| { |
| "ociVersion": "1.0.0-rc1", |
| "platform": { |
| "os": "linux", |
| "arch": "all" |
| }, |
| "process": { |
| "terminal": @TERMINAL@, |
| "user": { |
| "uid": @USER_UID@, |
| "gid": @USER_GID@ |
| }, |
| "args": [ |
| "@ARGV@" |
| ], |
| "cwd": "/" |
| }, |
| "root": { |
| "path": "rootfs", |
| "readonly": false |
| }, |
| "hostname": "@APP_NAME@", |
| "mounts": [ |
| { |
| "destination": "/", |
| "type": "squashfs", |
| "source": "@APP_NAME@.squashfs", |
| "options": [ |
| "ro", |
| "loop", |
| "nodev", |
| "nosuid", |
| "dm=@VERITY@" |
| ] |
| }, |
| { |
| "destination": "/proc", |
| "type": "proc", |
| "source": "proc", |
| "options": [ |
| "nosuid", |
| "noexec", |
| "nodev" |
| ] |
| }, |
| { |
| "destination": "/dev", |
| "type": "tmpfs", |
| "source": "tmpfs", |
| "options": [ |
| "mode=755", |
| "nosuid", |
| "noexec" |
| ] |
| } |
| ], |
| "hooks": {}, |
| "linux": { |
| "namespaces": [ |
| { |
| "type": "cgroup" |
| }, |
| { |
| "type": "pid" |
| }, |
| { |
| "type": "network" |
| }, |
| { |
| "type": "ipc" |
| }, |
| { |
| "type": "user" |
| }, |
| { |
| "type": "uts" |
| }, |
| { |
| "type": "mount" |
| } |
| ], |
| "uidMappings": [ |
| { |
| "hostID": @USER_UID@, |
| "containerID": 0, |
| "size": 1 |
| } |
| ], |
| "gidMappings": [ |
| { |
| "hostID": @USER_GID@, |
| "containerID": 0, |
| "size": 1 |
| } |
| ] |
| } |
| } |