Module capability 

Daemon capability survey.

Probes the runtime environment of the zlayer daemon (root vs. non-root, host vs. nested in a container, cgroup v2 path, CAP_NET_ADMIN, presence of /dev/net/tun, and writability of the cgroup root) and derives a coarse DaemonMode from those signals.

All probes are intentionally cheap and non-destructive — a handful of syscalls, no allocations of kernel resources (no TUN interfaces, no cgroup writes). The struct is safe to construct multiple times.

Non-Linux targets report a fixed degraded survey since the kernel features these probes target are Linux-only.

Structs

DaemonCapabilities

Snapshot of the daemon’s effective capabilities and execution environment.

Enums

DaemonMode

Coarse classification of the daemon’s effective execution environment.

Functions

current_cgroup_v2_path

Returns the current process’s cgroup-v2 path, if any.

ensure_daemon_leaf_and_container_parent

Migrate the current daemon process into a <scope>/init sub-cgroup and return the sibling <scope>/containers path as the parent for future container cgroups. Idempotent — safe to call multiple times.