runc/sample_configs/userns.json

{
    "capabilities": [
        "CHOWN",
        "DAC_OVERRIDE",
        "FOWNER",
        "MKNOD",
        "NET_RAW",
        "SETGID",
        "SETUID",
        "SETFCAP",
        "SETPCAP",
        "NET_BIND_SERVICE",
        "SYS_CHROOT",
        "KILL"
    ],
    "cgroups": {
        "allowed_devices": [
            {
                "permissions": "m",
                "major": -1,
                "minor": -1,
                "type": 99
            },
            {
                "permissions": "m",
                "major": -1,
                "minor": -1,
                "type": 98
            },
            {
                "permissions": "rwm",
                "major": 5,
                "minor": 1,
                "path": "/dev/console",
                "type": 99
            },
            {
                "permissions": "rwm",
                "major": 4,
                "path": "/dev/tty0",
                "type": 99
            },
            {
                "permissions": "rwm",
                "major": 4,
                "minor": 1,
                "path": "/dev/tty1",
                "type": 99
            },
            {
                "permissions": "rwm",
                "major": 136,
                "minor": -1,
                "type": 99
            },
            {
                "permissions": "rwm",
                "major": 5,
                "minor": 2,
                "type": 99
            },
            {
                "permissions": "rwm",
                "major": 10,
                "minor": 200,
                "type": 99
            },
            {
                "permissions": "rwm",
                "file_mode": 438,
                "major": 1,
                "minor": 3,
                "path": "/dev/null",
                "type": 99
            },
            {
                "permissions": "rwm",
                "file_mode": 438,
                "major": 1,
                "minor": 5,
                "path": "/dev/zero",
                "type": 99
            },
            {
                "permissions": "rwm",
                "file_mode": 438,
                "major": 1,
                "minor": 7,
                "path": "/dev/full",
                "type": 99
            },
            {
                "permissions": "rwm",
                "file_mode": 438,
                "major": 5,
                "path": "/dev/tty",
                "type": 99
            },
            {
                "permissions": "rwm",
                "file_mode": 438,
                "major": 1,
                "minor": 9,
                "path": "/dev/urandom",
                "type": 99
            },
            {
                "permissions": "rwm",
                "file_mode": 438,
                "major": 1,
                "minor": 8,
                "path": "/dev/random",
                "type": 99
            }
        ],
        "name": "docker-koye",
        "parent": "docker"
    },
    "restrict_sys": true,
        "devices": [
            {
                "permissions": "rwm",
                "file_mode": 438,
                "major": 1,
                "minor": 3,
                "path": "/dev/null",
                "type": 99
            },
            {
                "permissions": "rwm",
                "file_mode": 438,
                "major": 1,
                "minor": 5,
                "path": "/dev/zero",
                "type": 99
            },
            {
                "permissions": "rwm",
                "file_mode": 438,
                "major": 1,
                "minor": 7,
                "path": "/dev/full",
                "type": 99
            },
            {
                "permissions": "rwm",
                "file_mode": 438,
                "major": 5,
                "path": "/dev/tty",
                "type": 99
            },
            {
                "permissions": "rwm",
                "file_mode": 438,
                "major": 1,
                "minor": 9,
                "path": "/dev/urandom",
                "type": 99
            },
            {
                "permissions": "rwm",
                "file_mode": 438,
                "major": 1,
                "minor": 8,
                "path": "/dev/random",
                "type": 99
            }
        ],
        "mounts": [
            {
                "type": "tmpfs",
                "destination": "/tmp"
            }
        ],
    "environment": [
        "HOME=/",
        "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
        "HOSTNAME=koye",
        "TERM=xterm"
    ],
    "hostname": "koye",
    "namespaces": [
        {"type": "NEWIPC"},
        {"type": "NEWNET"},
        {"type": "NEWNS"},
        {"type": "NEWPID"},
        {"type": "NEWUTS"},
        {"type": "NEWUSER"}
    ],
    "networks": [
        {
            "address": "127.0.0.1/0",
            "gateway": "localhost",
            "mtu": 1500,
            "type": "loopback"
        },
        {
            "address": "172.17.0.9/16",
            "gateway": "172.17.42.1",
            "bridge": "docker0",
            "veth_prefix": "veth",
            "mtu": 1500,
            "type": "veth"
        }
    ],
    "tty": true,
    "user": "root",
    "uid_mappings": [
        {
            "container_id": 0,
            "host_id": 1000,
            "size": 1
        },
        {
            "container_id": 1,
            "host_id": 1,
            "size": 999
        },
        {
            "container_id": 1001,
            "host_id": 1001,
            "size": 9000
        }
     ],
    "gid_mappings": [
        {
            "container_id": 0,
            "host_id": 1000,
            "size": 1
        },
        {
            "container_id": 1,
            "host_id": 1,
            "size": 999
        },
        {
            "container_id": 1001,
            "host_id": 1001,
            "size": 9000
        }
     ],
     "rlimits": [
        {
            "type": 7,
            "hard": 999,
            "soft": 999
        }
     ]
}
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`{`
			`"capabilities": [`
			`"CHOWN",`
			`"DAC_OVERRIDE",`
			`"FOWNER",`
			`"MKNOD",`
			`"NET_RAW",`
			`"SETGID",`
			`"SETUID",`
			`"SETFCAP",`
			`"SETPCAP",`
			`"NET_BIND_SERVICE",`
			`"SYS_CHROOT",`
			`"KILL"`
			`],`
			`"cgroups": {`
			`"allowed_devices": [`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "m",`
			`"major": -1,`
			`"minor": -1,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"type": 99`
			`},`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "m",`
			`"major": -1,`
			`"minor": -1,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"type": 98`
			`},`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "rwm",`
			`"major": 5,`
			`"minor": 1,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"path": "/dev/console",`
			`"type": 99`
			`},`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "rwm",`
			`"major": 4,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"path": "/dev/tty0",`
			`"type": 99`
			`},`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "rwm",`
			`"major": 4,`
			`"minor": 1,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"path": "/dev/tty1",`
			`"type": 99`
			`},`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "rwm",`
			`"major": 136,`
			`"minor": -1,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"type": 99`
			`},`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "rwm",`
			`"major": 5,`
			`"minor": 2,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"type": 99`
			`},`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "rwm",`
			`"major": 10,`
			`"minor": 200,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"type": 99`
			`},`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "rwm",`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"file_mode": 438,`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"major": 1,`
			`"minor": 3,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"path": "/dev/null",`
			`"type": 99`
			`},`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "rwm",`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"file_mode": 438,`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"major": 1,`
			`"minor": 5,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"path": "/dev/zero",`
			`"type": 99`
			`},`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "rwm",`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"file_mode": 438,`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"major": 1,`
			`"minor": 7,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"path": "/dev/full",`
			`"type": 99`
			`},`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "rwm",`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"file_mode": 438,`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"major": 5,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"path": "/dev/tty",`
			`"type": 99`
			`},`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "rwm",`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"file_mode": 438,`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"major": 1,`
			`"minor": 9,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"path": "/dev/urandom",`
			`"type": 99`
			`},`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "rwm",`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"file_mode": 438,`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"major": 1,`
			`"minor": 8,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"path": "/dev/random",`
			`"type": 99`
			`}`
			`],`
			`"name": "docker-koye",`
			`"parent": "docker"`
			`},`
			`"restrict_sys": true,`
Rename Fs fields to fs Signed-off-by: Michael Crosby <crosbymichael@gmail.com> 2015-02-04 09:44:58 +08:00			`"devices": [`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "rwm",`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"file_mode": 438,`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"major": 1,`
			`"minor": 3,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"path": "/dev/null",`
			`"type": 99`
			`},`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "rwm",`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"file_mode": 438,`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"major": 1,`
			`"minor": 5,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"path": "/dev/zero",`
			`"type": 99`
			`},`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "rwm",`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"file_mode": 438,`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"major": 1,`
			`"minor": 7,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"path": "/dev/full",`
			`"type": 99`
			`},`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "rwm",`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"file_mode": 438,`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"major": 5,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"path": "/dev/tty",`
			`"type": 99`
			`},`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "rwm",`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"file_mode": 438,`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"major": 1,`
			`"minor": 9,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"path": "/dev/urandom",`
			`"type": 99`
			`},`
			`{`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"permissions": "rwm",`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"file_mode": 438,`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`"major": 1,`
			`"minor": 8,`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"path": "/dev/random",`
			`"type": 99`
			`}`
			`],`
			`"mounts": [`
			`{`
			`"type": "tmpfs",`
			`"destination": "/tmp"`
			`}`
api: fix config tests Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-02-03 20:27:21 +08:00			`],`
Merge remote-tracking branch 'origin/master' into api Signed-off-by: Andrey Vagin <avagin@openvz.org> 2015-01-27 20:54:19 +08:00			`"environment": [`
			`"HOME=/",`
			`"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",`
			`"HOSTNAME=koye",`
			`"TERM=xterm"`
			`],`
			`"hostname": "koye",`
			`"namespaces": [`
			`{"type": "NEWIPC"},`
			`{"type": "NEWNET"},`
			`{"type": "NEWNS"},`
			`{"type": "NEWPID"},`
			`{"type": "NEWUTS"},`
			`{"type": "NEWUSER"}`
			`],`
			`"networks": [`
			`{`
			`"address": "127.0.0.1/0",`
			`"gateway": "localhost",`
			`"mtu": 1500,`
			`"type": "loopback"`
			`},`
			`{`
			`"address": "172.17.0.9/16",`
			`"gateway": "172.17.42.1",`
			`"bridge": "docker0",`
			`"veth_prefix": "veth",`
			`"mtu": 1500,`
			`"type": "veth"`
			`}`
			`],`
			`"tty": true,`
			`"user": "root",`
			`"uid_mappings": [`
			`{`
			`"container_id": 0,`
			`"host_id": 1000,`
			`"size": 1`
			`},`
			`{`
			`"container_id": 1,`
			`"host_id": 1,`
			`"size": 999`
			`},`
			`{`
			`"container_id": 1001,`
			`"host_id": 1001,`
			`"size": 9000`
			`}`
			`],`
			`"gid_mappings": [`
			`{`
			`"container_id": 0,`
			`"host_id": 1000,`
			`"size": 1`
			`},`
			`{`
			`"container_id": 1,`
			`"host_id": 1,`
			`"size": 999`
			`},`
			`{`
			`"container_id": 1001,`
			`"host_id": 1001,`
			`"size": 9000`
			`}`
			`],`
			`"rlimits": [`
			`{`
			`"type": 7,`
			`"hard": 999,`
			`"soft": 999`
			`}`
			`]`
			`}`