diff --git a/libcontainer/container.go b/libcontainer/container.go index f7aa245..6734bfd 100644 --- a/libcontainer/container.go +++ b/libcontainer/container.go @@ -43,7 +43,7 @@ type Container struct { // All capbilities not specified will be dropped from the processes capability mask Capabilities []string `json:"capabilities,omitempty"` - // Networks specifies the container's network stop to be created + // Networks specifies the container's network setup to be created Networks []*Network `json:"networks,omitempty"` // Cgroups specifies specific cgroup settings for the various subsystems that the container is @@ -60,14 +60,13 @@ type Container struct { // rootfs and mount namespace if specified Mounts Mounts `json:"mounts,omitempty"` - // DeviceNodes are a list of 'required' and 'additional' nodes that will be mknod into the container's - // rootfs at /dev - // - // Required device nodes will return an error if the host system does not have this device available - // - // Additional device nodes are created but no error is returned if the host system does not have the - // device avaliable for use by the container - DeviceNodes map[string][]string `json:"device_nodes,omitempty"` + // RequiredDeviceNodes are a list of device nodes that will be mknod into the container's rootfs at /dev + // If the host system does not support the device that the container requests an error is returned + RequiredDeviceNodes []string `json:"required_device_nodes,omitempty"` + + // OptionalDeviceNodes are a list of device nodes that will be mknod into the container's rootfs at /dev + // If the host system does not support the device that the container requests the error is ignored + OptionalDeviceNodes []string `json:"optional_device_nodes,omitempty"` } // Network defines configuration for a container's networking stack diff --git a/libcontainer/container.json b/libcontainer/container.json index c3b0196..7156260 100644 --- a/libcontainer/container.json +++ b/libcontainer/container.json @@ -44,14 +44,12 @@ "type": "devtmpfs" } ], - "device_nodes": { - "required": [ - "null", - "zero", - "full", - "random", - "urandom", - "tty" - ] - } + "required_device_nodes": [ + "null", + "zero", + "full", + "random", + "urandom", + "tty" + ] } diff --git a/libcontainer/container_test.go b/libcontainer/container_test.go index d77ce31..f6e991e 100644 --- a/libcontainer/container_test.go +++ b/libcontainer/container_test.go @@ -65,7 +65,7 @@ func TestContainerJsonFormat(t *testing.T) { } for _, n := range nodes.DefaultNodes { - if !contains(n, container.DeviceNodes["required"]) { + if !contains(n, container.RequiredDeviceNodes) { t.Logf("devices should contain %s", n) t.Fail() } diff --git a/libcontainer/mount/init.go b/libcontainer/mount/init.go index 184df1e..3fb9667 100644 --- a/libcontainer/mount/init.go +++ b/libcontainer/mount/init.go @@ -48,11 +48,11 @@ func InitializeMountNamespace(rootfs, console string, container *libcontainer.Co if err := setupBindmounts(rootfs, container.Mounts); err != nil { return fmt.Errorf("bind mounts %s", err) } - if err := nodes.CopyN(rootfs, container.DeviceNodes["required"], true); err != nil { + if err := nodes.CopyN(rootfs, container.RequiredDeviceNodes, true); err != nil { return fmt.Errorf("copy required dev nodes %s", err) } - if err := nodes.CopyN(rootfs, container.DeviceNodes["additional"], false); err != nil { - return fmt.Errorf("copy additional dev nodes %s", err) + if err := nodes.CopyN(rootfs, container.OptionalDeviceNodes, false); err != nil { + return fmt.Errorf("copy optional dev nodes %s", err) } if err := SetupPtmx(rootfs, console, container.Context["mount_label"]); err != nil { return err