add domainname spec entity

[cdoern]

add the domainname entity so that container runtimes can add special handling similar to hostname. The current workaround of adding a sysctl for kernel.domainname only works with rootful execution in most cases. This will allow for rootless execution.

container runtimes will be able to add special handling as they do for hostname, using setdomainname to add the entry to /proc/sys/kernel/domainname.

Signed-off-by: Charlie Doern cdoern@redhat.com

[cdoern]

@giuseppe PTAL

[flouthoc]

Nit:

This will allow for rootless execution

I think in commit message following must be extended to specify how a container-runtime should utilize this field, two approach i could think are runtime invokes setdomainname( or the second one is write /proc/sys/kernel/domainname before setting up UTS namespace but is it possible in rootless session ? (Requesting maintainers to confirm)

[giuseppe]

as @flouthoc pointed out, please update the config schema as well

[cdoern]

Nit:

This will allow for rootless execution

I think in commit message following must be extended to specify how a container-runtime should utilize this field, two approach i could think are runtime invokes setdomainname( or the second one is write /proc/sys/kernel/domainname before setting up UTS namespace but is it possible in rootless session ? (Requesting maintainers to confirm)

I think using setdomainname makes the most sense. Currently crun uses sethostname for the hostname.

[AkihiroSuda]

What should happen if the sysctl is also specified but with a different value? Should it fail?

[flouthoc]

@AkihiroSuda Afaik In crun i think sysctl is not allowed at all if OCI spec already has a knob to configure it, for instance i can see for kernel/hostname : https://github.com/containers/crun/blob/main/src/libcrun/linux.c#L3198

[AkihiroSuda]

@opencontainers/runtime-spec-maintainers Can we merge this?