在runc/libcontainer/configs/namespaces_syscall.go中,定义了linux clone时这些namespace对应的clone flags。...{
"ociVersion": "0.4.0",
"platform": {
"os": "linux",
"arch": "amd64"
},..."source": "devpts",
"options": [
"nosuid",
"noexec...",
"source": "shm",
"options": [
"nosuid",
"noexec..."relatime",
"ro"
]
}
],
"hooks": {},
"linux