package oci

import "github.com/dotcloud/docker/oci"

Index ¶

• func AppendDevicePermissionsFromCgroupRules(devPermissions []specs.LinuxDeviceCgroup, rules []string) ([]specs.LinuxDeviceCgroup, error)
• func DefaultLinuxSpec() specs.Spec
• func DefaultSpec() specs.Spec
• func DefaultWindowsSpec() specs.Spec
• func Device(d *devices.Device) specs.LinuxDevice
• func DevicesFromPath(pathOnHost, pathInContainer, cgroupPermissions string) (devs []specs.LinuxDevice, devPermissions []specs.LinuxDeviceCgroup, err error)
• func RemoveNamespace(s *specs.Spec, nsType specs.LinuxNamespaceType)
• func SetCapabilities(s *specs.Spec, caplist []string) error

Functions ¶

func AppendDevicePermissionsFromCgroupRules ¶

func AppendDevicePermissionsFromCgroupRules(devPermissions []specs.LinuxDeviceCgroup, rules []string) ([]specs.LinuxDeviceCgroup, error)

AppendDevicePermissionsFromCgroupRules takes rules for the devices cgroup to append to the default set

func DefaultLinuxSpec ¶

func DefaultLinuxSpec() specs.Spec

DefaultLinuxSpec create a default spec for running Linux containers

func DefaultSpec ¶

func DefaultSpec() specs.Spec

DefaultSpec returns the default spec used by docker for the current Platform

func DefaultWindowsSpec ¶

func DefaultWindowsSpec() specs.Spec

DefaultWindowsSpec create a default spec for running Windows containers

func Device ¶

func Device(d *devices.Device) specs.LinuxDevice

Device transforms a libcontainer devices.Device to a specs.LinuxDevice object.

func DevicesFromPath ¶

func DevicesFromPath(pathOnHost, pathInContainer, cgroupPermissions string) (devs []specs.LinuxDevice, devPermissions []specs.LinuxDeviceCgroup, err error)

DevicesFromPath computes a list of devices and device permissions from paths (pathOnHost and pathInContainer) and cgroup permissions.

func RemoveNamespace ¶

func RemoveNamespace(s *specs.Spec, nsType specs.LinuxNamespaceType)

RemoveNamespace removes the `nsType` namespace from OCI spec `s`

func SetCapabilities ¶

func SetCapabilities(s *specs.Spec, caplist []string) error

SetCapabilities sets the provided capabilities on the spec All capabilities are added if privileged is true.

Source Files ¶

defaults.go devices_linux.go namespaces.go oci.go

Directories ¶