cri-o/docs/ocid.conf.5.md
Xianglin Gao 06cc0ba6ba Add docs about apparmor profile setting
Signed-off-by: Xianglin Gao <xlgao@zju.edu.cn>
2016-12-01 13:26:59 +08:00

76 lines
1.8 KiB
Markdown

% ocid.conf(5) Open Container Initiative Daemon
% Aleksa Sarai
% OCTOBER 2016
# NAME
ocid.conf - Syntax of OCID configuration file
# DESCRIPTION
The OCID configuration file specifies all of the available command-line options
for the ocid(8) program, but in a TOML format that can be more easily modified
and versioned.
# FORMAT
The [TOML format][toml] is used as the encoding of the configuration file.
Every option and subtable listed here is nested under a global "ocid" table.
No bare options are used. The format of TOML can be simplified to:
[table]
option = value
[table.subtable1]
option = value
[table.subtable2]
option = value
## OCID TABLE
The `ocid` table supports the following options:
**container_dir**=""
OCID container dir (default: "/var/lib/ocid/containers")
**root**=""
OCID root dir (default: "/var/lib/ocid")
**sandbox_dir**=""
OCID pod sandbox dir (default: "/var/lib/ocid/sandboxes")
## OCID.API TABLE
**listen**=""
Path to ocid socket (default: "/var/run/ocid.sock")
## OCID.RUNTIME TABLE
**conmon**=""
Path to the conmon executable (default: "/usr/libexec/ocid/conmon")
**conmon_env**=[]
Environment variable list for conmon process (default: ["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",])
**runtime**=""
OCI runtime path (default: "/usr/bin/runc")
**selinux**=*true*|*false*
Enable selinux support (default: false)
**seccomp_profile**=""
Path to the seccomp json profile to be used as the runtime's default (default: "/etc/ocid/seccomp.json")
**apparmor_profile**=""
Name of the apparmor profile to be used as the runtime's default (default: "ocid-default")
## OCID.IMAGE TABLE
**pause**=""
Path to the pause executable (default: "/usr/libexec/ocid/pause")
# SEE ALSO
ocid(8)
# HISTORY
Oct 2016, Originally compiled by Aleksa Sarai <asarai@suse.de>