Tree - container/cri-o - src.fedoraproject.org

container / cri-o

Blame config.json.template

Blob History Raw

		d75d3d7	`{`
		d75d3d7	`"ociVersion": "1.0.0",`
		d75d3d7	`"platform": {`
		d75d3d7	`"arch": "amd64",`
		d75d3d7	`"os": "linux"`
		d75d3d7	`},`
		d75d3d7	`"process": {`
		d75d3d7	`"args": [`
		d75d3d7	`"/usr/bin/run.sh"`
		d75d3d7	`],`
		d75d3d7	`"selinuxLabel": "system_u:system_r:container_runtime_t:s0",`
		d75d3d7	`"capabilities": {`
		d75d3d7	`"ambient": [`
		d75d3d7	`"CAP_CHOWN",`
		d75d3d7	`"CAP_FOWNER",`
		d75d3d7	`"CAP_FSETID",`
		d75d3d7	`"CAP_KILL",`
		d75d3d7	`"CAP_SETGID",`
		d75d3d7	`"CAP_SETUID",`
		d75d3d7	`"CAP_SETPCAP",`
		d75d3d7	`"CAP_LINUX_IMMUTABLE",`
		d75d3d7	`"CAP_NET_BIND_SERVICE",`
		d75d3d7	`"CAP_NET_BROADCAST",`
		d75d3d7	`"CAP_NET_ADMIN",`
		d75d3d7	`"CAP_NET_RAW",`
		d75d3d7	`"CAP_IPC_LOCK",`
		d75d3d7	`"CAP_IPC_OWNER",`
		d75d3d7	`"CAP_SYS_MODULE",`
		d75d3d7	`"CAP_SYS_RAWIO",`
		d75d3d7	`"CAP_SYS_CHROOT",`
		d75d3d7	`"CAP_SYS_PTRACE",`
		d75d3d7	`"CAP_SYS_PACCT",`
		d75d3d7	`"CAP_SYS_ADMIN",`
		d75d3d7	`"CAP_SYS_BOOT",`
		d75d3d7	`"CAP_SYS_NICE",`
		d75d3d7	`"CAP_SYS_RESOURCE",`
		d75d3d7	`"CAP_SYS_TIME",`
		d75d3d7	`"CAP_SYS_TTY_CONFIG",`
		d75d3d7	`"CAP_MKNOD",`
		d75d3d7	`"CAP_LEASE",`
		d75d3d7	`"CAP_AUDIT_WRITE",`
		d75d3d7	`"CAP_AUDIT_CONTROL",`
		d75d3d7	`"CAP_SETFCAP",`
		d75d3d7	`"CAP_DAC_OVERRIDE",`
		d75d3d7	`"CAP_MAC_OVERRIDE",`
		d75d3d7	`"CAP_DAC_READ_SEARCH",`
		d75d3d7	`"CAP_MAC_ADMIN",`
		d75d3d7	`"CAP_SYSLOG",`
		d75d3d7	`"CAP_WAKE_ALARM",`
		d75d3d7	`"CAP_BLOCK_SUSPEND",`
		d75d3d7	`"CAP_AUDIT_READ"`
		d75d3d7	`],`
		d75d3d7	`"bounding": [`
		d75d3d7	`"CAP_CHOWN",`
		d75d3d7	`"CAP_FOWNER",`
		d75d3d7	`"CAP_FSETID",`
		d75d3d7	`"CAP_KILL",`
		d75d3d7	`"CAP_SETGID",`
		d75d3d7	`"CAP_SETUID",`
		d75d3d7	`"CAP_SETPCAP",`
		d75d3d7	`"CAP_LINUX_IMMUTABLE",`
		d75d3d7	`"CAP_NET_BIND_SERVICE",`
		d75d3d7	`"CAP_NET_BROADCAST",`
		d75d3d7	`"CAP_NET_ADMIN",`
		d75d3d7	`"CAP_NET_RAW",`
		d75d3d7	`"CAP_IPC_LOCK",`
		d75d3d7	`"CAP_IPC_OWNER",`
		d75d3d7	`"CAP_SYS_MODULE",`
		d75d3d7	`"CAP_SYS_RAWIO",`
		d75d3d7	`"CAP_SYS_CHROOT",`
		d75d3d7	`"CAP_SYS_PTRACE",`
		d75d3d7	`"CAP_SYS_PACCT",`
		d75d3d7	`"CAP_SYS_ADMIN",`
		d75d3d7	`"CAP_SYS_BOOT",`
		d75d3d7	`"CAP_SYS_NICE",`
		d75d3d7	`"CAP_SYS_RESOURCE",`
		d75d3d7	`"CAP_SYS_TIME",`
		d75d3d7	`"CAP_SYS_TTY_CONFIG",`
		d75d3d7	`"CAP_MKNOD",`
		d75d3d7	`"CAP_LEASE",`
		d75d3d7	`"CAP_AUDIT_WRITE",`
		d75d3d7	`"CAP_AUDIT_CONTROL",`
		d75d3d7	`"CAP_SETFCAP",`
		d75d3d7	`"CAP_DAC_OVERRIDE",`
		d75d3d7	`"CAP_MAC_OVERRIDE",`
		d75d3d7	`"CAP_DAC_READ_SEARCH",`
		d75d3d7	`"CAP_MAC_ADMIN",`
		d75d3d7	`"CAP_SYSLOG",`
		d75d3d7	`"CAP_WAKE_ALARM",`
		d75d3d7	`"CAP_BLOCK_SUSPEND",`
		d75d3d7	`"CAP_AUDIT_READ"`
		d75d3d7	`],`
		d75d3d7	`"effective": [`
		d75d3d7	`"CAP_CHOWN",`
		d75d3d7	`"CAP_FOWNER",`
		d75d3d7	`"CAP_FSETID",`
		d75d3d7	`"CAP_KILL",`
		d75d3d7	`"CAP_SETGID",`
		d75d3d7	`"CAP_SETUID",`
		d75d3d7	`"CAP_SETPCAP",`
		d75d3d7	`"CAP_LINUX_IMMUTABLE",`
		d75d3d7	`"CAP_NET_BIND_SERVICE",`
		d75d3d7	`"CAP_NET_BROADCAST",`
		d75d3d7	`"CAP_NET_ADMIN",`
		d75d3d7	`"CAP_NET_RAW",`
		d75d3d7	`"CAP_IPC_LOCK",`
		d75d3d7	`"CAP_IPC_OWNER",`
		d75d3d7	`"CAP_SYS_MODULE",`
		d75d3d7	`"CAP_SYS_RAWIO",`
		d75d3d7	`"CAP_SYS_CHROOT",`
		d75d3d7	`"CAP_SYS_PTRACE",`
		d75d3d7	`"CAP_SYS_PACCT",`
		d75d3d7	`"CAP_SYS_ADMIN",`
		d75d3d7	`"CAP_SYS_BOOT",`
		d75d3d7	`"CAP_SYS_NICE",`
		d75d3d7	`"CAP_SYS_RESOURCE",`
		d75d3d7	`"CAP_SYS_TIME",`
		d75d3d7	`"CAP_SYS_TTY_CONFIG",`
		d75d3d7	`"CAP_MKNOD",`
		d75d3d7	`"CAP_LEASE",`
		d75d3d7	`"CAP_AUDIT_WRITE",`
		d75d3d7	`"CAP_AUDIT_CONTROL",`
		d75d3d7	`"CAP_SETFCAP",`
		d75d3d7	`"CAP_DAC_OVERRIDE",`
		d75d3d7	`"CAP_MAC_OVERRIDE",`
		d75d3d7	`"CAP_DAC_READ_SEARCH",`
		d75d3d7	`"CAP_MAC_ADMIN",`
		d75d3d7	`"CAP_SYSLOG",`
		d75d3d7	`"CAP_WAKE_ALARM",`
		d75d3d7	`"CAP_BLOCK_SUSPEND",`
		d75d3d7	`"CAP_AUDIT_READ"`
		d75d3d7	`],`
		d75d3d7	`"inheritable": [`
		d75d3d7	`"CAP_CHOWN",`
		d75d3d7	`"CAP_FOWNER",`
		d75d3d7	`"CAP_FSETID",`
		d75d3d7	`"CAP_KILL",`
		d75d3d7	`"CAP_SETGID",`
		d75d3d7	`"CAP_SETUID",`
		d75d3d7	`"CAP_SETPCAP",`
		d75d3d7	`"CAP_LINUX_IMMUTABLE",`
		d75d3d7	`"CAP_NET_BIND_SERVICE",`
		d75d3d7	`"CAP_NET_BROADCAST",`
		d75d3d7	`"CAP_NET_ADMIN",`
		d75d3d7	`"CAP_NET_RAW",`
		d75d3d7	`"CAP_IPC_LOCK",`
		d75d3d7	`"CAP_IPC_OWNER",`
		d75d3d7	`"CAP_SYS_MODULE",`
		d75d3d7	`"CAP_SYS_RAWIO",`
		d75d3d7	`"CAP_SYS_CHROOT",`
		d75d3d7	`"CAP_SYS_PTRACE",`
		d75d3d7	`"CAP_SYS_PACCT",`
		d75d3d7	`"CAP_SYS_ADMIN",`
		d75d3d7	`"CAP_SYS_BOOT",`
		d75d3d7	`"CAP_SYS_NICE",`
		d75d3d7	`"CAP_SYS_RESOURCE",`
		d75d3d7	`"CAP_SYS_TIME",`
		d75d3d7	`"CAP_SYS_TTY_CONFIG",`
		d75d3d7	`"CAP_MKNOD",`
		d75d3d7	`"CAP_LEASE",`
		d75d3d7	`"CAP_AUDIT_WRITE",`
		d75d3d7	`"CAP_AUDIT_CONTROL",`
		d75d3d7	`"CAP_SETFCAP",`
		d75d3d7	`"CAP_DAC_OVERRIDE",`
		d75d3d7	`"CAP_MAC_OVERRIDE",`
		d75d3d7	`"CAP_DAC_READ_SEARCH",`
		d75d3d7	`"CAP_MAC_ADMIN",`
		d75d3d7	`"CAP_SYSLOG",`
		d75d3d7	`"CAP_WAKE_ALARM",`
		d75d3d7	`"CAP_BLOCK_SUSPEND",`
		d75d3d7	`"CAP_AUDIT_READ"`
		d75d3d7	`],`
		d75d3d7	`"permitted": [`
		d75d3d7	`"CAP_CHOWN",`
		d75d3d7	`"CAP_FOWNER",`
		d75d3d7	`"CAP_FSETID",`
		d75d3d7	`"CAP_KILL",`
		d75d3d7	`"CAP_SETGID",`
		d75d3d7	`"CAP_SETUID",`
		d75d3d7	`"CAP_SETPCAP",`
		d75d3d7	`"CAP_LINUX_IMMUTABLE",`
		d75d3d7	`"CAP_NET_BIND_SERVICE",`
		d75d3d7	`"CAP_NET_BROADCAST",`
		d75d3d7	`"CAP_NET_ADMIN",`
		d75d3d7	`"CAP_NET_RAW",`
		d75d3d7	`"CAP_IPC_LOCK",`
		d75d3d7	`"CAP_IPC_OWNER",`
		d75d3d7	`"CAP_SYS_MODULE",`
		d75d3d7	`"CAP_SYS_RAWIO",`
		d75d3d7	`"CAP_SYS_CHROOT",`
		d75d3d7	`"CAP_SYS_PTRACE",`
		d75d3d7	`"CAP_SYS_PACCT",`
		d75d3d7	`"CAP_SYS_ADMIN",`
		d75d3d7	`"CAP_SYS_BOOT",`
		d75d3d7	`"CAP_SYS_NICE",`
		d75d3d7	`"CAP_SYS_RESOURCE",`
		d75d3d7	`"CAP_SYS_TIME",`
		d75d3d7	`"CAP_SYS_TTY_CONFIG",`
		d75d3d7	`"CAP_MKNOD",`
		d75d3d7	`"CAP_LEASE",`
		d75d3d7	`"CAP_AUDIT_WRITE",`
		d75d3d7	`"CAP_AUDIT_CONTROL",`
		d75d3d7	`"CAP_SETFCAP",`
		d75d3d7	`"CAP_DAC_OVERRIDE",`
		d75d3d7	`"CAP_MAC_OVERRIDE",`
		d75d3d7	`"CAP_DAC_READ_SEARCH",`
		d75d3d7	`"CAP_MAC_ADMIN",`
		d75d3d7	`"CAP_SYSLOG",`
		d75d3d7	`"CAP_WAKE_ALARM",`
		d75d3d7	`"CAP_BLOCK_SUSPEND",`
		d75d3d7	`"CAP_AUDIT_READ"`
		d75d3d7	`]`
		d75d3d7	`},`
		d75d3d7	`"cwd": "/",`
		d75d3d7	`"env": [`
		d75d3d7	`"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/go/bin:/root/go/bin",`
		d75d3d7	`"TERM=xterm",`
		d75d3d7	`"LOG_LEVEL=$LOG_LEVEL",`
		d75d3d7	`"NAME=$NAME"`
		d75d3d7	`],`
		d75d3d7	`"noNewPrivileges": false,`
		d75d3d7	`"terminal": false,`
		d75d3d7	`"user": {`
		d75d3d7	`"gid": 0,`
		d75d3d7	`"uid": 0`
		d75d3d7	`}`
		d75d3d7	`},`
		d75d3d7	`"root": {`
		d75d3d7	`"path": "rootfs",`
		d75d3d7	`"readonly": true`
		d75d3d7	`},`
		d75d3d7	`"hooks": {},`
		d75d3d7	`"linux": {`
		d75d3d7	`"namespaces": [`
		d75d3d7	`{`
		d75d3d7	`"type": "mount"`
		d75d3d7	`}`
		d75d3d7	`],`
		d75d3d7	`"resources": {`
		d75d3d7	`"devices": [`
		d75d3d7	`{`
		d75d3d7	`"access": "rwm",`
		d75d3d7	`"allow": true`
		d75d3d7	`}`
		d75d3d7	`]`
		d75d3d7	`},`
		d75d3d7	`"rootfsPropagation": "private"`
		d75d3d7	`},`
		d75d3d7	`"mounts": [`
		d75d3d7	`{`
		d75d3d7	`"destination": "/tmp",`
		d75d3d7	`"options": [`
		d75d3d7	`"private",`
		d75d3d7	`"bind",`
		d75d3d7	`"rw",`
		d75d3d7	`"mode=755"`
		d75d3d7	`],`
		d75d3d7	`"source": "/tmp",`
		d75d3d7	`"type": "bind"`
		d75d3d7	`},`
		d75d3d7	`{`
		1792068	`"destination": "/var/tmp",`
		d75d3d7	`"options": [`
		1792068	`"private",`
		1792068	`"bind",`
		d75d3d7	`"rw",`
		d75d3d7	`"mode=755"`
		d75d3d7	`],`
		1792068	`"source": "/var/tmp",`
		d75d3d7	`"type": "bind"`
		d75d3d7	`},`
		d75d3d7	`{`
		1792068	`"destination": "/etc",`
		d75d3d7	`"options": [`
		d75d3d7	`"rbind",`
		d75d3d7	`"rprivate",`
		d75d3d7	`"rw",`
		d75d3d7	`"mode=755"`
		d75d3d7	`],`
		1792068	`"source": "/etc",`
		d75d3d7	`"type": "bind"`
		d75d3d7	`},`
		d75d3d7	`{`
		1792068	`"destination": "/lib/modules",`
		d75d3d7	`"options": [`
		d75d3d7	`"rbind",`
		d75d3d7	`"rprivate",`
		d75d3d7	`"rw",`
		d75d3d7	`"mode=755"`
		d75d3d7	`],`
		1792068	`"source": "/lib/modules",`
		d75d3d7	`"type": "bind"`
		d75d3d7	`},`
		d75d3d7	`{`
		1792068	`"destination": "/root",`
		d75d3d7	`"options": [`
		d75d3d7	`"rbind",`
		d75d3d7	`"rprivate",`
		d75d3d7	`"rw",`
		d75d3d7	`"mode=755"`
		d75d3d7	`],`
		1792068	`"source": "/root",`
		d75d3d7	`"type": "bind"`
		d75d3d7	`},`
		d75d3d7	`{`
		d75d3d7	`"type": "bind",`
		d75d3d7	`"source": "${RUN_DIRECTORY}",`
		d75d3d7	`"destination": "/run",`
		d75d3d7	`"options": [`
		d75d3d7	`"rshared",`
		d75d3d7	`"rbind",`
		d75d3d7	`"rw",`
		d75d3d7	`"mode=755"`
		d75d3d7	`]`
		d75d3d7	`},`
		d75d3d7	`{`
		d75d3d7	`"type": "bind",`
		d75d3d7	`"source": "${RUN_DIRECTORY}/systemd",`
		d75d3d7	`"destination": "/run/systemd",`
		d75d3d7	`"options": [`
		d75d3d7	`"rslave",`
		d75d3d7	`"bind",`
		d75d3d7	`"rw",`
		d75d3d7	`"mode=755"`
		d75d3d7	`]`
		d75d3d7	`},`
		d75d3d7	`{`
		d75d3d7	`"destination": "/var/log",`
		d75d3d7	`"options": [`
		d75d3d7	`"rbind",`
		d75d3d7	`"rslave",`
		d75d3d7	`"rw"`
		d75d3d7	`],`
		d75d3d7	`"source": "/var/log",`
		d75d3d7	`"type": "bind"`
		d75d3d7	`},`
		d75d3d7	`{`
		d75d3d7	`"destination": "/var/lib",`
		d75d3d7	`"options": [`
		d75d3d7	`"rbind",`
		d75d3d7	`"rprivate",`
		d75d3d7	`"rw"`
		d75d3d7	`],`
		d75d3d7	`"source": "${STATE_DIRECTORY}",`
		d75d3d7	`"type": "bind"`
		d75d3d7	`},`
		d75d3d7	`{`
		8a33de2	`"destination": "/var/lib/containers/storage",`
		d75d3d7	`"options": [`
		d75d3d7	`"rbind",`
		d75d3d7	`"rshared",`
		d75d3d7	`"rw"`
		d75d3d7	`],`
		d75d3d7	`"source": "${VAR_LIB_CONTAINERS_STORAGE}",`
		d75d3d7	`"type": "bind"`
		d75d3d7	`},`
		d75d3d7	`{`
		d75d3d7	`"destination": "/var/lib/origin",`
		d75d3d7	`"options": [`
		d75d3d7	`"rshared",`
		d75d3d7	`"bind",`
		d75d3d7	`"rw"`
		d75d3d7	`],`
		d75d3d7	`"source": "${VAR_LIB_ORIGIN}",`
		d75d3d7	`"type": "bind"`
		d75d3d7	`},`
		d75d3d7	`{`
		d75d3d7	`"destination": "/var/lib/kubelet",`
		d75d3d7	`"options": [`
		d75d3d7	`"rshared",`
		d75d3d7	`"bind",`
		d75d3d7	`"rw"`
		d75d3d7	`],`
		d75d3d7	`"source": "${VAR_LIB_KUBE}",`
		d75d3d7	`"type": "bind"`
		d75d3d7	`},`
		d75d3d7	`{`
		d75d3d7	`"destination": "/opt/cni",`
		d75d3d7	`"options": [`
		d75d3d7	`"rbind",`
		d75d3d7	`"rprivate",`
		1792068	`"rw",`
		d75d3d7	`"mode=755"`
		d75d3d7	`],`
		d75d3d7	`"source": "${OPT_CNI}",`
		d75d3d7	`"type": "bind"`
		d75d3d7	`},`
		d75d3d7	`{`
		d75d3d7	`"destination": "/dev",`
		d75d3d7	`"options": [`
		d75d3d7	`"rprivate",`
		d75d3d7	`"rbind",`
		d75d3d7	`"rw",`
		d75d3d7	`"mode=755"`
		d75d3d7	`],`
		d75d3d7	`"source": "/dev",`
		d75d3d7	`"type": "bind"`
		d75d3d7	`},`
		d75d3d7	`{`
		1792068	`"destination": "/host",`
		1792068	`"options": [`
		1792068	`"rbind",`
		1792068	`"rshared",`
		1792068	`"rw"`
		1792068	`],`
		1792068	`"source": "/",`
		1792068	`"type": "bind"`
		1792068	`},`
		1792068	`{`
		d75d3d7	`"destination": "/sys",`
		d75d3d7	`"options": [`
		d75d3d7	`"rprivate",`
		d75d3d7	`"rbind",`
		d75d3d7	`"rw",`
		d75d3d7	`"mode=755"`
		d75d3d7	`],`
		d75d3d7	`"source": "/sys",`
		d75d3d7	`"type": "bind"`
		d75d3d7	`},`
		d75d3d7	`{`
		d75d3d7	`"destination": "/proc",`
		d75d3d7	`"options": [`
		d75d3d7	`"rbind",`
		d75d3d7	`"rw",`
		d75d3d7	`"mode=755"`
		d75d3d7	`],`
		d75d3d7	`"source": "/proc",`
		d75d3d7	`"type": "proc"`
		d75d3d7	`}`
		1792068	`$ADDTL_MOUNTS`
		d75d3d7	`]`
		d75d3d7	`}`

container / cri-o

Source Code

Blame config.json.template