Drop linux.devices

Copying devices from the runtime host isn't particularly portable, and
it's easy to mount any device nodes you need from the bundle itself
(just like we'd mount any other files needed by the container).

Signed-off-by: W. Trevor King <wking@tremily.us>

Author: wking

config-linux.md

@@ -55,21 +55,13 @@ within the container.
 
 ### Access to devices
 
-Devices is an array specifying the list of devices from the host to make available in the container.
-By providing a device name within the list the runtime should look up the same device on the host's `/dev`
-and collect information about the device node so that it can be recreated for the container.  The runtime
-should not only create the device inside the container but ensure that the root user inside 
-the container has access rights for the device.
+Devices required by the application should be supplied via the bundle filesystems and mounted via [mounts][].
+Bundle authors can create these files using [`mknod`][] or by copying nodes from their local host.
+For example:
 
-```json
-   "devices": [
-        "null",
-        "random",
-        "full",
-        "tty",
-        "zero",
-        "urandom"
-    ]
+```shell
+$ mknod --mode a=rw rootfs/dev/random c 1 8
+$ cp --archive /dev/tty rootfs/dev/tty
 ```
 
 ## Linux control groups
@@ -150,3 +142,5 @@ rootfsPropagation sets the rootfs's mount propagation. Its value is either slave
 
 **TODO:** security profiles
 
+[mounts]: config.md#mount-configuration
+[mknod]: http://linux.die.net/man/1/mknod

spec_linux.go

@@ -26,8 +26,6 @@ type Linux struct {
 	Namespaces []Namespace `json:"namespaces"`
 	// Capabilities are Linux capabilities that are kept for the container
 	Capabilities []string `json:"capabilities"`
-	// Devices are a list of device nodes that are created and enabled for the container
-	Devices []string `json:"devices"`
 	// RootfsPropagation is the rootfs mount propagation mode for the container
 	RootfsPropagation string `json:"rootfsPropagation"`
 }