image: mkimage
arches:
  - amd64
config:
  readonly: true
  capabilities:
    - CAP_SYS_ADMIN
    - CAP_MKNOD
  binds:
    - /dev:/dev