Linux devices: uid/gid relative to container

alban · alban · commit e662e5c919f3 · 2018-03-13T16:17:11.000+01:00
It was not clear in the spec if the uid and gid owning a Linux device were relative to the runtime namespace or to the container namespace. This patch clarifies that. Fixes #957 Signed-off-by: Alban Crequy <alban@kinvolk.io>
diff --git a/config-linux.md b/config-linux.md
@@ -122,8 +122,8 @@ Each entry has the following structure:
 * **`major, minor`** *(int64, REQUIRED unless `type` is `p`)* - [major, minor numbers][devices] for the device.
 * **`fileMode`** *(uint32, OPTIONAL)* - file mode for the device.
     You can also control access to devices [with cgroups](#device-whitelist).
-* **`uid`** *(uint32, OPTIONAL)* - id of device owner.
-* **`gid`** *(uint32, OPTIONAL)* - id of device group.
+* **`uid`** *(uint32, OPTIONAL)* - id of device owner in the [container namespace](glossary.md#container-namespace).
+* **`gid`** *(uint32, OPTIONAL)* - id of device group in the [container namespace](glossary.md#container-namespace).
 
 The same `type`, `major` and `minor` SHOULD NOT be used for multiple devices.
 
