From 5ab8432e11029c6d04981d2376b2a94437178b9d Mon Sep 17 00:00:00 2001
From: Gao feng <omarapazanadi@gmail.com>
Date: Fri, 11 Sep 2015 20:07:49 +0800
Subject: [PATCH] move the description of user ns mapping and default files to
 proper filea

They should stay in runtime not config.

Signed-off-by: Gao feng <omarapazanadi@gmail.com>
---
 config-linux.md         | 46 --------------------------
 runtime-config-linux.md | 73 +++++++++++++++++++++++++++++++++++++++++
 runtime-config.md       | 25 +-------------
 3 files changed, 74 insertions(+), 70 deletions(-)

diff --git a/config-linux.md b/config-linux.md
index c543c4b9d..7d683994b 100644
--- a/config-linux.md
+++ b/config-linux.md
@@ -15,49 +15,3 @@ Valid values are the strings for capabilities defined in [the man page](http://m
         "CAP_NET_BIND_SERVICE"
     ]
 ```
-
-## User namespace mappings
-
-```json
-    "uidMappings": [
-        {
-            "hostID": 1000,
-            "containerID": 0,
-            "size": 10
-        }
-    ],
-    "gidMappings": [
-        {
-            "hostID": 1000,
-            "containerID": 0,
-            "size": 10
-        }
-    ]
-```
-
-uid/gid mappings describe the user namespace mappings from the host to the container.
-The mappings represent how the bundle `rootfs` expects the user namespace to be setup and the runtime SHOULD NOT modify the permissions on the rootfs to realize the mapping.
-*hostID* is the starting uid/gid on the host to be mapped to *containerID* which is the starting uid/gid in the container and *size* refers to the number of ids to be mapped.
-There is a limit of 5 mappings which is the Linux kernel hard limit.
-
-## Default Devices and File Systems
-
-The Linux ABI includes both syscalls and several special file paths.
-Applications expecting a Linux environment will very likely expect these files paths to be setup correctly.
-
-The following devices and filesystems MUST be made available in each application's filesystem
-
-|     Path     |  Type  |  Notes  |
-| ------------ | ------ | ------- |
-| /proc        | [procfs](https://www.kernel.org/doc/Documentation/filesystems/proc.txt)    | |
-| /sys         | [sysfs](https://www.kernel.org/doc/Documentation/filesystems/sysfs.txt)    | |
-| /dev/null    | [device](http://man7.org/linux/man-pages/man4/null.4.html)                 | |
-| /dev/zero    | [device](http://man7.org/linux/man-pages/man4/zero.4.html)                 | |
-| /dev/full    | [device](http://man7.org/linux/man-pages/man4/full.4.html)                 | |
-| /dev/random  | [device](http://man7.org/linux/man-pages/man4/random.4.html)               | |
-| /dev/urandom | [device](http://man7.org/linux/man-pages/man4/random.4.html)               | |
-| /dev/tty     | [device](http://man7.org/linux/man-pages/man4/tty.4.html)                  | |
-| /dev/console | [device](http://man7.org/linux/man-pages/man4/console.4.html)              | |
-| /dev/pts     | [devpts](https://www.kernel.org/doc/Documentation/filesystems/devpts.txt)  | |
-| /dev/ptmx    | [device](https://www.kernel.org/doc/Documentation/filesystems/devpts.txt)  | Bind-mount or symlink of /dev/pts/ptmx |
-| /dev/shm     | [tmpfs](https://www.kernel.org/doc/Documentation/filesystems/tmpfs.txt)    | |
diff --git a/runtime-config-linux.md b/runtime-config-linux.md
index f6bf82ee3..30519b277 100644
--- a/runtime-config-linux.md
+++ b/runtime-config-linux.md
@@ -45,6 +45,30 @@ container via system level IPC.
 * **user** the container will be able to remap user and group IDs from the host to local users and groups
 within the container.
 
+## User namespace mappings
+
+uid/gid mappings describe the user namespace mappings from the host to the container.
+The mappings represent how the bundle `rootfs` expects the user namespace to be setup and the runtime SHOULD NOT modify the permissions on the rootfs to realize the mapping.
+*hostID* is the starting uid/gid on the host to be mapped to *containerID* which is the starting uid/gid in the container and *size* refers to the number of ids to be mapped.
+There is a limit of 5 mappings which is the Linux kernel hard limit.
+
+```json
+    "uidMappings": [
+        {
+            "hostID": 1000,
+            "containerID": 0,
+            "size": 10
+        }
+    ],
+    "gidMappings": [
+        {
+            "hostID": 1000,
+            "containerID": 0,
+            "size": 10
+        }
+    ]
+```
+
 ## Devices
 
 Devices is an array specifying the list of devices to be created in the container.
@@ -126,6 +150,55 @@ Next parameters can be specified:
     ]
 ```
 
+Note: The following devices MUST be made available in each Linux application's filesystem
+
+|     Path     |  Type  |  Notes  |
+| ------------ | ------ | ------- |
+| /dev/null    | [device](http://man7.org/linux/man-pages/man4/null.4.html)                 | |
+| /dev/zero    | [device](http://man7.org/linux/man-pages/man4/zero.4.html)                 | |
+| /dev/full    | [device](http://man7.org/linux/man-pages/man4/full.4.html)                 | |
+| /dev/random  | [device](http://man7.org/linux/man-pages/man4/random.4.html)               | |
+| /dev/urandom | [device](http://man7.org/linux/man-pages/man4/random.4.html)               | |
+| /dev/tty     | [device](http://man7.org/linux/man-pages/man4/tty.4.html)                  | |
+| /dev/console | [device](http://man7.org/linux/man-pages/man4/console.4.html)              | |
+| /dev/ptmx    | [device](https://www.kernel.org/doc/Documentation/filesystems/devpts.txt)  | Bind-mount or symlink of /dev/pts/ptmx |
+
+## Mounts in Linux
+
+```json
+"mounts": {
+    "proc": {
+        "type": "proc",
+        "source": "proc",
+        "options": []
+    },
+    "dev": {
+        "type": "tmpfs",
+        "source": "tmpfs",
+        "options": ["nosuid","strictatime","mode=755","size=65536k"]
+    },
+    "devpts": {
+        "type": "devpts",
+        "source": "devpts",
+        "options": ["nosuid","noexec","newinstance","ptmxmode=0666","mode=0620","gid=5"]
+    },
+    "data": {
+        "type": "bind",
+        "source": "/volumes/testing",
+        "options": ["rbind","rw"]
+    }
+}
+```
+
+Note: The following filesystems MUST be made available in each Linux application's filesystem
+
+|     Path     |  Type  |
+| ------------ | ------ |
+| /proc        | [procfs](https://www.kernel.org/doc/Documentation/filesystems/proc.txt)   |
+| /sys         | [sysfs](https://www.kernel.org/doc/Documentation/filesystems/sysfs.txt)   |
+| /dev/pts     | [devpts](https://www.kernel.org/doc/Documentation/filesystems/devpts.txt) |
+| /dev/shm     | [tmpfs](https://www.kernel.org/doc/Documentation/filesystems/tmpfs.txt)   |
+
 ## Control groups
 
 Also known as cgroups, they are used to restrict resource usage for a container and handle device access.
diff --git a/runtime-config.md b/runtime-config.md
index de3e82a13..9c489dea1 100644
--- a/runtime-config.md
+++ b/runtime-config.md
@@ -12,30 +12,7 @@ Only [mounts from the portable config](config.md#mount-points) will be mounted.
 
 *Example (Linux)*
 
-```json
-"mounts": {
-    "proc": {
-        "type": "proc",
-        "source": "proc",
-        "options": []
-    },
-    "dev": {
-        "type": "tmpfs",
-        "source": "tmpfs",
-        "options": ["nosuid","strictatime","mode=755","size=65536k"]
-    },
-    "devpts": {
-        "type": "devpts",
-        "source": "devpts",
-        "options": ["nosuid","noexec","newinstance","ptmxmode=0666","mode=0620","gid=5"]
-    },
-    "data": {
-        "type": "bind",
-        "source": "/volumes/testing",
-        "options": ["rbind","rw"]
-    }
-}
-```
+See Mounts [example](runtime-config-linux.md#mounts-in-linux) in Linux
 
 *Example (Windows)*