make rootfs mount propagation mode settable

Signed-off-by: Huamin Chen <hchen@redhat.com>
2015-07-15 16:16:09 -04:00 · 2015-07-15 16:16:09 -04:00 · c53bf87ac2
parent fb8706c9df
commit c53bf87ac2
2 changed files with 9 additions and 0 deletions
--- a/config-linux.md
+++ b/config-linux.md
@ -139,6 +139,13 @@ rlimits allow setting resource limits. The type is from the values defined in [t

 uid/gid mappings describe the user namespace mappings from the host to the container. *from* is the starting uid/gid on the host to be mapped to *to* which is the starting uid/gid in the container and *count* refers to the number of ids to be mapped. The Linux kernel has a limit of 5 such mappings that can be specified.

+## Rootfs Mount Propagation
+rootfsPropagation sets the rootfs's mount propagation. Its value is either slave, private, or shared. [The kernel doc](https://www.kernel.org/doc/Documentation/filesystems/sharedsubtree.txt) has more information about mount propagation.
+
+```
+    "rootfsPropagation": "slave",
+```
+
 ## Security

 **TODO:** security profiles
--- a/spec_linux.go
+++ b/spec_linux.go
@ -28,6 +28,8 @@ type Linux struct {
 	Capabilities []string `json:"capabilities"`
 	// Devices are a list of device nodes that are created and enabled for the container.
 	Devices []string `json:"devices"`
+	// RootfsPropagation is the rootfs mount propagation mode for the container.
+	RootfsPropagation string `json:"rootfsPropagation"`
 }

 // User specifies linux specific user and group information for the container's