You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: config.md
+29-20Lines changed: 29 additions & 20 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -84,26 +84,35 @@ For the Windows operating system, one mount destination MUST NOT be nested withi
84
84
See links for details about [mountvol](http://ss64.com/nt/mountvol.html) and [SetVolumeMountPoint](https://msdn.microsoft.com/en-us/library/windows/desktop/aa365561(v=vs.85).aspx) in Windows.
85
85
86
86
87
-
## Process configuration
88
-
89
-
***`terminal`** (bool, optional) specifies whether you want a terminal attached to that process. Defaults to false.
90
-
***`cwd`** (string, required) is the working directory that will be set for the executable. This value MUST be an absolute path.
91
-
***`env`** (array of strings, optional) contains a list of variables that will be set in the process's environment prior to execution. Elements in the array are specified as Strings in the form "KEY=value". The left hand side MUST consist solely of letters, digits, and underscores `_` as outlined in [IEEE Std 1003.1-2001](http://pubs.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap08.html).
92
-
***`args`** (array of strings, required) executable to launch and any flags as an array. The executable is the first element and MUST be available at the given path inside of the rootfs. If the executable path is not an absolute path then the search $PATH is interpreted to find the executable.
93
-
94
-
For Linux-based systems the process structure supports the following process specific fields:
95
-
96
-
***`capabilities`** (array of strings, optional) capabilities is an array that specifies Linux capabilities that can be provided to the process inside the container.
97
-
Valid values are the strings for capabilities defined in [the man page](http://man7.org/linux/man-pages/man7/capabilities.7.html)
98
-
***`rlimits`** (array of rlimits, optional) rlimits is an array of rlimits that allows setting resource limits for a process inside the container.
99
-
The kernel enforces the `soft` limit for a resource while the `hard` limit acts as a ceiling for that value that could be set by an unprivileged process.
100
-
Valid values for the 'type' field are the resources defined in [the man page](http://man7.org/linux/man-pages/man2/setrlimit.2.html).
101
-
***`apparmorProfile`** (string, optional) apparmor profile specifies the name of the apparmor profile that will be used for the container.
102
-
For more information about Apparmor, see [Apparmor documentation](https://wiki.ubuntu.com/AppArmor)
103
-
***`selinuxLabel`** (string, optional) SELinux process label specifies the label with which the processes in a container are run.
104
-
For more information about SELinux, see [Selinux documentation](http://selinuxproject.org/page/Main_Page)
105
-
***`noNewPrivileges`** (bool, optional) setting `noNewPrivileges` to true prevents the processes in the container from gaining additional privileges.
106
-
[The kernel doc](https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt) has more information on how this is achieved using a prctl system call.
87
+
## Process
88
+
89
+
***`process`** (object, required) configures the container process.
90
+
It supports the following properties:
91
+
92
+
***`terminal`** (bool, optional) specifies whether you want a terminal attached to that process.
93
+
Defaults to false.
94
+
***`cwd`** (string, required) is the working directory that will be set for the executable.
95
+
This value MUST be an absolute path.
96
+
***`env`** (array of strings, optional) contains a list of variables that will be set in the process's environment prior to execution.
97
+
Elements in the array are specified as Strings in the form "KEY=value".
98
+
The left hand side MUST consist solely of letters, digits, and underscores `_` as outlined in [IEEE Std 1003.1-2001](http://pubs.opengroup.org/onlinepubs/009695399/basedefs/xbd_chap08.html).
99
+
***`args`** (array of strings, optional) executable to launch and any flags as an array.
100
+
The executable is the first element and MUST be available at the given path inside of the rootfs.
101
+
If the executable path is not an absolute path then the search $PATH is interpreted to find the executable.
102
+
103
+
For Linux-based systems the process structure supports the following process specific fields:
104
+
105
+
***`capabilities`** (array of strings, optional) capabilities is an array that specifies Linux capabilities that can be provided to the process inside the container.
106
+
Valid values are the strings for capabilities defined in [the man page](http://man7.org/linux/man-pages/man7/capabilities.7.html)
107
+
***`rlimits`** (array of rlimits, optional) rlimits is an array of rlimits that allows setting resource limits for a process inside the container.
108
+
The kernel enforces the `soft` limit for a resource while the `hard` limit acts as a ceiling for that value that could be set by an unprivileged process.
109
+
Valid values for the 'type' field are the resources defined in [the man page](http://man7.org/linux/man-pages/man2/setrlimit.2.html).
110
+
***`apparmorProfile`** (string, optional) apparmor profile specifies the name of the apparmor profile that will be used for the container.
111
+
For more information about Apparmor, see [Apparmor documentation](https://wiki.ubuntu.com/AppArmor)
112
+
***`selinuxLabel`** (string, optional) SELinux process label specifies the label with which the processes in a container are run.
113
+
For more information about SELinux, see [Selinux documentation](http://selinuxproject.org/page/Main_Page)
114
+
***`noNewPrivileges`** (bool, optional) setting `noNewPrivileges` to true prevents the processes in the container from gaining additional privileges.
115
+
[The kernel doc](https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt) has more information on how this is achieved using a prctl system call.
0 commit comments