tetragon icon indicating copy to clipboard operation
tetragon copied to clipboard
verified publisher icon cilium

Support for sockaddr_un struct

Open genie-zs opened this issue 6 months ago • 0 comments

Is there an existing issue for this?

  • [x] I have searched the existing issues

Is your feature request related to a problem?

No

Describe the feature you would like

To be able to get unix socket file path (sun_path), we need to add support for the sockaddr_un struct.

Recently, tetragon received support for the struct sockaddr in https://github.com/cilium/tetragon/pull/3358, but to fully support UNIX sockets, we also need to support the sockaddr_un structure.

That will allow us to develop policies to detect and filter operations on specific UNIX sockets such as docker.sock and containerd.sock by hooking into functions such as unix_stream_connect() .

Describe your proposed solution

No response

Code of Conduct

  • [x] I agree to follow this project's Code of Conduct

genie-zs avatar Jun 19 '25 10:06 genie-zs