From 04187ecbcc085fbb8c6063f053379ff01fba19f7 Mon Sep 17 00:00:00 2001 From: "W. Trevor King" Date: Tue, 6 Jun 2017 12:51:04 -0700 Subject: [PATCH] config-linux: Explicitly allow symlinks for providing devices I'd rather address runtime compliance by breaking this down into explicit checks based on POSIX stat(3) calls. But with that approach rejected [1], mentioning symlinks here helps motivate runtime-tools' choice of os.Stat [2,3] (which follows symlinks) vs. os.Lstat (which does not [4]). [1]: https://github.com/opencontainers/runtime-spec/pull/829#issuecomment-305582159 [2]: https://github.com/opencontainers/runtime-tools/blob/f5c82b3918bdfc3ed4b594dcfab4d1554beaf992/cmd/runtimetest/main.go#L319 [3]: https://golang.org/pkg/os/#Stat [4]: https://golang.org/pkg/os/#Lstat Signed-off-by: W. Trevor King --- config-linux.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-linux.md b/config-linux.md index 62e389d0c..8d65d5499 100644 --- a/config-linux.md +++ b/config-linux.md @@ -110,7 +110,7 @@ Note that the number of mapping entries MAY be limited by the [kernel][user-name ## Devices **`devices`** (array of objects, OPTIONAL) lists devices that MUST be available in the container. -The runtime MAY supply them however it likes (with [`mknod`][mknod.2], by bind mounting from the runtime mount namespace, etc.). +The runtime MAY supply them however it likes (with [`mknod`][mknod.2], by bind mounting from the runtime mount namespace, using symlinks, etc.). Each entry has the following structure: