Documentation ¶
Index ¶
- func AppendDevicePermissionsFromCgroupRules(devPermissions []specs.LinuxDeviceCgroup, rules []string) ([]specs.LinuxDeviceCgroup, error)
- func DefaultLinuxSpec() specs.Spec
- func DefaultPathEnv(os string) string
- func DefaultSpec() specs.Spec
- func DefaultWindowsSpec() specs.Spec
- func DevicesFromPath(pathOnHost, pathInContainer, cgroupPermissions string) (devs []specs.LinuxDevice, devPermissions []specs.LinuxDeviceCgroup, err error)
- func NamespacePath(s *specs.Spec, nsType specs.LinuxNamespaceType) (path string, ok bool)
- func RemoveNamespace(s *specs.Spec, nsType specs.LinuxNamespaceType)
- func SetCapabilities(s *specs.Spec, caplist []string) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AppendDevicePermissionsFromCgroupRules ¶
func AppendDevicePermissionsFromCgroupRules(devPermissions []specs.LinuxDeviceCgroup, rules []string) ([]specs.LinuxDeviceCgroup, error)
AppendDevicePermissionsFromCgroupRules takes rules for the devices cgroup to append to the default set
func DefaultLinuxSpec ¶
DefaultLinuxSpec create a default spec for running Linux containers
func DefaultPathEnv ¶
DefaultPathEnv is unix style list of directories to search for executables. Each directory is separated from the next by a colon ':' character . For Windows containers, an empty string is returned as the default path will be set by the container, and Docker has no context of what the default path should be.
TODO(thaJeztah) align Windows default with BuildKit; see https://github.com/moby/buildkit/pull/1747 TODO(thaJeztah) use defaults from containerd (but align it with BuildKit; see https://github.com/moby/buildkit/pull/1747)
func DefaultSpec ¶
DefaultSpec returns the default spec used by docker for the current Platform
func DefaultWindowsSpec ¶
DefaultWindowsSpec create a default spec for running Windows containers
func DevicesFromPath ¶ added in v1.13.0
func DevicesFromPath(pathOnHost, pathInContainer, cgroupPermissions string) (devs []specs.LinuxDevice, devPermissions []specs.LinuxDeviceCgroup, err error)
DevicesFromPath computes a list of devices and device permissions from paths (pathOnHost and pathInContainer) and cgroup permissions.
func NamespacePath ¶
NamespacePath returns the configured Path of the first namespace in s.Linux.Namespaces of type nsType.
func RemoveNamespace ¶ added in v1.13.0
func RemoveNamespace(s *specs.Spec, nsType specs.LinuxNamespaceType)
RemoveNamespace removes the `nsType` namespace from OCI spec `s`
Types ¶
This section is empty.