This moves the ambient capability support behind an `ambient` build tag
so that it is only compiled upon request.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Closes#532
This requires the container id to always be passed to all runc commands
as arg one on the cli. This was the result of the last OCI meeting and
how operations work with the spec.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Fixes: #429
We missed the former one and haven't got a new one, remove
it from README to avoid confusing.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
* version in the config example is advanced to 0.1.0
* rootfsPropagation in config.json is removed
(The same one is already in runtime.json)
* rlimit time is changed from magic number to name(string)
* add pids cgroup
* add cgroup path
After this change applied, the example config in this README.md
is consistent with the result of `runc spec`.
Signed-off-by: Lai Jiangshan <jiangshanlai@gmail.com>
I deleted possibility to specify config file from commands for now.
Until we decide how it'll be done. Also I changed runc spec interface to
write config files instead of output them.
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
When any non-global-flag parameter appears on the command line make sure
there's a "command" even in the 'start' (run) case to ensure its not
ambiguous as to what the arg is. For example, w/o this fix its not
clear if
runc foo
means 'foo' is the name of a config file or an unknown command. Or worse,
you can't name a config file the same a ANY command, even future (yet to
be created) commands.
We should fix this now before we ship 1.0 and are forced to support this
ambiguous case for a long time.
Signed-off-by: Doug Davis <dug@us.ibm.com>
Now that the generated spec (and the example above in the README) use
uid/gid and don't have the hardcoded `daemon` entry, the statement about
changing `daemon` to `root` no longer applies. Also added a comment
about using the `runc spec` command to generate `config.json`.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com> (github: estesp)
And allow cgroup mount take flags from user configs.
As we show ro in the recommendation, so hard-coded
read-only flag should be removed.
Signed-off-by: Qiang Huang <h.huangqiang@huawei.com>
- Initialize swappiness to -1 for the default config.json
- Pass swappiness from config.json to libcontainer config
Signed-off-by: Zefan Li <lizefan@huawei.com>
Chris Aniszczyk
Aleksa Sarai
Michael Crosby
Harry Zhang
rajasec
Jonathan Boulle
Mrunal Patel
Mrunal Patel
Antonio Murdaca
Alberto Leal
Marcos Nils
Qiang Huang
Lai Jiangshan
Alexander Morozov
Mark Sta Ana
Doug Davis
William Temple
Phil Estes
Zefan Li
zenlin
Kenneth Lim