Update container.json and readme

Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)

pkg/libcontainer/README.md

@@ -16,76 +16,149 @@ process are specified in this file.  The configuration is used for each process
 Sample `container.json` file:
 ```json
 {
-   "hostname" : "koye",
-   "networks" : [
+   "mounts" : [
       {
-         "gateway" : "172.17.42.1",
-         "context" : {
-            "bridge" : "docker0",
-            "prefix" : "veth"
-         },
-         "address" : "172.17.0.2/16",
-         "type" : "veth",
-         "mtu" : 1500
+         "type" : "devtmpfs"
       }
    ],
-   "cgroups" : {
-      "parent" : "docker",
-      "name" : "11bb30683fb0bdd57fab4d3a8238877f1e4395a2cfc7320ea359f7a02c1a5620"
-   },
    "tty" : true,
    "environment" : [
       "HOME=/",
-      "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
-      "HOSTNAME=11bb30683fb0",
-      "TERM=xterm"
-   ],
-   "capabilities_mask" : [
-      "SETPCAP",
-      "SYS_MODULE",
-      "SYS_RAWIO",
-      "SYS_PACCT",
-      "SYS_ADMIN",
-      "SYS_NICE",
-      "SYS_RESOURCE",
-      "SYS_TIME",
-      "SYS_TTY_CONFIG",
-      "MKNOD",
-      "AUDIT_WRITE",
-      "AUDIT_CONTROL",
-      "MAC_OVERRIDE",
-      "MAC_ADMIN",
-      "NET_ADMIN"
+      "PATH=PATH=$PATH:/bin:/usr/bin:/sbin:/usr/sbin",
+      "container=docker",
+      "TERM=xterm-256color"
    ],
-   "context" : {
-      "apparmor_profile" : "docker-default"
+   "hostname" : "koye",
+   "cgroups" : {
+      "parent" : "docker",
+      "name" : "docker-koye"
    },
-   "mounts" : [
+   "capabilities_mask" : [
+      {
+         "value" : 8,
+         "key" : "SETPCAP",
+         "enabled" : false
+      },
+      {
+         "enabled" : false,
+         "value" : 16,
+         "key" : "SYS_MODULE"
+      },
+      {
+         "value" : 17,
+         "key" : "SYS_RAWIO",
+         "enabled" : false
+      },
+      {
+         "key" : "SYS_PACCT",
+         "value" : 20,
+         "enabled" : false
+      },
+      {
+         "value" : 21,
+         "key" : "SYS_ADMIN",
+         "enabled" : false
+      },
+      {
+         "value" : 23,
+         "key" : "SYS_NICE",
+         "enabled" : false
+      },
+      {
+         "value" : 24,
+         "key" : "SYS_RESOURCE",
+         "enabled" : false
+      },
       {
-         "source" : "/var/lib/docker/containers/11bb30683fb0bdd57fab4d3a8238877f1e4395a2cfc7320ea359f7a02c1a5620/resolv.conf",
-         "writable" : false,
-         "destination" : "/etc/resolv.conf",
-         "private" : true
+         "key" : "SYS_TIME",
+         "value" : 25,
+         "enabled" : false
       },
       {
-         "source" : "/var/lib/docker/containers/11bb30683fb0bdd57fab4d3a8238877f1e4395a2cfc7320ea359f7a02c1a5620/hostname",
-         "writable" : false,
-         "destination" : "/etc/hostname",
-         "private" : true
+         "enabled" : false,
+         "value" : 26,
+         "key" : "SYS_TTY_CONFIG"
       },
       {
-         "source" : "/var/lib/docker/containers/11bb30683fb0bdd57fab4d3a8238877f1e4395a2cfc7320ea359f7a02c1a5620/hosts",
-         "writable" : false,
-         "destination" : "/etc/hosts",
-         "private" : true
+         "key" : "AUDIT_WRITE",
+         "value" : 29,
+         "enabled" : false
+      },
+      {
+         "value" : 30,
+         "key" : "AUDIT_CONTROL",
+         "enabled" : false
+      },
+      {
+         "enabled" : false,
+         "key" : "MAC_OVERRIDE",
+         "value" : 32
+      },
+      {
+         "enabled" : false,
+         "key" : "MAC_ADMIN",
+         "value" : 33
+      },
+      {
+         "key" : "NET_ADMIN",
+         "value" : 12,
+         "enabled" : false
+      },
+      {
+         "value" : 27,
+         "key" : "MKNOD",
+         "enabled" : true
+      }
+   ],
+   "networks" : [
+      {
+         "mtu" : 1500,
+         "address" : "127.0.0.1/0",
+         "type" : "loopback",
+         "gateway" : "localhost"
+      },
+      {
+         "mtu" : 1500,
+         "address" : "172.17.42.2/16",
+         "type" : "veth",
+         "context" : {
+            "bridge" : "docker0",
+            "prefix" : "veth"
+         },
+         "gateway" : "172.17.42.1"
       }
    ],
    "namespaces" : [
-      "NEWNS",
-      "NEWUTS",
-      "NEWIPC",
-      "NEWPID",
-      "NEWNET"
+      {
+         "key" : "NEWNS",
+         "value" : 131072,
+         "enabled" : true,
+         "file" : "mnt"
+      },
+      {
+         "key" : "NEWUTS",
+         "value" : 67108864,
+         "enabled" : true,
+         "file" : "uts"
+      },
+      {
+         "enabled" : true,
+         "file" : "ipc",
+         "key" : "NEWIPC",
+         "value" : 134217728
+      },
+      {
+         "file" : "pid",
+         "enabled" : true,
+         "value" : 536870912,
+         "key" : "NEWPID"
+      },
+      {
+         "enabled" : true,
+         "file" : "net",
+         "key" : "NEWNET",
+         "value" : 1073741824
+      }
    ]
 }
 ```

pkg/libcontainer/container.json

@@ -1,50 +1,146 @@
 {
-    "hostname": "koye",
-    "tty": true,
-    "environment": [
-        "HOME=/",
-        "PATH=PATH=$PATH:/bin:/usr/bin:/sbin:/usr/sbin",
-        "container=docker",
-        "TERM=xterm-256color"
-    ],
-    "namespaces": [
-        "NEWIPC",
-        "NEWNS",
-        "NEWPID",
-        "NEWUTS",
-        "NEWNET"
-    ],
-    "capabilities_mask": [
-        "SETPCAP",
-        "SYS_MODULE",
-        "SYS_RAWIO",
-        "SYS_PACCT",
-        "SYS_ADMIN",
-        "SYS_NICE",
-        "SYS_RESOURCE",
-        "SYS_TIME",
-        "SYS_TTY_CONFIG",
-        "MKNOD",
-        "AUDIT_WRITE",
-        "AUDIT_CONTROL",
-        "MAC_OVERRIDE",
-        "MAC_ADMIN",
-        "NET_ADMIN"
-    ],
-    "networks": [{
-            "type": "veth",
-            "context": {
-                "bridge": "docker0",
-                "prefix": "dock"
-            },
-            "address": "172.17.0.100/16",
-            "gateway": "172.17.42.1",
-            "mtu": 1500
-        }
-    ],
-    "cgroups": {
-        "name": "docker-koye",
-        "parent": "docker",
-        "memory": 5248000
-    }
+   "mounts" : [
+      {
+         "type" : "devtmpfs"
+      }
+   ],
+   "tty" : true,
+   "environment" : [
+      "HOME=/",
+      "PATH=PATH=$PATH:/bin:/usr/bin:/sbin:/usr/sbin",
+      "container=docker",
+      "TERM=xterm-256color"
+   ],
+   "hostname" : "koye",
+   "cgroups" : {
+      "parent" : "docker",
+      "name" : "docker-koye"
+   },
+   "capabilities_mask" : [
+      {
+         "value" : 8,
+         "key" : "SETPCAP",
+         "enabled" : false
+      },
+      {
+         "enabled" : false,
+         "value" : 16,
+         "key" : "SYS_MODULE"
+      },
+      {
+         "value" : 17,
+         "key" : "SYS_RAWIO",
+         "enabled" : false
+      },
+      {
+         "key" : "SYS_PACCT",
+         "value" : 20,
+         "enabled" : false
+      },
+      {
+         "value" : 21,
+         "key" : "SYS_ADMIN",
+         "enabled" : false
+      },
+      {
+         "value" : 23,
+         "key" : "SYS_NICE",
+         "enabled" : false
+      },
+      {
+         "value" : 24,
+         "key" : "SYS_RESOURCE",
+         "enabled" : false
+      },
+      {
+         "key" : "SYS_TIME",
+         "value" : 25,
+         "enabled" : false
+      },
+      {
+         "enabled" : false,
+         "value" : 26,
+         "key" : "SYS_TTY_CONFIG"
+      },
+      {
+         "key" : "AUDIT_WRITE",
+         "value" : 29,
+         "enabled" : false
+      },
+      {
+         "value" : 30,
+         "key" : "AUDIT_CONTROL",
+         "enabled" : false
+      },
+      {
+         "enabled" : false,
+         "key" : "MAC_OVERRIDE",
+         "value" : 32
+      },
+      {
+         "enabled" : false,
+         "key" : "MAC_ADMIN",
+         "value" : 33
+      },
+      {
+         "key" : "NET_ADMIN",
+         "value" : 12,
+         "enabled" : false
+      },
+      {
+         "value" : 27,
+         "key" : "MKNOD",
+         "enabled" : true
+      }
+   ],
+   "networks" : [
+      {
+         "mtu" : 1500,
+         "address" : "127.0.0.1/0",
+         "type" : "loopback",
+         "gateway" : "localhost"
+      },
+      {
+         "mtu" : 1500,
+         "address" : "172.17.42.2/16",
+         "type" : "veth",
+         "context" : {
+            "bridge" : "docker0",
+            "prefix" : "veth"
+         },
+         "gateway" : "172.17.42.1"
+      }
+   ],
+   "namespaces" : [
+      {
+         "key" : "NEWNS",
+         "value" : 131072,
+         "enabled" : true,
+         "file" : "mnt"
+      },
+      {
+         "key" : "NEWUTS",
+         "value" : 67108864,
+         "enabled" : true,
+         "file" : "uts"
+      },
+      {
+         "enabled" : true,
+         "file" : "ipc",
+         "key" : "NEWIPC",
+         "value" : 134217728
+      },
+      {
+         "file" : "pid",
+         "enabled" : true,
+         "value" : 536870912,
+         "key" : "NEWPID"
+      },
+      {
+         "enabled" : true,
+         "file" : "net",
+         "key" : "NEWNET",
+         "value" : 1073741824
+      }
+   ]
 }