github.com/pf-qiu/concourse/v6@v6.7.3-0.20201207032516-1f455d73275f/worker/runtime/spec/mounts.go (about) 1 package spec 2 3 import "github.com/opencontainers/runtime-spec/specs-go" 4 5 const DefaultInitBinPath = "/usr/local/concourse/bin/init" 6 7 var ( 8 DefaultContainerMounts = []specs.Mount{ 9 { 10 Destination: "/proc", 11 Type: "proc", 12 Source: "proc", 13 Options: []string{"nosuid", "noexec", "nodev"}, 14 }, 15 { 16 Destination: "/dev", 17 Type: "tmpfs", 18 Source: "tmpfs", 19 Options: []string{"nosuid", "strictatime", "mode=755", "size=65536k"}, 20 }, 21 { 22 Destination: "/dev/pts", 23 Type: "devpts", 24 Source: "devpts", 25 Options: []string{"nosuid", "noexec", "newinstance", "ptmxmode=0666", "mode=0620", "gid=5"}, 26 }, 27 { 28 Destination: "/dev/shm", 29 Type: "tmpfs", 30 Source: "shm", 31 Options: []string{"nosuid", "noexec", "nodev", "mode=1777", "size=65536k"}, 32 }, 33 { 34 Destination: "/dev/mqueue", 35 Type: "mqueue", 36 Source: "mqueue", 37 Options: []string{"nosuid", "noexec", "nodev"}, 38 }, 39 { 40 Destination: "/sys", 41 Type: "sysfs", 42 Source: "sysfs", 43 Options: []string{"nosuid", "noexec", "nodev", "ro"}, 44 }, 45 { 46 Destination: "/sys/fs/cgroup", 47 Type: "cgroup", 48 Source: "cgroup", 49 Options: []string{"ro", "nosuid", "noexec", "nodev"}, 50 }, 51 { 52 Destination: "/run", 53 Type: "tmpfs", 54 Source: "tmpfs", 55 Options: []string{"nosuid", "strictatime", "mode=755", "size=65536k"}, 56 }, 57 } 58 ) 59 60 func AnyContainerMounts(initBinPath string) []specs.Mount { 61 return append( 62 []specs.Mount{ 63 { 64 Source: initBinPath, 65 Destination: "/tmp/gdn-init", 66 Type: "bind", 67 Options: []string{"bind"}, 68 }, 69 }, 70 DefaultContainerMounts..., 71 ) 72 }