3")]
    pub network: ::core::option::Option<NetworkPolicy>,
    /// Landlock configuration.
    #[prost(message, optional, tag = "4")]
    pub landlock: ::core::option::Option<LandlockPolicy>,
    /// Process execution policy.
    #[prost(message, optional, tag = "5")]
    pub process: ::core::option::Option<ProcessPolicy>,
}
/// Filesystem access policy.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct FilesystemPolicy {
    /// Read-only directory allow list.
    #[prost(string, repeated, tag = "1")]
    pub read_only: ::prost::alloc::vec::Vec<::prost::alloc::string::String>,
    /// Read-write directory allow list.
    #[prost(string, repeated, tag = "2")]
    pub read_write: ::prost::alloc::vec::Vec<::prost::alloc::string::String>,
    /// Automatically include the workdir as read-write.
    #[prost(bool, tag = "3")]
    pub include_workdir: bool,
}
/// Network access policy.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct NetworkPolicy {
    /// Network access mode.
    #[prost(enumeration = "NetworkMode", tag = "1")]
    pub mode: i32,
    /// Proxy configuration (required when mode is PROXY).
    #[prost(message, optional, tag = "2")]
    pub proxy: ::core::option::Option<ProxyPolicy>,
}
/// Proxy configuration for network policy.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ProxyPolicy {
    /// Unix socket path for a local proxy (preferred for strict seccomp rules).
    #[prost(string, tag = "1")]
    pub unix_socket: ::prost::alloc::string::String,
    /// TCP address for a local HTTP proxy (loopback-only).
    #[prost(string, tag = "2")]
    pub http_addr: ::prost::alloc::string::String,
    /// Allowed hostnames for proxy traffic. Empty means allow all.
    #[prost(string, repeated, tag = "3")]
    pub allow_hosts: ::prost::alloc::vec::Vec<::prost::alloc::string::String>,
}
/// Landlock policy configuration.
#[derive(Clone, Copy, PartialEq, ::prost::Message)]
pub struct LandlockPolicy {
    /// Compatibility mode.
    #[prost(enumeration = "LandlockCompatibility", tag = "1")]
    pub compatibility: i32,
}
/// Process execution policy.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct ProcessPolicy {
    /// User name to run the sandboxed process as.
    #[prost(string, tag = "1")]
    pub run_as_user: ::prost::alloc::string::String,
    /// Group name to run the sandboxed process as.
    #[prost(string, tag = "2")]
    pub run_as_group: ::prost::alloc::string::String,
}
/// Request to get sandbox policy by sandbox ID.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct GetSandboxPolicyRequest {
    /// The sandbox ID.
    #[prost(string, tag = "1")]
    pub sandbox_id: ::prost::alloc::string::String,
}
/// Response containing sandbox policy.
#[derive(Clone, PartialEq, ::prost::Message)]
pub struct GetSandboxPolicyResponse {
    /// The sandbox policy configuration.
    #[prost(message, optional, tag = "1")]
    pub policy: ::core::option::Option<SandboxPolicy>,
}
/// Network access mode.
#[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)]
#[repr(i32)]
pub enum NetworkMode {
    /// Unspecified defaults to BLOCK.
    Unspecified = 0,
    /// Block all network access.
    Block = 1,
    /// Route traffic through a proxy.
    Proxy = 2,
    /// Allow all network access.
    Allow = 3,
}
impl NetworkMode {
    /// String value of the enum field names used in the ProtoBuf definition.
    ///
    /// The values are not transformed in any way and thus are considered stable
    /// (if the ProtoBuf definition does not change) and safe for programmatic use.
    pub fn as_str_name(&self) -> &'static str {
        match self {
            Self::Unspecified => "NETWORK_MODE_UNSPECIFIED",
            Self::Block => "NETWORK_MODE_BLOCK",
            Self::Proxy => "NETWORK_MODE_PROXY",
            Self::Allow => "NETWORK_MODE_ALLOW",
        }
    }
    /// Creates an enum from field names used in the ProtoBuf definition.
    pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
        match value {
            "NETWORK_MODE_UNSPECIFIED" => Some(Self::Unspecified),
            "NETWORK_MODE_BLOCK" => Some(Self::Block),
            "NETWORK_MODE_PROXY" => Some(Self::Proxy),
            "NETWORK_MODE_ALLOW" => Some(Self::Allow),
            _ => None,
        }
    }
}
/// Landlock compatibility mode.
#[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, PartialOrd, Ord, ::prost::Enumeration)]
#[repr(i32)]
pub enum LandlockCompatibility {
    /// Unspecified defaults to BEST_EFFORT.
    Unspecified = 0,
    /// Use best effort - degrade gracefully on older kernels.
    BestEffort = 1,
    /// Require full Landlock support or fail.
    HardRequirement = 2,
}
impl LandlockCompatibility {
    /// String value of the enum field names used in the ProtoBuf definition.
    ///
    /// The values are not transformed in any way and thus are considered stable
    /// (if the ProtoBuf definition does not change) and safe for programmatic use.
    pub fn as_str_name(&self) -> &'static str {
        match self {
            Self::Unspecified => "LANDLOCK_COMPATIBILITY_UNSPECIFIED",
            Self::BestEffort => "LANDLOCK_COMPATIBILITY_BEST_EFFORT",
            Self::HardRequirement => "LANDLOCK_COMPATIBILITY_HARD_REQUIREMENT",
        }
    }
    /// Creates an enum from field names used in the ProtoBuf definition.
    pub fn from_str_name(value: &str) -> ::core::option::Option<Self> {
        match value {
            "LANDLOCK_COMPATIBILITY_UNSPECIFIED" => Some(Self::Unspecified),
            "LANDLOCK_COMPATIBILITY_BEST_EFFORT" => Some(Self::BestEffort),
            "LANDLOCK_COMPATIBILITY_HARD_REQUIREMENT" => Some(Self::HardRequirement),
            _ => None,
        }
    }
}