github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2026-01-13 19:33:54 +00:00
Code Issues Projects Releases Wiki Activity
Files
90c70479736935aefb9478aa485ad054523c192c
linuxkit/projects/ima-namespace/ima-namespace.yml
Justin Cormack e52bf2f745 Update sysctl and sysfs in yaml files 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-05-20 11:16:48 +01:00

55 lines
1.5 KiB
YAML
Raw Blame History

kernel:
image: "linuxkit/kernel-ima:4.11.1-"
cmdline: "console=ttyS0 console=tty0 page_poison=1 ima_appraise=enforce_ns"
init:
- linuxkit/init:b3740303f3d1e5689a84c87b7dfb48fd2a40a192
- linuxkit/runc:47b1c38d63468c0f3078f8b1b055d07965a1895d
- linuxkit/containerd:cf2614f5a96c569a0bd4bd54e054a65ba17d167f
- linuxkit/ca-certificates:3344cdca1bc59fdfa17bd7f0fcbf491b9dbaa288
- linuxkit/ima-utils:fe119c7dac08884f4144cd106dc279ddd8b37517
onboot:
- name: sysctl
image: "linuxkit/sysctl:225c52c2d6f04a040663bac84cabf81825027f64"
- name: binfmt
image: "linuxkit/binfmt:131026c0cf6084467316395fed3b358f64bda00c"
binds:
- /proc/sys/fs/binfmt_misc:/binfmt_misc
readonly: true
- name: dhcpcd
image: "linuxkit/dhcpcd:2def74ab3f9233b4c09ebb196ba47c27c08b0ed8"
binds:
- /var:/var
- /tmp/etc:/etc
capabilities:
- CAP_NET_ADMIN
- CAP_NET_BIND_SERVICE
- CAP_NET_RAW
net: host
command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
services:
- name: rngd
image: "linuxkit/rngd:61a07ced77a9747708223ca16a4aec621eacf518"
capabilities:
- CAP_SYS_ADMIN
oomScoreAdj: -800
readonly: true
- name: nginx
image: "nginx:alpine"
capabilities:
- CAP_NET_BIND_SERVICE
- CAP_CHOWN
- CAP_SETUID
- CAP_SETGID
- CAP_DAC_OVERRIDE
net: host
files:
- path: etc/docker/daemon.json
contents: '{"debug": true}'
trust:
image:
- linuxkit/kernel
- linuxkit/binfmt
- linuxkit/rngd
outputs:
- format: kernel+initrd
Reference in New Issue View Git Blame Copy Permalink