On Mon, Feb 21, 2011 at 1:52 AM, Daniel Lezcano <[email protected]> wrote: > On 02/21/2011 10:42 AM, Daniel Farina wrote: > Yep, as Serge mentioned, you can read-only bind mount in your container's > rootfs the system binary/library directories. > > eg. > > ... > lxc.rootfs = $rootfs > lxc.mount.entry=/lib $rootfs/lib none ro,bind 0 0 > lxc.mount.entry=/bin $rootfs/bin none ro,bind 0 0 > lxc.mount.entry=/usr /$rootfs/usr none ro,bind 0 0 > lxc.mount.entry=/sbin $rootfs/sbin none ro,bind 0 0 > ... > > There is no variable substitution here, it is an example. You should replace > $rootfs by an absolute path.
Most excellent; thank you both for your help. Hopefully other people find confirmation of this detail in the archives :) -- fdr ------------------------------------------------------------------------------ The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE: Pinpoint memory and threading errors before they happen. Find and fix more than 250 security defects in the development cycle. Locate bottlenecks in serial and parallel code that limit performance. http://p.sf.net/sfu/intel-dev2devfeb _______________________________________________ Lxc-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/lxc-users
