Add masked and readonly paths#364
Conversation
specs-go/config.go
Outdated
| // RootfsPropagation is the rootfs mount propagation mode for the container. | ||
| RootfsPropagation string `json:"rootfsPropagation,omitempty"` | ||
| // MaskedPaths masks over the provided paths inside the container. | ||
| MaskedPaths []string `json:"maskedPaths"` |
There was a problem hiding this comment.
nit: Add omitempty here and below
|
LGTM |
config-linux.md
Outdated
|
|
||
| ## Readonly Paths | ||
|
|
||
| readonlyPaths will set the provieded paths as readonly inside the container. |
There was a problem hiding this comment.
“provieded” → “provided”. And probably readonlyPaths (and similar for your earlier maskedPaths docs) to match the rest of the spec.
|
On Thu, Mar 31, 2016 at 05:15:51PM -0700, Michael Crosby wrote:
I'm still not sure we need these 1, but if they're going in, should |
crosbymichael
force-pushed
the
masked-paths
branch
from
2a49e9a to
7b0a9bf
Compare
Fixes opencontainers#320 This adds the maskedPaths and readonlyPaths fields to the spec so that proper masking and setting of files in /proc can be configured. Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
crosbymichael
force-pushed
the
masked-paths
branch
from
7b0a9bf to
adcbe53
Compare
|
@vbatts i tried to updated the scheme stuff, let me know if I did it wrong |
|
The schema changes look good. (I also tested them using the validate tool). |
4 participants
Fixes #320
This adds the maskedPaths and readonlyPaths fields to the spec so that
proper masking and setting of files in /proc can be configured.
Signed-off-by: Michael Crosby crosbymichael@gmail.com