support SPI in container environment (introduced Linux 4.12 2017-06-02).
Abstraction define interface EP for CAN module in containered environment. This
namespace is available and introduced with Linux Kernel 4.12 by M. Kicherer
and later O. Hartkopp, to allow containers bridging such device.
@see linux-kernel/net/can@fc4c581
Although KSPP did not explicilty noted `CAN` as secure kernel flag, this
would aim to bring such conclusion. As for security concerns, CAN protocol did
not yield any user-land or host-level vulnerabilities since introduced as
SocketCAN module in Linux Kernel. Lower-layer [protocol] standards is not
secured by default since applications are supposed to implement their own
security mechanism.
This global abstraction currently supports CAN raw, proc and af_can
codes. Does not support GW and BCM. Namespace uses _NEWNET on pseudo-file
system. Allows modprobe to environment, works by recv `pnet` for the given
interface.
Signed-off-by: Halis Duraki <duraki@linuxmail.org>
This simplifies the example by adding a service which writes to the
log every 1s and a getty for introspection.
To see the logs:
/proc/1/root/usr/bin/logread -F
Signed-off-by: David Scott <dave.scott@docker.com>
This is an example external logging service which can be enabled by
adding it to the `init` section of the .yml, for example:
...
init:
- linuxkit/init:35866bb276c264a5f664bfac7456f4b9eeb87a4d
- linuxkit/runc:v0.4
- linuxkit/containerd:f2bc1bda1ab18146967fa1a149800aaf14bee81b
- linuxkit/ca-certificates:v0.4
- linuxkit/memlogd:cc035e5c9e4011ec1ba97a181a6689fc90965ce9
onboot:
...
Signed-off-by: David Scott <dave.scott@docker.com>
Previously memlogd would always run in the foreground. This patch
adds a `-daemonize` option which binds the /var/run sockets, forks
and execs itself and immediately returns. Therefore the program won't
block (important for an init.d script) but guarantees the sockets will
be available for any program started afterwards.
This also removes the alpine base from the memlogd image as `init`
"containers" are treated as simple file overlays.
Signed-off-by: David Scott <dave.scott@docker.com>
We will place the control sockets in the root /var/run and then share
with all services who need access.
Signed-off-by: David Scott <dave.scott@docker.com>
This attempts to work around a CI issue where we're running out of disk
space when rebuilding the init package.
Signed-off-by: Krister Johansen <krister.johansen@oracle.com>
