Expand the options available in containers.unit.create

Add the option to specify the SELinux type label and file type label for the process. Add the option to specify a tmpfs mount to create into the container. Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
2024-11-28 12:19:12 +01:00 · 2024-11-28 12:19:12 +01:00 · 17fda9e318
commit 17fda9e318
parent 9b66ad8123
1 changed files with 15 additions and 0 deletions
--- a/stages/org.osbuild.containers.unit.create.meta.json
+++ b/stages/org.osbuild.containers.unit.create.meta.json
@ -30,6 +30,9 @@
    "    - 'Environment' - [object]",
    "    - 'Network' - string",
    "    - 'WorkingDir' - string",
+    "    - 'SecurityLabelFileType' - string",
+    "    - 'SecurityLabelType' - string",
+    "    - 'Tmpfs' - string",
    "  - 'Volume' section",
    "    - 'VolumeName' - string",
    "    - 'Driver' - string",
@ -261,6 +264,18 @@
              "WorkingDir": {
                "description": "Working directory for initial process",
                "type": "string"
+              },
+              "SecurityLabelFileType": {
+                "description": "SELinux file label to apply",
+                "type": "string"
+              },
+              "SecurityLabelType": {
+                "description": "SELinux label to apply",
+                "type": "string"
+              },
+              "Tmpfs": {
+                "description": "Mount a temporary filesystems at the specified location",
+                "type": "string"
              }
            }
          },