soma/idl/soma_container_spec.proto - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright 2015 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 syntax = "proto2";
 option optimize_for = LITE_RUNTIME;

 package soma;

 message ContainerSpec {
   // ------------- Submessage types ----------------------------------------- //
   // NB: When adding a value here, add it to namespace.h as well.
   enum Namespace {
     NEWIPC = 0;
     NEWNET = 1;
     NEWNS = 2;
     NEWPID = 3;
     NEWUSER = 4;
     NEWUTS = 5;
   }

   message PortSpec {
     optional bool allow_all = 1 [default = false];
     repeated uint32 ports = 2;
   }

   message DevicePathFilter {
     optional string filter = 1;
   }

   message DeviceNodeFilter {
     optional int32 major = 1;  // May be set to -1 to indicate wildcard.
     optional int32 minor = 2;  // May be set to -1 to indicate wildcard.
   }

   // ------------- (Mostly) Required fields --------------------------------- //
   // Absolute path to the service's service bundle filesystem overlay.
   optional string service_bundle_path = 1;

   // UID as which to run the service.
   optional uint32 uid = 2;

   // GID as which to run the service.
   optional uint32 gid = 3;

   // Command line to run: /path/to/executable [ARGS...]
   repeated string command_line = 4;

   // List of fully-qualified names of services that should be registered
   // from inside this container.
   repeated string service_names = 11;

   // ------------- Optional fields ------------------------------------------ //
   optional string working_directory = 5;

   // Namespaces to unshare for the service.
   repeated Namespace namespaces = 6;

   // TCP ports allowed for listening.
   optional PortSpec tcp_listen_ports = 7;

   // UDP ports allowed for listening.
   optional PortSpec udp_listen_ports = 8;

   // Path-based filters indicating which device nodes should be visible.
   repeated DevicePathFilter device_path_filters = 9;

   // mknod-number-based filters indicating which device nodes should be visible.
   repeated DeviceNodeFilter device_node_filters = 10;
 }
	// Copyright 2015 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.
	syntax = "proto2";
	option optimize_for = LITE_RUNTIME;

	package soma;

	message ContainerSpec {
	// ------------- Submessage types ----------------------------------------- //
	// NB: When adding a value here, add it to namespace.h as well.
	enum Namespace {
	NEWIPC = 0;
	NEWNET = 1;
	NEWNS = 2;
	NEWPID = 3;
	NEWUSER = 4;
	NEWUTS = 5;
	}

	message PortSpec {
	optional bool allow_all = 1 [default = false];
	repeated uint32 ports = 2;
	}

	message DevicePathFilter {
	optional string filter = 1;
	}

	message DeviceNodeFilter {
	optional int32 major = 1; // May be set to -1 to indicate wildcard.
	optional int32 minor = 2; // May be set to -1 to indicate wildcard.
	}

	// ------------- (Mostly) Required fields --------------------------------- //
	// Absolute path to the service's service bundle filesystem overlay.
	optional string service_bundle_path = 1;

	// UID as which to run the service.
	optional uint32 uid = 2;

	// GID as which to run the service.
	optional uint32 gid = 3;

	// Command line to run: /path/to/executable [ARGS...]
	repeated string command_line = 4;

	// List of fully-qualified names of services that should be registered
	// from inside this container.
	repeated string service_names = 11;

	// ------------- Optional fields ------------------------------------------ //
	optional string working_directory = 5;

	// Namespaces to unshare for the service.
	repeated Namespace namespaces = 6;

	// TCP ports allowed for listening.
	optional PortSpec tcp_listen_ports = 7;

	// UDP ports allowed for listening.
	optional PortSpec udp_listen_ports = 8;

	// Path-based filters indicating which device nodes should be visible.
	repeated DevicePathFilter device_path_filters = 9;

	// mknod-number-based filters indicating which device nodes should be visible.
	repeated DeviceNodeFilter device_node_filters = 10;
	}