From 42a4d8e62b1000b8e600a2eb1d96cf424d63984b Mon Sep 17 00:00:00 2001 From: Vincent Batts Date: Sun, 5 Nov 2017 20:51:37 -0500 Subject: [PATCH] document the device permissions --- README.md | 28 +- config-eperm.json | 243 ----- config-privileged.json | 2307 ---------------------------------------- config.json | 251 ++++- 4 files changed, 273 insertions(+), 2556 deletions(-) delete mode 100644 config-eperm.json delete mode 100644 config-privileged.json mode change 120000 => 100644 config.json diff --git a/README.md b/README.md index 4066bcb..fafb835 100644 --- a/README.md +++ b/README.md @@ -33,20 +33,38 @@ $> sudo dmesg | tail -1 ### Container -Running ioctl's inside containers is a little tricky. Assuming we've already `insmod` the module above: ```shell -sudo docker run -it --rm -v $(pwd)/helloctl/helloctl:/usr/bin/helloctl:ro -v /dev/helloctl:/dev/helloctl:ro fedora /usr/bin/helloctl +sudo docker run -it --rm -v $(pwd)/helloctl/helloctl:/usr/bin/helloctl:ro --device /dev/helloctl fedora /usr/bin/helloctl ``` -You'll get a failure `Could not open /dev/helloctl` +Now `dmesg | tail` will reflect the command ran successfully, but at the sake of running an non-isolated container. + +### runc + +Determining major/minor for setting permissions requires inserting the module, then collecting the major/minor device, and putting that to a runc `config.json`. ```shell -sudo docker run -it --rm -v $(pwd)/helloctl/helloctl:/usr/bin/helloctl:ro -v /dev/helloctl:/dev/helloctl:ro --privileged fedora /usr/bin/helloctl +$> stat -c "%t %T" /dev/helloctl +a 39 +$> echo "$((16#$(stat -c "%t" /dev/helloctl )))" +10 +$> echo "$((16#$(stat -c "%T" /dev/helloctl )))" +57 ``` -Now `dmesg | tail` will reflect the command ran successfully. +Now in the `config.json`, under `linux.resources.devices`, that array, it needs the following with the major/minor integers from your `/dev/helloctl`: + +```json + { + "allow": true, + "type": "c", + "major": 10, + "minor": 57, + "access": "rwm" + }, +``` ### cleanup diff --git a/config-eperm.json b/config-eperm.json deleted file mode 100644 index 85d3208..0000000 --- a/config-eperm.json +++ /dev/null @@ -1,243 +0,0 @@ -{ - "ociVersion": "1.0.0-rc2-dev", - "platform": { - "os": "linux", - "arch": "amd64" - }, - "process": { - "terminal": true, - "consoleSize": { - "height": 0, - "width": 0 - }, - "user": { - "uid": 0, - "gid": 0 - }, - "args": [ - "/usr/bin/strace", "/usr/bin/helloctl" - ], - "env": [ - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", - "HOSTNAME=helloctl", - "TERM=xterm", - "DISTTAG=f26container", - "FGC=f26" - ], - "cwd": "/", - "capabilities": [ - "CAP_CHOWN", - "CAP_DAC_OVERRIDE", - "CAP_FSETID", - "CAP_FOWNER", - "CAP_MKNOD", - "CAP_NET_RAW", - "CAP_SETGID", - "CAP_SETUID", - "CAP_SETFCAP", - "CAP_SETPCAP", - "CAP_NET_BIND_SERVICE", - "CAP_SYS_CHROOT", - "CAP_KILL", - "CAP_AUDIT_WRITE", - "CAP_SYS_PTRACE" - ] - }, - "root": { - "path": "./rootfs/" - }, - "hostname": "helloctl", - "mounts": [ - { - "destination": "/proc", - "type": "proc", - "source": "proc", - "options": [ - "nosuid", - "noexec", - "nodev" - ] - }, - { - "destination": "/dev", - "type": "tmpfs", - "source": "tmpfs", - "options": [ - "nosuid", - "strictatime", - "mode=755" - ] - }, - { - "destination": "/dev/pts", - "type": "devpts", - "source": "devpts", - "options": [ - "nosuid", - "noexec", - "newinstance", - "ptmxmode=0666", - "mode=0620", - "gid=5" - ] - }, - { - "destination": "/sys", - "type": "sysfs", - "source": "sysfs", - "options": [ - "nosuid", - "noexec", - "nodev", - "ro" - ] - }, - { - "destination": "/sys/fs/cgroup", - "type": "cgroup", - "source": "cgroup", - "options": [ - "ro", - "nosuid", - "noexec", - "nodev" - ] - }, - { - "destination": "/dev/mqueue", - "type": "mqueue", - "source": "mqueue", - "options": [ - "nosuid", - "noexec", - "nodev" - ] - }, - { - "destination": "/dev/helloctl", - "type": "bind", - "source": "/dev/helloctl", - "options": [ - "rbind", - "ro", - "rprivate" - ] - }, - { - "destination": "/usr/bin/helloctl", - "type": "bind", - "source": "./helloctl/helloctl", - "options": [ - "rbind", - "ro", - "rprivate" - ] - } - ], - "hooks": { - "prestart": [ ], - "poststop": [ ] - }, - "linux": { - "resources": { - "devices": [ - { - "allow": false, - "access": "rwm" - }, - { - "allow": true, - "type": "c", - "major": 1, - "minor": 5, - "access": "rwm" - }, - { - "allow": true, - "type": "c", - "major": 1, - "minor": 3, - "access": "rwm" - }, - { - "allow": true, - "type": "c", - "major": 1, - "minor": 9, - "access": "rwm" - }, - { - "allow": true, - "type": "c", - "major": 1, - "minor": 8, - "access": "rwm" - }, - { - "allow": true, - "type": "c", - "major": 5, - "minor": 0, - "access": "rwm" - }, - { - "allow": true, - "type": "c", - "major": 5, - "minor": 1, - "access": "rwm" - }, - { - "allow": false, - "type": "c", - "major": 10, - "minor": 229, - "access": "rwm" - } - ], - "disableOOMKiller": false, - "oomScoreAdj": 0, - "cpu": {}, - "pids": { - "limit": 0 - }, - "blockIO": { - "blkioWeight": 0 - } - }, - "cgroupsPath": "system.slice:docker:8ad3dfde3644481046eace9cd586600f0416d3c43b4b9f4cc161c470859c0e17", - "namespaces": [ - { - "type": "mount" - }, - { - "type": "network" - }, - { - "type": "uts" - }, - { - "type": "pid" - }, - { - "type": "ipc" - } - ], - "maskedPaths": [ - "/proc/kcore", - "/proc/latency_stats", - "/proc/timer_list", - "/proc/timer_stats", - "/proc/sched_debug", - "/sys/firmware" - ], - "readonlyPaths": [ - "/proc/asound", - "/proc/bus", - "/proc/fs", - "/proc/irq", - "/proc/sys", - "/proc/sysrq-trigger" - ] - } -} diff --git a/config-privileged.json b/config-privileged.json deleted file mode 100644 index 11e81d0..0000000 --- a/config-privileged.json +++ /dev/null @@ -1,2307 +0,0 @@ -{ - "ociVersion": "1.0.0-rc2-dev", - "platform": { - "os": "linux", - "arch": "amd64" - }, - "process": { - "terminal": true, - "consoleSize": { - "height": 0, - "width": 0 - }, - "user": { - "uid": 0, - "gid": 0 - }, - "args": [ - "/usr/bin/strace", "/usr/bin/helloctl" - ], - "env": [ - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", - "HOSTNAME=helloctl", - "TERM=xterm", - "DISTTAG=f26container", - "FGC=f26" - ], - "cwd": "/", - "capabilities": [ - "CAP_CHOWN", - "CAP_DAC_OVERRIDE", - "CAP_DAC_READ_SEARCH", - "CAP_FOWNER", - "CAP_FSETID", - "CAP_KILL", - "CAP_SETGID", - "CAP_SETUID", - "CAP_SETPCAP", - "CAP_LINUX_IMMUTABLE", - "CAP_NET_BIND_SERVICE", - "CAP_NET_BROADCAST", - "CAP_NET_ADMIN", - "CAP_NET_RAW", - "CAP_IPC_LOCK", - "CAP_IPC_OWNER", - "CAP_SYS_MODULE", - "CAP_SYS_RAWIO", - "CAP_SYS_CHROOT", - "CAP_SYS_PTRACE", - "CAP_SYS_PACCT", - "CAP_SYS_ADMIN", - "CAP_SYS_BOOT", - "CAP_SYS_NICE", - "CAP_SYS_RESOURCE", - "CAP_SYS_TIME", - "CAP_SYS_TTY_CONFIG", - "CAP_MKNOD", - "CAP_LEASE", - "CAP_AUDIT_WRITE", - "CAP_AUDIT_CONTROL", - "CAP_SETFCAP", - "CAP_MAC_OVERRIDE", - "CAP_MAC_ADMIN", - "CAP_SYSLOG", - "CAP_WAKE_ALARM", - "CAP_BLOCK_SUSPEND", - "CAP_AUDIT_READ" - ] - }, - "root": { - "path": "./rootfs/" - }, - "hostname": "helloctl", - "mounts": [ - { - "destination": "/proc", - "type": "proc", - "source": "proc", - "options": [ - "nosuid", - "noexec", - "nodev" - ] - }, - { - "destination": "/dev", - "type": "tmpfs", - "source": "tmpfs", - "options": [ - "nosuid", - "strictatime", - "mode=755" - ] - }, - { - "destination": "/dev/pts", - "type": "devpts", - "source": "devpts", - "options": [ - "nosuid", - "noexec", - "newinstance", - "ptmxmode=0666", - "mode=0620", - "gid=5" - ] - }, - { - "destination": "/sys", - "type": "sysfs", - "source": "sysfs", - "options": [ - "nosuid", - "noexec", - "nodev" - ] - }, - { - "destination": "/sys/fs/cgroup", - "type": "cgroup", - "source": "cgroup", - "options": [ - "nosuid", - "noexec", - "nodev" - ] - }, - { - "destination": "/dev/mqueue", - "type": "mqueue", - "source": "mqueue", - "options": [ - "nosuid", - "noexec", - "nodev" - ] - }, - { - "destination": "/dev/helloctl", - "type": "bind", - "source": "/dev/helloctl", - "options": [ - "rbind", - "ro", - "rprivate" - ] - }, - { - "destination": "/usr/bin/helloctl", - "type": "bind", - "source": "./helloctl/helloctl", - "options": [ - "rbind", - "ro", - "rprivate" - ] - } - ], - "hooks": { - "prestart": [ ], - "poststop": [ ] - }, - "linux": { - "resources": { - "devices": [ - { - "allow": true, - "access": "rwm" - } - ], - "disableOOMKiller": false, - "oomScoreAdj": 0, - "cpu": {}, - "pids": { - "limit": 0 - }, - "blockIO": { - "blkioWeight": 0 - } - }, - "cgroupsPath": "system.slice:docker:0d4ed9e0bccb2c1cd75a4c06e721b433f6b0aec3c9d7220df7114468d620ae05", - "namespaces": [ - { - "type": "mount" - }, - { - "type": "network" - }, - { - "type": "uts" - }, - { - "type": "pid" - }, - { - "type": "ipc" - } - ], - "devices": [ - { - "path": "/dev/autofs", - "type": "c", - "major": 10, - "minor": 235, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/bsg/2:0:0:0", - "type": "c", - "major": 248, - "minor": 0, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/bsg/3:0:0:0", - "type": "c", - "major": 248, - "minor": 1, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/btrfs-control", - "type": "c", - "major": 10, - "minor": 234, - "fileMode": 8624, - "uid": 0, - "gid": 6 - }, - { - "path": "/dev/bus/usb/001/001", - "type": "c", - "major": 189, - "minor": 0, - "fileMode": 8628, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/bus/usb/001/002", - "type": "c", - "major": 189, - "minor": 1, - "fileMode": 8628, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/bus/usb/001/003", - "type": "c", - "major": 189, - "minor": 2, - "fileMode": 8628, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/bus/usb/001/004", - "type": "c", - "major": 189, - "minor": 3, - "fileMode": 8628, - "uid": 0, - "gid": 7 - }, - { - "path": "/dev/bus/usb/001/005", - "type": "c", - "major": 189, - "minor": 4, - "fileMode": 8628, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/bus/usb/001/006", - "type": "c", - "major": 189, - "minor": 5, - "fileMode": 8628, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/bus/usb/001/008", - "type": "c", - "major": 189, - "minor": 7, - "fileMode": 8628, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/bus/usb/001/015", - "type": "c", - "major": 189, - "minor": 14, - "fileMode": 8628, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/bus/usb/001/018", - "type": "c", - "major": 189, - "minor": 17, - "fileMode": 8628, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/bus/usb/001/020", - "type": "c", - "major": 189, - "minor": 19, - "fileMode": 8628, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/bus/usb/002/001", - "type": "c", - "major": 189, - "minor": 128, - "fileMode": 8628, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/bus/usb/003/001", - "type": "c", - "major": 189, - "minor": 256, - "fileMode": 8628, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/bus/usb/004/001", - "type": "c", - "major": 189, - "minor": 384, - "fileMode": 8628, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/cpu/0/cpuid", - "type": "c", - "major": 203, - "minor": 0, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/cpu/0/msr", - "type": "c", - "major": 202, - "minor": 0, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/cpu/1/cpuid", - "type": "c", - "major": 203, - "minor": 1, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/cpu/1/msr", - "type": "c", - "major": 202, - "minor": 1, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/cpu/2/cpuid", - "type": "c", - "major": 203, - "minor": 2, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/cpu/2/msr", - "type": "c", - "major": 202, - "minor": 2, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/cpu/3/cpuid", - "type": "c", - "major": 203, - "minor": 3, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/cpu/3/msr", - "type": "c", - "major": 202, - "minor": 3, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/cpu/microcode", - "type": "c", - "major": 10, - "minor": 184, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/cpu_dma_latency", - "type": "c", - "major": 10, - "minor": 62, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/cuse", - "type": "c", - "major": 10, - "minor": 203, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/dm-0", - "type": "b", - "major": 253, - "minor": 0, - "fileMode": 25008, - "uid": 0, - "gid": 6 - }, - { - "path": "/dev/dm-1", - "type": "b", - "major": 253, - "minor": 1, - "fileMode": 25008, - "uid": 0, - "gid": 6 - }, - { - "path": "/dev/dm-2", - "type": "b", - "major": 253, - "minor": 2, - "fileMode": 25008, - "uid": 0, - "gid": 6 - }, - { - "path": "/dev/dri/card0", - "type": "c", - "major": 226, - "minor": 0, - "fileMode": 8624, - "uid": 0, - "gid": 39 - }, - { - "path": "/dev/dri/renderD128", - "type": "c", - "major": 226, - "minor": 128, - "fileMode": 8624, - "uid": 0, - "gid": 39 - }, - { - "path": "/dev/drm_dp_aux0", - "type": "c", - "major": 243, - "minor": 0, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/fb0", - "type": "c", - "major": 29, - "minor": 0, - "fileMode": 8624, - "uid": 0, - "gid": 39 - }, - { - "path": "/dev/full", - "type": "c", - "major": 1, - "minor": 7, - "fileMode": 8630, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/fuse", - "type": "c", - "major": 10, - "minor": 229, - "fileMode": 8630, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/helloctl", - "type": "c", - "major": 10, - "minor": 57, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/hidraw0", - "type": "c", - "major": 246, - "minor": 0, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/hidraw1", - "type": "c", - "major": 246, - "minor": 1, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/hpet", - "type": "c", - "major": 10, - "minor": 228, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/hwrng", - "type": "c", - "major": 10, - "minor": 183, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/input/event0", - "type": "c", - "major": 13, - "minor": 64, - "fileMode": 8624, - "uid": 0, - "gid": 999 - }, - { - "path": "/dev/input/event1", - "type": "c", - "major": 13, - "minor": 65, - "fileMode": 8624, - "uid": 0, - "gid": 999 - }, - { - "path": "/dev/input/event10", - "type": "c", - "major": 13, - "minor": 74, - "fileMode": 8624, - "uid": 0, - "gid": 999 - }, - { - "path": "/dev/input/event11", - "type": "c", - "major": 13, - "minor": 75, - "fileMode": 8624, - "uid": 0, - "gid": 999 - }, - { - "path": "/dev/input/event2", - "type": "c", - "major": 13, - "minor": 66, - "fileMode": 8624, - "uid": 0, - "gid": 999 - }, - { - "path": "/dev/input/event3", - "type": "c", - "major": 13, - "minor": 67, - "fileMode": 8624, - "uid": 0, - "gid": 999 - }, - { - "path": "/dev/input/event4", - "type": "c", - "major": 13, - "minor": 68, - "fileMode": 8624, - "uid": 0, - "gid": 999 - }, - { - "path": "/dev/input/event5", - "type": "c", - "major": 13, - "minor": 69, - "fileMode": 8624, - "uid": 0, - "gid": 999 - }, - { - "path": "/dev/input/event6", - "type": "c", - "major": 13, - "minor": 70, - "fileMode": 8624, - "uid": 0, - "gid": 999 - }, - { - "path": "/dev/input/event7", - "type": "c", - "major": 13, - "minor": 71, - "fileMode": 8624, - "uid": 0, - "gid": 999 - }, - { - "path": "/dev/input/event8", - "type": "c", - "major": 13, - "minor": 72, - "fileMode": 8624, - "uid": 0, - "gid": 999 - }, - { - "path": "/dev/input/event9", - "type": "c", - "major": 13, - "minor": 73, - "fileMode": 8624, - "uid": 0, - "gid": 999 - }, - { - "path": "/dev/input/mice", - "type": "c", - "major": 13, - "minor": 63, - "fileMode": 8624, - "uid": 0, - "gid": 999 - }, - { - "path": "/dev/input/mouse0", - "type": "c", - "major": 13, - "minor": 32, - "fileMode": 8624, - "uid": 0, - "gid": 999 - }, - { - "path": "/dev/kmsg", - "type": "c", - "major": 1, - "minor": 11, - "fileMode": 8612, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/kvm", - "type": "c", - "major": 10, - "minor": 232, - "fileMode": 8630, - "uid": 0, - "gid": 36 - }, - { - "path": "/dev/loop-control", - "type": "c", - "major": 10, - "minor": 237, - "fileMode": 8624, - "uid": 0, - "gid": 6 - }, - { - "path": "/dev/lp0", - "type": "c", - "major": 6, - "minor": 0, - "fileMode": 8624, - "uid": 0, - "gid": 7 - }, - { - "path": "/dev/lp1", - "type": "c", - "major": 6, - "minor": 1, - "fileMode": 8624, - "uid": 0, - "gid": 7 - }, - { - "path": "/dev/lp2", - "type": "c", - "major": 6, - "minor": 2, - "fileMode": 8624, - "uid": 0, - "gid": 7 - }, - { - "path": "/dev/lp3", - "type": "c", - "major": 6, - "minor": 3, - "fileMode": 8624, - "uid": 0, - "gid": 7 - }, - { - "path": "/dev/mapper/control", - "type": "c", - "major": 10, - "minor": 236, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/mcelog", - "type": "c", - "major": 10, - "minor": 227, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/media0", - "type": "c", - "major": 239, - "minor": 0, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/mei0", - "type": "c", - "major": 240, - "minor": 0, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/mem", - "type": "c", - "major": 1, - "minor": 1, - "fileMode": 8608, - "uid": 0, - "gid": 9 - }, - { - "path": "/dev/memory_bandwidth", - "type": "c", - "major": 10, - "minor": 59, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/net/tun", - "type": "c", - "major": 10, - "minor": 200, - "fileMode": 8630, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/network_latency", - "type": "c", - "major": 10, - "minor": 61, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/network_throughput", - "type": "c", - "major": 10, - "minor": 60, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/null", - "type": "c", - "major": 1, - "minor": 3, - "fileMode": 8630, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/nvram", - "type": "c", - "major": 10, - "minor": 144, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/port", - "type": "c", - "major": 1, - "minor": 4, - "fileMode": 8608, - "uid": 0, - "gid": 9 - }, - { - "path": "/dev/ppp", - "type": "c", - "major": 108, - "minor": 0, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/ptmx", - "type": "c", - "major": 5, - "minor": 2, - "fileMode": 8630, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/ptp0", - "type": "c", - "major": 244, - "minor": 0, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/random", - "type": "c", - "major": 1, - "minor": 8, - "fileMode": 8630, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/raw/rawctl", - "type": "c", - "major": 162, - "minor": 0, - "fileMode": 8624, - "uid": 0, - "gid": 6 - }, - { - "path": "/dev/rfkill", - "type": "c", - "major": 10, - "minor": 58, - "fileMode": 8628, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/rtc0", - "type": "c", - "major": 250, - "minor": 0, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/sda", - "type": "b", - "major": 8, - "minor": 0, - "fileMode": 25008, - "uid": 0, - "gid": 6 - }, - { - "path": "/dev/sda1", - "type": "b", - "major": 8, - "minor": 1, - "fileMode": 25008, - "uid": 0, - "gid": 6 - }, - { - "path": "/dev/sda2", - "type": "b", - "major": 8, - "minor": 2, - "fileMode": 25008, - "uid": 0, - "gid": 6 - }, - { - "path": "/dev/sdb", - "type": "b", - "major": 8, - "minor": 16, - "fileMode": 25008, - "uid": 0, - "gid": 6 - }, - { - "path": "/dev/sg0", - "type": "c", - "major": 21, - "minor": 0, - "fileMode": 8624, - "uid": 0, - "gid": 6 - }, - { - "path": "/dev/sg1", - "type": "c", - "major": 21, - "minor": 1, - "fileMode": 8624, - "uid": 0, - "gid": 6 - }, - { - "path": "/dev/snapshot", - "type": "c", - "major": 10, - "minor": 231, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/snd/controlC0", - "type": "c", - "major": 116, - "minor": 2, - "fileMode": 8624, - "uid": 0, - "gid": 63 - }, - { - "path": "/dev/snd/controlC1", - "type": "c", - "major": 116, - "minor": 4, - "fileMode": 8624, - "uid": 0, - "gid": 63 - }, - { - "path": "/dev/snd/hwC1D0", - "type": "c", - "major": 116, - "minor": 13, - "fileMode": 8624, - "uid": 0, - "gid": 63 - }, - { - "path": "/dev/snd/hwC1D2", - "type": "c", - "major": 116, - "minor": 14, - "fileMode": 8624, - "uid": 0, - "gid": 63 - }, - { - "path": "/dev/snd/pcmC0D0c", - "type": "c", - "major": 116, - "minor": 3, - "fileMode": 8624, - "uid": 0, - "gid": 63 - }, - { - "path": "/dev/snd/pcmC1D0c", - "type": "c", - "major": 116, - "minor": 6, - "fileMode": 8624, - "uid": 0, - "gid": 63 - }, - { - "path": "/dev/snd/pcmC1D0p", - "type": "c", - "major": 116, - "minor": 5, - "fileMode": 8624, - "uid": 0, - "gid": 63 - }, - { - "path": "/dev/snd/pcmC1D10p", - "type": "c", - "major": 116, - "minor": 12, - "fileMode": 8624, - "uid": 0, - "gid": 63 - }, - { - "path": "/dev/snd/pcmC1D2c", - "type": "c", - "major": 116, - "minor": 7, - "fileMode": 8624, - "uid": 0, - "gid": 63 - }, - { - "path": "/dev/snd/pcmC1D3p", - "type": "c", - "major": 116, - "minor": 8, - "fileMode": 8624, - "uid": 0, - "gid": 63 - }, - { - "path": "/dev/snd/pcmC1D7p", - "type": "c", - "major": 116, - "minor": 9, - "fileMode": 8624, - "uid": 0, - "gid": 63 - }, - { - "path": "/dev/snd/pcmC1D8p", - "type": "c", - "major": 116, - "minor": 10, - "fileMode": 8624, - "uid": 0, - "gid": 63 - }, - { - "path": "/dev/snd/pcmC1D9p", - "type": "c", - "major": 116, - "minor": 11, - "fileMode": 8624, - "uid": 0, - "gid": 63 - }, - { - "path": "/dev/snd/seq", - "type": "c", - "major": 116, - "minor": 1, - "fileMode": 8624, - "uid": 0, - "gid": 63 - }, - { - "path": "/dev/snd/timer", - "type": "c", - "major": 116, - "minor": 33, - "fileMode": 8624, - "uid": 0, - "gid": 63 - }, - { - "path": "/dev/tty", - "type": "c", - "major": 5, - "minor": 0, - "fileMode": 8630, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty0", - "type": "c", - "major": 4, - "minor": 0, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty1", - "type": "c", - "major": 4, - "minor": 1, - "fileMode": 8592, - "uid": 1000, - "gid": 5 - }, - { - "path": "/dev/tty10", - "type": "c", - "major": 4, - "minor": 10, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty11", - "type": "c", - "major": 4, - "minor": 11, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty12", - "type": "c", - "major": 4, - "minor": 12, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty13", - "type": "c", - "major": 4, - "minor": 13, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty14", - "type": "c", - "major": 4, - "minor": 14, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty15", - "type": "c", - "major": 4, - "minor": 15, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty16", - "type": "c", - "major": 4, - "minor": 16, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty17", - "type": "c", - "major": 4, - "minor": 17, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty18", - "type": "c", - "major": 4, - "minor": 18, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty19", - "type": "c", - "major": 4, - "minor": 19, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty2", - "type": "c", - "major": 4, - "minor": 2, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty20", - "type": "c", - "major": 4, - "minor": 20, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty21", - "type": "c", - "major": 4, - "minor": 21, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty22", - "type": "c", - "major": 4, - "minor": 22, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty23", - "type": "c", - "major": 4, - "minor": 23, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty24", - "type": "c", - "major": 4, - "minor": 24, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty25", - "type": "c", - "major": 4, - "minor": 25, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty26", - "type": "c", - "major": 4, - "minor": 26, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty27", - "type": "c", - "major": 4, - "minor": 27, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty28", - "type": "c", - "major": 4, - "minor": 28, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty29", - "type": "c", - "major": 4, - "minor": 29, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty3", - "type": "c", - "major": 4, - "minor": 3, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty30", - "type": "c", - "major": 4, - "minor": 30, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty31", - "type": "c", - "major": 4, - "minor": 31, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty32", - "type": "c", - "major": 4, - "minor": 32, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty33", - "type": "c", - "major": 4, - "minor": 33, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty34", - "type": "c", - "major": 4, - "minor": 34, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty35", - "type": "c", - "major": 4, - "minor": 35, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty36", - "type": "c", - "major": 4, - "minor": 36, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty37", - "type": "c", - "major": 4, - "minor": 37, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty38", - "type": "c", - "major": 4, - "minor": 38, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty39", - "type": "c", - "major": 4, - "minor": 39, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty4", - "type": "c", - "major": 4, - "minor": 4, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty40", - "type": "c", - "major": 4, - "minor": 40, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty41", - "type": "c", - "major": 4, - "minor": 41, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty42", - "type": "c", - "major": 4, - "minor": 42, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty43", - "type": "c", - "major": 4, - "minor": 43, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty44", - "type": "c", - "major": 4, - "minor": 44, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty45", - "type": "c", - "major": 4, - "minor": 45, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty46", - "type": "c", - "major": 4, - "minor": 46, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty47", - "type": "c", - "major": 4, - "minor": 47, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty48", - "type": "c", - "major": 4, - "minor": 48, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty49", - "type": "c", - "major": 4, - "minor": 49, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty5", - "type": "c", - "major": 4, - "minor": 5, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty50", - "type": "c", - "major": 4, - "minor": 50, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty51", - "type": "c", - "major": 4, - "minor": 51, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty52", - "type": "c", - "major": 4, - "minor": 52, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty53", - "type": "c", - "major": 4, - "minor": 53, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty54", - "type": "c", - "major": 4, - "minor": 54, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty55", - "type": "c", - "major": 4, - "minor": 55, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty56", - "type": "c", - "major": 4, - "minor": 56, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty57", - "type": "c", - "major": 4, - "minor": 57, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty58", - "type": "c", - "major": 4, - "minor": 58, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty59", - "type": "c", - "major": 4, - "minor": 59, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty6", - "type": "c", - "major": 4, - "minor": 6, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty60", - "type": "c", - "major": 4, - "minor": 60, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty61", - "type": "c", - "major": 4, - "minor": 61, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty62", - "type": "c", - "major": 4, - "minor": 62, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty63", - "type": "c", - "major": 4, - "minor": 63, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty7", - "type": "c", - "major": 4, - "minor": 7, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty8", - "type": "c", - "major": 4, - "minor": 8, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/tty9", - "type": "c", - "major": 4, - "minor": 9, - "fileMode": 8592, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/ttyS0", - "type": "c", - "major": 4, - "minor": 64, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS1", - "type": "c", - "major": 4, - "minor": 65, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS10", - "type": "c", - "major": 4, - "minor": 74, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS11", - "type": "c", - "major": 4, - "minor": 75, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS12", - "type": "c", - "major": 4, - "minor": 76, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS13", - "type": "c", - "major": 4, - "minor": 77, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS14", - "type": "c", - "major": 4, - "minor": 78, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS15", - "type": "c", - "major": 4, - "minor": 79, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS16", - "type": "c", - "major": 4, - "minor": 80, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS17", - "type": "c", - "major": 4, - "minor": 81, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS18", - "type": "c", - "major": 4, - "minor": 82, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS19", - "type": "c", - "major": 4, - "minor": 83, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS2", - "type": "c", - "major": 4, - "minor": 66, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS20", - "type": "c", - "major": 4, - "minor": 84, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS21", - "type": "c", - "major": 4, - "minor": 85, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS22", - "type": "c", - "major": 4, - "minor": 86, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS23", - "type": "c", - "major": 4, - "minor": 87, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS24", - "type": "c", - "major": 4, - "minor": 88, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS25", - "type": "c", - "major": 4, - "minor": 89, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS26", - "type": "c", - "major": 4, - "minor": 90, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS27", - "type": "c", - "major": 4, - "minor": 91, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS28", - "type": "c", - "major": 4, - "minor": 92, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS29", - "type": "c", - "major": 4, - "minor": 93, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS3", - "type": "c", - "major": 4, - "minor": 67, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS30", - "type": "c", - "major": 4, - "minor": 94, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS31", - "type": "c", - "major": 4, - "minor": 95, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS4", - "type": "c", - "major": 4, - "minor": 68, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS5", - "type": "c", - "major": 4, - "minor": 69, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS6", - "type": "c", - "major": 4, - "minor": 70, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS7", - "type": "c", - "major": 4, - "minor": 71, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS8", - "type": "c", - "major": 4, - "minor": 72, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/ttyS9", - "type": "c", - "major": 4, - "minor": 73, - "fileMode": 8624, - "uid": 0, - "gid": 18 - }, - { - "path": "/dev/uhid", - "type": "c", - "major": 10, - "minor": 239, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/uinput", - "type": "c", - "major": 10, - "minor": 223, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/urandom", - "type": "c", - "major": 1, - "minor": 9, - "fileMode": 8630, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/usb/hiddev0", - "type": "c", - "major": 180, - "minor": 96, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/usb/lp0", - "type": "c", - "major": 180, - "minor": 0, - "fileMode": 8624, - "uid": 0, - "gid": 7 - }, - { - "path": "/dev/usbmon0", - "type": "c", - "major": 247, - "minor": 0, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/usbmon1", - "type": "c", - "major": 247, - "minor": 1, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/usbmon2", - "type": "c", - "major": 247, - "minor": 2, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/usbmon3", - "type": "c", - "major": 247, - "minor": 3, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/usbmon4", - "type": "c", - "major": 247, - "minor": 4, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/vcs", - "type": "c", - "major": 7, - "minor": 0, - "fileMode": 8624, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/vcs1", - "type": "c", - "major": 7, - "minor": 1, - "fileMode": 8624, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/vcs2", - "type": "c", - "major": 7, - "minor": 2, - "fileMode": 8624, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/vcs3", - "type": "c", - "major": 7, - "minor": 3, - "fileMode": 8624, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/vcs4", - "type": "c", - "major": 7, - "minor": 4, - "fileMode": 8624, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/vcs5", - "type": "c", - "major": 7, - "minor": 5, - "fileMode": 8624, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/vcs6", - "type": "c", - "major": 7, - "minor": 6, - "fileMode": 8624, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/vcsa", - "type": "c", - "major": 7, - "minor": 128, - "fileMode": 8624, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/vcsa1", - "type": "c", - "major": 7, - "minor": 129, - "fileMode": 8624, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/vcsa2", - "type": "c", - "major": 7, - "minor": 130, - "fileMode": 8624, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/vcsa3", - "type": "c", - "major": 7, - "minor": 131, - "fileMode": 8624, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/vcsa4", - "type": "c", - "major": 7, - "minor": 132, - "fileMode": 8624, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/vcsa5", - "type": "c", - "major": 7, - "minor": 133, - "fileMode": 8624, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/vcsa6", - "type": "c", - "major": 7, - "minor": 134, - "fileMode": 8624, - "uid": 0, - "gid": 5 - }, - { - "path": "/dev/vfio/vfio", - "type": "c", - "major": 10, - "minor": 196, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/vga_arbiter", - "type": "c", - "major": 10, - "minor": 63, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/vhci", - "type": "c", - "major": 10, - "minor": 137, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/vhost-net", - "type": "c", - "major": 10, - "minor": 238, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/vhost-vsock", - "type": "c", - "major": 10, - "minor": 241, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/video0", - "type": "c", - "major": 81, - "minor": 0, - "fileMode": 8624, - "uid": 0, - "gid": 39 - }, - { - "path": "/dev/watchdog", - "type": "c", - "major": 10, - "minor": 130, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/watchdog0", - "type": "c", - "major": 249, - "minor": 0, - "fileMode": 8576, - "uid": 0, - "gid": 0 - }, - { - "path": "/dev/zero", - "type": "c", - "major": 1, - "minor": 5, - "fileMode": 8630, - "uid": 0, - "gid": 0 - } - ] - } -} diff --git a/config.json b/config.json deleted file mode 120000 index 66b9520..0000000 --- a/config.json +++ /dev/null @@ -1 +0,0 @@ -config-eperm.json \ No newline at end of file diff --git a/config.json b/config.json new file mode 100644 index 0000000..e500204 --- /dev/null +++ b/config.json @@ -0,0 +1,250 @@ +{ + "ociVersion": "1.0.0-rc2-dev", + "platform": { + "os": "linux", + "arch": "amd64" + }, + "process": { + "terminal": true, + "consoleSize": { + "height": 0, + "width": 0 + }, + "user": { + "uid": 0, + "gid": 0 + }, + "args": [ + "/usr/bin/helloctl" + ], + "env": [ + "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", + "HOSTNAME=helloctl", + "TERM=xterm", + "DISTTAG=f26container", + "FGC=f26" + ], + "cwd": "/", + "capabilities": [ + "CAP_CHOWN", + "CAP_DAC_OVERRIDE", + "CAP_FSETID", + "CAP_FOWNER", + "CAP_MKNOD", + "CAP_NET_RAW", + "CAP_SETGID", + "CAP_SETUID", + "CAP_SETFCAP", + "CAP_SETPCAP", + "CAP_NET_BIND_SERVICE", + "CAP_SYS_CHROOT", + "CAP_KILL", + "CAP_AUDIT_WRITE", + "CAP_SYS_PTRACE" + ] + }, + "root": { + "path": "./rootfs/" + }, + "hostname": "helloctl", + "mounts": [ + { + "destination": "/proc", + "type": "proc", + "source": "proc", + "options": [ + "nosuid", + "noexec", + "nodev" + ] + }, + { + "destination": "/dev", + "type": "tmpfs", + "source": "tmpfs", + "options": [ + "nosuid", + "strictatime", + "mode=755" + ] + }, + { + "destination": "/dev/pts", + "type": "devpts", + "source": "devpts", + "options": [ + "nosuid", + "noexec", + "newinstance", + "ptmxmode=0666", + "mode=0620", + "gid=5" + ] + }, + { + "destination": "/sys", + "type": "sysfs", + "source": "sysfs", + "options": [ + "nosuid", + "noexec", + "nodev", + "ro" + ] + }, + { + "destination": "/sys/fs/cgroup", + "type": "cgroup", + "source": "cgroup", + "options": [ + "ro", + "nosuid", + "noexec", + "nodev" + ] + }, + { + "destination": "/dev/mqueue", + "type": "mqueue", + "source": "mqueue", + "options": [ + "nosuid", + "noexec", + "nodev" + ] + }, + { + "destination": "/dev/helloctl", + "type": "bind", + "source": "/dev/helloctl", + "options": [ + "rbind", + "ro", + "rprivate" + ] + }, + { + "destination": "/usr/bin/helloctl", + "type": "bind", + "source": "./helloctl/helloctl", + "options": [ + "rbind", + "ro", + "rprivate" + ] + } + ], + "hooks": { + "prestart": [ ], + "poststop": [ ] + }, + "linux": { + "resources": { + "devices": [ + { + "allow": false, + "access": "rwm" + }, + { + "allow": true, + "type": "c", + "major": 1, + "minor": 5, + "access": "rwm" + }, + { + "allow": true, + "type": "c", + "major": 1, + "minor": 3, + "access": "rwm" + }, + { + "allow": true, + "type": "c", + "major": 1, + "minor": 9, + "access": "rwm" + }, + { + "allow": true, + "type": "c", + "major": 1, + "minor": 8, + "access": "rwm" + }, + { + "allow": true, + "type": "c", + "major": 5, + "minor": 0, + "access": "rwm" + }, + { + "allow": true, + "type": "c", + "major": 5, + "minor": 1, + "access": "rwm" + }, + { + "allow": true, + "type": "c", + "major": 10, + "minor": 57, + "access": "rwm" + }, + { + "allow": false, + "type": "c", + "major": 10, + "minor": 229, + "access": "rwm" + } + ], + "disableOOMKiller": false, + "oomScoreAdj": 0, + "cpu": {}, + "pids": { + "limit": 0 + }, + "blockIO": { + "blkioWeight": 0 + } + }, + "cgroupsPath": "system.slice:docker:8ad3dfde3644481046eace9cd586600f0416d3c43b4b9f4cc161c470859c0e17", + "namespaces": [ + { + "type": "mount" + }, + { + "type": "network" + }, + { + "type": "uts" + }, + { + "type": "pid" + }, + { + "type": "ipc" + } + ], + "maskedPaths": [ + "/proc/kcore", + "/proc/latency_stats", + "/proc/timer_list", + "/proc/timer_stats", + "/proc/sched_debug", + "/sys/firmware" + ], + "readonlyPaths": [ + "/proc/asound", + "/proc/bus", + "/proc/fs", + "/proc/irq", + "/proc/sys", + "/proc/sysrq-trigger" + ] + } +}