Documentation ¶
Index ¶
- func AppendDevicePermissionsFromCgroupRules(devPermissions []specs.LinuxDeviceCgroup, rules []string) ([]specs.LinuxDeviceCgroup, error)
- func DefaultLinuxSpec() specs.Spec
- func DefaultPathEnv(os string) string
- func DefaultSpec() specs.Spec
- func DefaultWindowsSpec() specs.Spec
- func DevicesFromPath(pathOnHost, pathInContainer, cgroupPermissions string) (devs []specs.LinuxDevice, devPermissions []specs.LinuxDeviceCgroup, err error)
- func NamespacePath(s *specs.Spec, nsType specs.LinuxNamespaceType) (path string, ok bool)
- func RemoveNamespace(s *specs.Spec, nsType specs.LinuxNamespaceType)
- func SetCapabilities(s *specs.Spec, caplist []string) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AppendDevicePermissionsFromCgroupRules ¶
func AppendDevicePermissionsFromCgroupRules(devPermissions []specs.LinuxDeviceCgroup, rules []string) ([]specs.LinuxDeviceCgroup, error)
AppendDevicePermissionsFromCgroupRules takes rules for the devices cgroup to append to the default set
func DefaultLinuxSpec ¶
func DefaultLinuxSpec() specs.Spec
DefaultLinuxSpec create a default spec for running Linux containers
func DefaultPathEnv ¶
DefaultPathEnv is unix style list of directories to search for executables. Each directory is separated from the next by a colon ':' character . For Windows containers, an empty string is returned as the default path will be set by the container, and Docker has no context of what the default path should be.
TODO(thaJeztah) align Windows default with BuildKit; see https://github.com/moby/buildkit/pull/1747 TODO(thaJeztah) use defaults from containerd (but align it with BuildKit; see https://github.com/moby/buildkit/pull/1747)
func DefaultSpec ¶
func DefaultSpec() specs.Spec
DefaultSpec returns the default spec used by docker for the current Platform
func DefaultWindowsSpec ¶
func DefaultWindowsSpec() specs.Spec
DefaultWindowsSpec create a default spec for running Windows containers
func DevicesFromPath ¶
func DevicesFromPath(pathOnHost, pathInContainer, cgroupPermissions string) (devs []specs.LinuxDevice, devPermissions []specs.LinuxDeviceCgroup, err error)
DevicesFromPath computes a list of devices and device permissions from paths (pathOnHost and pathInContainer) and cgroup permissions.
func NamespacePath ¶
NamespacePath returns the configured Path of the first namespace in s.Linux.Namespaces of type nsType.
func RemoveNamespace ¶
func RemoveNamespace(s *specs.Spec, nsType specs.LinuxNamespaceType)
RemoveNamespace removes the `nsType` namespace from OCI spec `s`
func SetCapabilities ¶
SetCapabilities sets the provided capabilities on the spec All capabilities are added if privileged is true.
Types ¶
This section is empty.