func LinuxRuntimeFrom(image schema.ImageManifest, msgs []string) (specs.LinuxRuntime, []string) {
	var lr specs.LinuxRuntime

	resources, msgs := ResourcesFrom(image, msgs)
	lr.Resources = &resources
	return lr, msgs
}
Beispiel #2
0
func genRuntime() (lrts specs.LinuxRuntimeSpec) {
	var rts specs.RuntimeSpec
	var lrt specs.LinuxRuntime

	rts.Mounts = map[string]specs.Mount{
		"sys":    specs.Mount{"sysfs", "sysfs", []string{"noexec", "nosuid", "nodev"}},
		"proc":   specs.Mount{"proc", "proc", []string{"noexec", "nosuid", "nodev"}},
		"dev":    specs.Mount{"tmpfs", "tmpfs", []string{"nosuid", "strictatime", "mode=755", "size=65536k"}},
		"devpts": specs.Mount{"devpts", "devpts", []string{"nosuid", "noexec", "newinstance", "ptmxmode=0666", "mode=0620", "gid=5"}},
		"devshm": specs.Mount{"tmpfs", "tmpfs", []string{"nosuid", "nodev"}},
	}

	lrts.RuntimeSpec = rts

	lrt.Devices = []specs.Device{
		{"/dev/random", 'c', 1, 8, "rwm", 0666, 0, 0},
		{"/dev/urandom", 'c', 1, 9, "rwm", 0666, 0, 0},
		{"/dev/null", 'c', 1, 3, "rwm", 0666, 0, 0},
		{"/dev/zero", 'c', 1, 5, "rwm", 0666, 0, 0},
		{"/dev/tty", 'c', 5, 0, "rwm", 0666, 0, 0},
		{"/dev/full", 'c', 1, 7, "rwm", 0666, 0, 0},
		{"/dev/console", 'c', 5, 1, "rwm", 0666, 0, 0},
	}

	lrt.Namespaces = []specs.Namespace{
		{"pid", ""},
		{"network", ""},
		{"mount", ""},
		{"ipc", ""},
		{"uts", ""},
		{"user", ""},
	}

	lrts.Linux = lrt

	return lrts
}