You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: config-linux.md
-24Lines changed: 0 additions & 24 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -16,30 +16,6 @@ Valid values are the strings for capabilities defined in [the man page](http://m
16
16
]
17
17
```
18
18
19
-
## User namespace mappings
20
-
21
-
```json
22
-
"uidMappings": [
23
-
{
24
-
"hostID": 1000,
25
-
"containerID": 0,
26
-
"size": 10
27
-
}
28
-
],
29
-
"gidMappings": [
30
-
{
31
-
"hostID": 1000,
32
-
"containerID": 0,
33
-
"size": 10
34
-
}
35
-
]
36
-
```
37
-
38
-
uid/gid mappings describe the user namespace mappings from the host to the container.
39
-
The mappings represent how the bundle `rootfs` expects the user namespace to be setup and the runtime SHOULD NOT modify the permissions on the rootfs to realize the mapping.
40
-
*hostID* is the starting uid/gid on the host to be mapped to *containerID* which is the starting uid/gid in the container and *size* refers to the number of ids to be mapped.
41
-
There is a limit of 5 mappings which is the Linux kernel hard limit.
42
-
43
19
## Default Devices and File Systems
44
20
45
21
The Linux ABI includes both syscalls and several special file paths.
Copy file name to clipboardExpand all lines: runtime-config-linux.md
+25Lines changed: 25 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -46,6 +46,31 @@ container via system level IPC.
46
46
***user** the container will be able to remap user and group IDs from the host to local users and groups
47
47
within the container.
48
48
49
+
## User namespace mappings
50
+
51
+
uid/gid mappings describe the user namespace mappings from the host to the container.
52
+
The mappings represent how the bundle `rootfs` expects the user namespace to be setup and the runtime SHOULD NOT modify the permissions on the rootfs to realize the mapping.
53
+
*hostID* is the starting uid/gid on the host to be mapped to *containerID* which is the starting uid/gid in the container and *size* refers to the number of ids to be mapped.
54
+
There is a limit of 5 mappings which is the Linux kernel hard limit.
55
+
56
+
*Example*
57
+
```json
58
+
"uidMappings": [
59
+
{
60
+
"hostID": 1000,
61
+
"containerID": 0,
62
+
"size": 10
63
+
}
64
+
],
65
+
"gidMappings": [
66
+
{
67
+
"hostID": 1000,
68
+
"containerID": 0,
69
+
"size": 10
70
+
}
71
+
]
72
+
```
73
+
49
74
## Devices
50
75
51
76
Devices is an array specifying the list of devices to be created in the container.
0 commit comments