config-linux: Lift no-tweaking namespace restriction

wking · wking · commit d43fc428aa0c · 2017-01-11T15:16:54.000-08:00
This restriction originally landed via 02b456e (Clarify behavior around namespaces paths, 2015-09-08, opencontainers#158). The hostname case landed via 66a0543 (config: Require a new UTS namespace for config.json's hostname, 2015-10-05, opencontainers#214) citing the namespace restriction. The restriciton extended to runtime namespaces in 01c2d55 (config-linux: Extend no-tweak requirement to runtime namespaces, 2016-08-24, opencontainers#538). There was a proposal in-flight to get config-wide consistency around the no-tweaking concept [1]. In today's meeting, the maintainer consensus was to strike the no-tweaking restriction [2], which is what I've done here. I've removed the ROADMAP entry because this gives folks a way to adjust existing containers (launch a new container which joins and tweaks the original). The hostname entry still mentions the UTS namespace to provide a guard against accidental foot-gunning. There was no no-tweaking language for properties related to other namespaces (e.g. 'mounts'). Maybe the other namespaces have more obvious names. [1]: opencontainers#540 [2]: http://ircbot.wl.linuxfoundation.org/meetings/opencontainers/2017/opencontainers.2017-01-11-22.04.log.html#l-117 Signed-off-by: W. Trevor King <wking@tremily.us>
diff --git a/ROADMAP.md b/ROADMAP.md
@@ -18,14 +18,6 @@ Could be solved by lifecycle/ops and create/start split discussions
 
 *Owner:* vishh & duglin
 
-### Live Container Updates
-
-Should we allow dynamic container updates to runtime options?
-
-Proposal: make it an optional feature
-
-*Owner:* hqhq (was vishh) robdolinms, bcorrie
-
 ### Version Schema
 
 Decide on a robust versioning schema for the spec as it evolves.
diff --git a/config-linux.md b/config-linux.md
@@ -39,7 +39,6 @@ The following parameters can be specified to setup namespaces:
 
 If a path is specified, that particular file is used to join that type of namespace.
 If a namespace type is not specified in the `namespaces` array, the container MUST inherit the [runtime namespace](glossary.md#runtime-namespace) of that type.
-If a new namespace is not created (because the namespace type is not listed, or because it is listed with a `path`), runtimes MUST assume that the setup for that namespace has already been done and error out if the config specifies anything else related to that namespace.
 If a `namespaces` field contains duplicated namespaces with same `type`, the runtime MUST error out.
 
 ###### Example
diff --git a/config.md b/config.md
@@ -256,7 +256,8 @@ For Windows based systems the user structure has the following fields:
 ## Hostname
 
 * **`hostname`** (string, OPTIONAL) configures the container's hostname as seen by processes running inside the container.
-  On Linux, you can only set this if your bundle creates a new [UTS namespace][uts-namespace].
+  On Linux, this will change the hostname in the [container][container-namespace] [UTS namespace][uts-namespace].
+  Depending on your [namespace configuration](config-linux.md#namespaces), the container UTS namespace may be the [runtime UTS namespace][runtime-namespace].
 
 ### Example
 
