diff --git a/examples/docker.yml b/examples/docker.yml index 6c8c13baf..d040f98a0 100644 --- a/examples/docker.yml +++ b/examples/docker.yml @@ -12,10 +12,7 @@ onboot: - name: sysfs image: linuxkit/sysfs:1cde5876d44117af61dfea629ad922defcd48808 - name: binfmt - image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" - binds: - - /proc/sys/fs/binfmt_misc:/binfmt_misc - readonly: true + image: "linuxkit/binfmt:603e5f064b3e8a64088c0fcf7a80d2783541ee1d" - name: format image: "linuxkit/format:d78093e943f9c88386e30c00353f9476d34fb551" binds: @@ -34,22 +31,9 @@ onboot: command: ["/mount.sh", "/var/lib/docker"] services: - name: rngd - image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" - capabilities: - - CAP_SYS_ADMIN - oomScoreAdj: -800 - readonly: true + image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0" - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp/etc:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host - oomScoreAdj: -800 + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" - name: ntpd image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" capabilities: diff --git a/examples/gcp.yml b/examples/gcp.yml index 6cada4ef5..cb70e5222 100644 --- a/examples/gcp.yml +++ b/examples/gcp.yml @@ -10,15 +10,7 @@ onboot: - name: sysctl image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp/etc:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] - name: metadata image: "linuxkit/metadata:a810b68fec9c9282cf096eed50605ddd6b2f3142" @@ -31,11 +23,7 @@ onboot: - CAP_SYS_ADMIN services: - name: rngd - image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" - capabilities: - - CAP_SYS_ADMIN - oomScoreAdj: -800 - readonly: true + image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0" - name: sshd image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf" capabilities: diff --git a/examples/minimal.yml b/examples/minimal.yml index 8e88e0623..abec67db4 100644 --- a/examples/minimal.yml +++ b/examples/minimal.yml @@ -7,15 +7,7 @@ init: - linuxkit/containerd:f1130450206d4f64f0ddc13d15bb68435aa1ff61 onboot: - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp/etc:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] trust: image: diff --git a/examples/node_exporter.yml b/examples/node_exporter.yml index 897a2514f..b4873637d 100644 --- a/examples/node_exporter.yml +++ b/examples/node_exporter.yml @@ -7,21 +7,9 @@ init: - linuxkit/containerd:f1130450206d4f64f0ddc13d15bb68435aa1ff61 services: - name: rngd - image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" - capabilities: - - CAP_SYS_ADMIN - oomScoreAdj: -800 + image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0" - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host - oomScoreAdj: -800 + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" - name: node_exporter image: "linuxkit/node_exporter:bdb20b41855d0e2b4edeec44ef569d030ea3cc47" capabilities: diff --git a/examples/packet.yml b/examples/packet.yml index 29faa974e..82d283a12 100644 --- a/examples/packet.yml +++ b/examples/packet.yml @@ -11,21 +11,9 @@ onboot: image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" services: - name: rngd - image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" - capabilities: - - CAP_SYS_ADMIN - oomScoreAdj: -800 + image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0" - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host - oomScoreAdj: -800 + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" - name: sshd image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf" capabilities: diff --git a/examples/redis-os.yml b/examples/redis-os.yml index 70dbc7138..a8b4494a0 100644 --- a/examples/redis-os.yml +++ b/examples/redis-os.yml @@ -9,15 +9,7 @@ init: - linuxkit/containerd:f1130450206d4f64f0ddc13d15bb68435aa1ff61 onboot: - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp/etc:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] services: - name: redis diff --git a/examples/sshd.yml b/examples/sshd.yml index 0e7dd035e..5cccf8733 100644 --- a/examples/sshd.yml +++ b/examples/sshd.yml @@ -11,21 +11,9 @@ onboot: image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" services: - name: rngd - image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" - capabilities: - - CAP_SYS_ADMIN - oomScoreAdj: -800 + image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0" - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host - oomScoreAdj: -800 + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" - name: sshd image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf" capabilities: diff --git a/examples/swap.yml b/examples/swap.yml index 0075229ea..fc93173a3 100644 --- a/examples/swap.yml +++ b/examples/swap.yml @@ -10,20 +10,9 @@ onboot: - name: sysctl image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" - name: binfmt - image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" - binds: - - /proc/sys/fs/binfmt_misc:/binfmt_misc - readonly: true + image: "linuxkit/binfmt:603e5f064b3e8a64088c0fcf7a80d2783541ee1d" - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp/etc:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] - name: format image: "linuxkit/format:d78093e943f9c88386e30c00353f9476d34fb551" @@ -58,10 +47,6 @@ onboot: services: - name: rngd image: "linuxkit/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9" - capabilities: - - CAP_SYS_ADMIN - oomScoreAdj: -800 - readonly: true - name: nginx image: "nginx:alpine" capabilities: diff --git a/examples/vmware.yml b/examples/vmware.yml index 41f1923ad..cfd0a20b7 100644 --- a/examples/vmware.yml +++ b/examples/vmware.yml @@ -11,22 +11,9 @@ onboot: image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" services: - name: rngd - image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" - capabilities: - - CAP_SYS_ADMIN - oomScoreAdj: -800 - readonly: true + image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0" - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host - oomScoreAdj: -800 + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" - name: nginx image: "nginx:alpine" capabilities: diff --git a/linuxkit.yml b/linuxkit.yml index 55e294e95..6c3e0db4f 100644 --- a/linuxkit.yml +++ b/linuxkit.yml @@ -10,28 +10,13 @@ onboot: - name: sysctl image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" - name: binfmt - image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" - binds: - - /proc/sys/fs/binfmt_misc:/binfmt_misc - readonly: true + image: "linuxkit/binfmt:603e5f064b3e8a64088c0fcf7a80d2783541ee1d" - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp/etc:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] services: - name: rngd - image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" - capabilities: - - CAP_SYS_ADMIN - oomScoreAdj: -800 - readonly: true + image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0" - name: nginx image: "nginx:alpine" capabilities: diff --git a/projects/etcd/etcd.yml b/projects/etcd/etcd.yml index 023ef2ed7..40916a6ef 100644 --- a/projects/etcd/etcd.yml +++ b/projects/etcd/etcd.yml @@ -26,15 +26,7 @@ onboot: rootfsPropagation: shared command: ["/mount.sh", "/var/lib/etcd"] - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp/etc:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] - name: metadata image: "linuxkit/metadata:a810b68fec9c9282cf096eed50605ddd6b2f3142" @@ -48,10 +40,6 @@ onboot: services: - name: rngd image: "linuxkit/rngd:f5e5be43e730ea819c3293d5c6dcbfa7f4c5c314" - capabilities: - - CAP_SYS_ADMIN - oomScoreAdj: -800 - readonly: true - name: ntpd image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" capabilities: diff --git a/projects/etcd/prom-us-central1-f.yml b/projects/etcd/prom-us-central1-f.yml index c4219d40f..7c2d03472 100644 --- a/projects/etcd/prom-us-central1-f.yml +++ b/projects/etcd/prom-us-central1-f.yml @@ -10,15 +10,7 @@ onboot: - name: sysctl image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp/etc:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] - name: metadata image: "linuxkit/metadata:a810b68fec9c9282cf096eed50605ddd6b2f3142" @@ -32,10 +24,6 @@ onboot: services: - name: rngd image: "mobylinux/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9" - capabilities: - - CAP_SYS_ADMIN - oomScoreAdj: -800 - readonly: true - name: prometheus image: "moby/prom-us-central1-f" binds: diff --git a/projects/kubernetes/kube-master.yml b/projects/kubernetes/kube-master.yml index df803bea1..3063f2eba 100644 --- a/projects/kubernetes/kube-master.yml +++ b/projects/kubernetes/kube-master.yml @@ -12,10 +12,7 @@ onboot: - name: sysfs image: linuxkit/sysfs:1cde5876d44117af61dfea629ad922defcd48808 - name: binfmt - image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" - binds: - - /proc/sys/fs/binfmt_misc:/binfmt_misc - readonly: true + image: "linuxkit/binfmt:603e5f064b3e8a64088c0fcf7a80d2783541ee1d" - name: format image: "linuxkit/format:d78093e943f9c88386e30c00353f9476d34fb551" binds: @@ -35,21 +32,8 @@ onboot: services: - name: rngd image: "linuxkit/rngd:f5e5be43e730ea819c3293d5c6dcbfa7f4c5c314" - capabilities: - - CAP_SYS_ADMIN - oomScoreAdj: -800 - readonly: true - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp/etc:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host - oomScoreAdj: -800 + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" - name: ntpd image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" capabilities: diff --git a/projects/kubernetes/kube-node.yml b/projects/kubernetes/kube-node.yml index ae09ec6fd..904ccb4e9 100644 --- a/projects/kubernetes/kube-node.yml +++ b/projects/kubernetes/kube-node.yml @@ -12,10 +12,7 @@ onboot: - name: sysfs image: linuxkit/sysfs:1cde5876d44117af61dfea629ad922defcd48808 - name: binfmt - image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" - binds: - - /proc/sys/fs/binfmt_misc:/binfmt_misc - readonly: true + image: "linuxkit/binfmt:603e5f064b3e8a64088c0fcf7a80d2783541ee1d" - name: format image: "linuxkit/format:d78093e943f9c88386e30c00353f9476d34fb551" binds: @@ -35,21 +32,8 @@ onboot: services: - name: rngd image: "linuxkit/rngd:f5e5be43e730ea819c3293d5c6dcbfa7f4c5c314" - capabilities: - - CAP_SYS_ADMIN - oomScoreAdj: -800 - readonly: true - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp/etc:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host - oomScoreAdj: -800 + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" - name: ntpd image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" capabilities: diff --git a/projects/logging/examples/logging.yml b/projects/logging/examples/logging.yml index a9264531f..c17fc96b2 100644 --- a/projects/logging/examples/logging.yml +++ b/projects/logging/examples/logging.yml @@ -11,28 +11,13 @@ onboot: - name: sysctl image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" - name: binfmt - image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" - binds: - - /proc/sys/fs/binfmt_misc:/binfmt_misc - readonly: true + image: "linuxkit/binfmt:603e5f064b3e8a64088c0fcf7a80d2783541ee1d" - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp/etc:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] services: - name: rngd - image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" - capabilities: - - CAP_SYS_ADMIN - oomScoreAdj: -800 - readonly: true + image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0" - name: nginx image: "nginx:alpine" capabilities: diff --git a/projects/miragesdk/examples/mirage-dhcp.yml b/projects/miragesdk/examples/mirage-dhcp.yml index 0db590b70..6eea22d3a 100644 --- a/projects/miragesdk/examples/mirage-dhcp.yml +++ b/projects/miragesdk/examples/mirage-dhcp.yml @@ -10,10 +10,6 @@ onboot: - name: sysctl image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" - name: binfmt - image: linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07 - binds: - - /proc/sys/fs/binfmt_misc:/binfmt_misc - readonly: true services: - name: rngd image: mobylinux/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9 diff --git a/projects/okernel/examples/okernel_simple.yaml b/projects/okernel/examples/okernel_simple.yaml index 68293dd99..1fbbc1dbc 100644 --- a/projects/okernel/examples/okernel_simple.yaml +++ b/projects/okernel/examples/okernel_simple.yaml @@ -12,20 +12,8 @@ onboot: services: - name: rngd image: "linuxkit/rngd:3dad6dd43270fa632ac031e99d1947f20b22eec9" - capabilities: - - CAP_SYS_ADMIN - oomScoreAdj: -800 - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host - oomScoreAdj: -800 + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" - name: sshd image: "linuxkit/sshd:1613253e5def414e0dfd261acd0e191eadb5fedf" capabilities: diff --git a/projects/swarmd/swarmd.yml b/projects/swarmd/swarmd.yml index 32677c4e9..532fb58d7 100644 --- a/projects/swarmd/swarmd.yml +++ b/projects/swarmd/swarmd.yml @@ -10,15 +10,7 @@ onboot: - name: sysctl image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64" - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp/etc:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] - name: format image: "linuxkit/format:d78093e943f9c88386e30c00353f9476d34fb551" @@ -47,11 +39,7 @@ onboot: - CAP_SYS_ADMIN services: - name: rngd - image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" - capabilities: - - CAP_SYS_ADMIN - oomScoreAdj: -800 - readonly: true + image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0" - name: ntpd image: "linuxkit/openntpd:ad834449a7eaf10dc022b3d8d2ed9faf7ec99d37" capabilities: diff --git a/test/cases/000_build/000_outputs/test.yml b/test/cases/000_build/000_outputs/test.yml index dcf25a7e8..e4c46ec52 100644 --- a/test/cases/000_build/000_outputs/test.yml +++ b/test/cases/000_build/000_outputs/test.yml @@ -7,15 +7,7 @@ init: - linuxkit/containerd:f1130450206d4f64f0ddc13d15bb68435aa1ff61 onboot: - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp/etc:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] trust: image: diff --git a/test/cases/030_security/000_docker-bench/test-docker-bench.yml b/test/cases/030_security/000_docker-bench/test-docker-bench.yml index 85b4d0444..29e6b5154 100644 --- a/test/cases/030_security/000_docker-bench/test-docker-bench.yml +++ b/test/cases/030_security/000_docker-bench/test-docker-bench.yml @@ -12,10 +12,7 @@ onboot: - name: sysfs image: "linuxkit/sysfs:1cde5876d44117af61dfea629ad922defcd48808" - name: binfmt - image: "linuxkit/binfmt:548f7f044f5411a8938913527c5ce55d9876bb07" - binds: - - /proc/sys/fs/binfmt_misc:/binfmt_misc - readonly: true + image: "linuxkit/binfmt:603e5f064b3e8a64088c0fcf7a80d2783541ee1d" - name: format image: "linuxkit/format:d78093e943f9c88386e30c00353f9476d34fb551" binds: @@ -34,22 +31,9 @@ onboot: command: ["/mount.sh", "/var/lib/docker"] services: - name: rngd - image: "linuxkit/rngd:c97ef16be340884a985d8b025983505a9bcc51f0" - capabilities: - - CAP_SYS_ADMIN - oomScoreAdj: -800 - readonly: true + image: "linuxkit/rngd:69f951ce2a3a9534dbbc7ba8119e1df4391f06c0" - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp/etc:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host - oomScoreAdj: -800 + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" - name: docker image: "linuxkit/docker-ce:261f93927d85001c65e5ce0f421eb6062f09c0a5" capabilities: diff --git a/test/hack/test.yml b/test/hack/test.yml index 411719b6b..806b2e9a2 100644 --- a/test/hack/test.yml +++ b/test/hack/test.yml @@ -10,15 +10,7 @@ init: - linuxkit/ca-certificates:4e9a83e890e6477dcd25029fc4f1ced61d0642f4 onboot: - name: dhcpcd - image: "linuxkit/dhcpcd:cb96c09a33c166eca6530f166f0f79927c3e83b0" - binds: - - /var:/var - - /tmp:/etc - capabilities: - - CAP_NET_ADMIN - - CAP_NET_BIND_SERVICE - - CAP_NET_RAW - net: host + image: "linuxkit/dhcpcd:ae03169274d19fe8841314fa5a6fea3c61adbf4e" command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"] - name: check-kernel-config image: "linuxkit/test-kernel-config:ecff41279ccbc408079a3996a956432651c6eb9c"