=========================================================== .___ __ __ _________________ __ __ __| _/|__|/ |_ / ___\_` __ \__ \ | | \/ __ | | \\_ __\ / /_/ > | \// __ \| | / /_/ | | || | \___ /|__| (____ /____/\____ | |__||__| /_____/ \/ \/ grep rough audit - static analysis tool v2.8 written by @Wireghoul =================================[justanotherhacker.com]=== runc-1.0.0~rc92.249.g636f23dd+dfsg1/docs/cgroup-v2.md-42- runc-1.0.0~rc92.249.g636f23dd+dfsg1/docs/cgroup-v2.md:43:The container processes are executed in a cgroup like `/user.slice/user-$(id -u).slice/user@$(id -u).service/user.slice/runc-foo.scope`. runc-1.0.0~rc92.249.g636f23dd+dfsg1/docs/cgroup-v2.md-44- ############################################## runc-1.0.0~rc92.249.g636f23dd+dfsg1/docs/systemd-properties.md-4-`--systemd-cgroup` CLI flag is set), systemd creates a scope (a.k.a. runc-1.0.0~rc92.249.g636f23dd+dfsg1/docs/systemd-properties.md:5:transient unit) for the container, usually named like `runc-$ID.scope`. runc-1.0.0~rc92.249.g636f23dd+dfsg1/docs/systemd-properties.md-6- runc-1.0.0~rc92.249.g636f23dd+dfsg1/docs/systemd-properties.md:7:The systemd properties of this unit (shown by `systemctl show runc-$ID.scope` runc-1.0.0~rc92.249.g636f23dd+dfsg1/docs/systemd-properties.md-8-after the container is started) can be modified by adding annotations ############################################## runc-1.0.0~rc92.249.g636f23dd+dfsg1/docs/terminals.md-305- runc-1.0.0~rc92.249.g636f23dd+dfsg1/docs/terminals.md:306:1. Create a Unix domain socket at some path, `$socket_path`. runc-1.0.0~rc92.249.g636f23dd+dfsg1/docs/terminals.md-307-2. Call `runc run` or `runc create` with the argument `--console-socket ############################################## runc-1.0.0~rc92.249.g636f23dd+dfsg1/exec.go-71- Name: "process-label", runc-1.0.0~rc92.249.g636f23dd+dfsg1/exec.go:72: Usage: "set the asm process label for the process commonly used with selinux", runc-1.0.0~rc92.249.g636f23dd+dfsg1/exec.go-73- }, ############################################## runc-1.0.0~rc92.249.g636f23dd+dfsg1/man/runc-exec.8.md-27- --pid-file value specify the file to write the process id to runc-1.0.0~rc92.249.g636f23dd+dfsg1/man/runc-exec.8.md:28: --process-label value set the asm process label for the process commonly used with selinux runc-1.0.0~rc92.249.g636f23dd+dfsg1/man/runc-exec.8.md-29- --apparmor value set the apparmor profile for the process ############################################## runc-1.0.0~rc92.249.g636f23dd+dfsg1/debian/rules-16- ## Remove Files-Excluded (when built from checkout or non-DFSG tarball): runc-1.0.0~rc92.249.g636f23dd+dfsg1/debian/rules:17: $(RM) -rv `perl -0nE 'say $$1 if m{^Files\-Excluded\:\s*(.*?)(?:\n\n|Files:|Comment:)}sm;' debian/copyright` runc-1.0.0~rc92.249.g636f23dd+dfsg1/debian/rules-18-