Skip to content

Commit

Permalink
update various container configs
Browse files Browse the repository at this point in the history 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
  • Loading branch information
@jessfraz
jessfraz committed Mar 16, 2016
1 parent 377cfd9 commit fd81c00
Show file tree
Hide file tree
Showing 5 changed files with 241 additions and 253 deletions.
88 changes: 40 additions & 48 deletions alpine/config.json
View file
Expand Up @@ -6,18 +6,40 @@
},
"process": {
"terminal": true,
"user": {
"uid": 0,
"gid": 0
},
"user": {},
"args": [
"sh"
],
"env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"TERM=xterm"
],
"cwd": "/"
"cwd": "/",
"capabilities": [
"CAP_CHOWN",
"CAP_DAC_OVERRIDE",
"CAP_FSETID",
"CAP_FOWNER",
"CAP_MKNOD",
"CAP_NET_RAW",
"CAP_SETGID",
"CAP_SETUID",
"CAP_SETFCAP",
"CAP_SETPCAP",
"CAP_NET_BIND_SERVICE",
"CAP_SYS_CHROOT",
"CAP_KILL",
"CAP_AUDIT_WRITE"
],
"rlimits": [
{
"type": "RLIMIT_NOFILE",
"hard": 1024,
"soft": 1024
}
],
"noNewPrivileges": true,
"apparmorProfile": "docker-default"
},
"root": {
"path": "rootfs",
Expand Down Expand Up @@ -122,22 +144,6 @@
]
},
"linux": {
"capabilities": [
"CAP_CHOWN",
"CAP_DAC_OVERRIDE",
"CAP_FSETID",
"CAP_FOWNER",
"CAP_MKNOD",
"CAP_NET_RAW",
"CAP_SETGID",
"CAP_SETUID",
"CAP_SETFCAP",
"CAP_SETPCAP",
"CAP_NET_BIND_SERVICE",
"CAP_SYS_CHROOT",
"CAP_KILL",
"CAP_AUDIT_WRITE"
],
"uidMappings": [
{
"hostID": 886432,
Expand All @@ -152,57 +158,46 @@
"size": 46578392
}
],
"rlimits": [
{
"type": "RLIMIT_NOFILE",
"hard": 1024,
"soft": 1024
}
],
"resources": {
"devices": [
{
"allow": false,
"access": "rwm"
},
{
"allow": true,
"type": 99,
"type": "c",
"major": 1,
"minor": 3,
"access": "rwm"
},
{
"allow": true,
"type": 99,
"type": "c",
"major": 1,
"minor": 5,
"access": "rwm"
},
{
"allow": true,
"type": 99,
"type": "c",
"major": 1,
"minor": 7,
"access": "rwm"
},
{
"allow": true,
"type": 99,
"type": "c",
"major": 5,
"minor": 0,
"access": "rwm"
},
{
"allow": true,
"type": 99,
"type": "c",
"major": 1,
"minor": 9,
"access": "rwm"
},
{
"allow": true,
"type": 99,
"type": "c",
"major": 1,
"minor": 8,
"access": "rwm"
Expand Down Expand Up @@ -255,7 +250,7 @@
"devices": [
{
"path": "/dev/null",
"type": 99,
"type": "c",
"major": 1,
"minor": 3,
"fileMode": 438,
Expand All @@ -264,7 +259,7 @@
},
{
"path": "/dev/zero",
"type": 99,
"type": "c",
"major": 1,
"minor": 5,
"fileMode": 438,
Expand All @@ -273,7 +268,7 @@
},
{
"path": "/dev/full",
"type": 99,
"type": "c",
"major": 1,
"minor": 7,
"fileMode": 438,
Expand All @@ -282,7 +277,7 @@
},
{
"path": "/dev/tty",
"type": 99,
"type": "c",
"major": 5,
"minor": 0,
"fileMode": 438,
Expand All @@ -291,7 +286,7 @@
},
{
"path": "/dev/urandom",
"type": 99,
"type": "c",
"major": 1,
"minor": 9,
"fileMode": 438,
Expand All @@ -300,16 +295,14 @@
},
{
"path": "/dev/random",
"type": 99,
"type": "c",
"major": 1,
"minor": 8,
"fileMode": 438,
"uid": 0,
"gid": 0
}
],
"apparmorProfile": "docker-default",
"selinuxProcessLabel": "",
"seccomp": {
"defaultAction": "SCMP_ACT_ERRNO",
"architectures": null,
Expand Down Expand Up @@ -1555,7 +1548,6 @@
"action": "SCMP_ACT_ALLOW"
}
]
},
"noNewPrivileges": true
}
}
}

0 comments on commit fd81c00

Please sign in to comment.