github.com/opencontainers/runtime-tools@v0.9.0/validation/mounts/mounts.go (about) 1 package main 2 3 import ( 4 rspec "github.com/opencontainers/runtime-spec/specs-go" 5 "github.com/opencontainers/runtime-tools/validation/util" 6 ) 7 8 func main() { 9 defaultOptions := []string{ 10 "nosuid", 11 "strictatime", 12 "mode=755", 13 "size=1k", 14 } 15 16 // Different combinations of mount types, mount options, mount propagation modes 17 mounts := []rspec.Mount{ 18 { 19 Destination: "/tmp/test-shared", 20 Type: "tmpfs", 21 Source: "tmpfs", 22 Options: []string{"shared"}, 23 }, 24 { 25 Destination: "/tmp/test-slave", 26 Type: "tmpfs", 27 Source: "tmpfs", 28 Options: []string{"slave"}, 29 }, 30 { 31 Destination: "/tmp/test-private", 32 Type: "tmpfs", 33 Source: "tmpfs", 34 Options: []string{"private"}, 35 }, 36 { 37 Destination: "/mnt/etc-shared", 38 Source: "/etc", 39 Options: []string{"bind", "shared"}, 40 }, 41 { 42 Destination: "/mnt/etc-rshared", 43 Source: "/etc", 44 Options: []string{"rbind", "rshared"}, 45 }, 46 { 47 Destination: "/mnt/etc-slave", 48 Source: "/etc", 49 Options: []string{"bind", "slave"}, 50 }, 51 { 52 Destination: "/mnt/etc-rslave", 53 Source: "/etc", 54 Options: []string{"rbind", "rslave"}, 55 }, 56 { 57 Destination: "/mnt/etc-private", 58 Source: "/etc", 59 Options: []string{"bind", "private"}, 60 }, 61 { 62 Destination: "/mnt/etc-rprivate", 63 Source: "/etc", 64 Options: []string{"rbind", "rprivate"}, 65 }, 66 { 67 Destination: "/mnt/etc-unbindable", 68 Source: "/etc", 69 Options: []string{"bind", "unbindable"}, 70 }, 71 { 72 Destination: "/mnt/etc-runbindable", 73 Source: "/etc", 74 Options: []string{"rbind", "runbindable"}, 75 }, 76 } 77 78 g, err := util.GetDefaultGenerator() 79 if err != nil { 80 util.Fatal(err) 81 } 82 83 for _, m := range mounts { 84 m.Options = append(defaultOptions, m.Options...) 85 86 g.AddMount(m) 87 } 88 err = util.RuntimeInsideValidate(g, nil, nil) 89 if err != nil { 90 util.Fatal(err) 91 } 92 }