From 17fda9e31880624afe8b18d64d1698003c25574e Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: Thu, 28 Nov 2024 12:19:12 +0100
Subject: [PATCH] Expand the options available in containers.unit.create

Add the option to specify the SELinux type label and file type label for
the process.
Add the option to specify a tmpfs mount to create into the container.

Signed-off-by: Pierre-Yves Chibon <pingou@pingoured.fr>
---
 .../org.osbuild.containers.unit.create.meta.json  | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/stages/org.osbuild.containers.unit.create.meta.json b/stages/org.osbuild.containers.unit.create.meta.json
index 1cbbfed0..c873e2e7 100644
--- a/stages/org.osbuild.containers.unit.create.meta.json
+++ b/stages/org.osbuild.containers.unit.create.meta.json
@@ -30,6 +30,9 @@
     "    - 'Environment' - [object]",
     "    - 'Network' - string",
     "    - 'WorkingDir' - string",
+    "    - 'SecurityLabelFileType' - string",
+    "    - 'SecurityLabelType' - string",
+    "    - 'Tmpfs' - string",
     "  - 'Volume' section",
     "    - 'VolumeName' - string",
     "    - 'Driver' - string",
@@ -261,6 +264,18 @@
               "WorkingDir": {
                 "description": "Working directory for initial process",
                 "type": "string"
+              },
+              "SecurityLabelFileType": {
+                "description": "SELinux file label to apply",
+                "type": "string"
+              },
+              "SecurityLabelType": {
+                "description": "SELinux label to apply",
+                "type": "string"
+              },
+              "Tmpfs": {
+                "description": "Mount a temporary filesystems at the specified location",
+                "type": "string"
               }
             }
           },