On Mon, Dec 09, 2013 at 02:51:50PM -0600, Serge Hallyn wrote: > Quoting Stéphane Graber ([email protected]): > > On Mon, Dec 09, 2013 at 02:19:05PM -0600, Serge Hallyn wrote: > > > Signed-off-by: Serge Hallyn <[email protected]> > > > > Hmm, doesn't that duplicate the section on nesting? > > Oh, feh. So it does. V2: > > From 34c19f26bb61ef11346b06b0094331b027a0e0c3 Mon Sep 17 00:00:00 2001 > From: Serge Hallyn <[email protected]> > Date: Mon, 9 Dec 2013 14:18:19 -0600 > Subject: [PATCH 1/1] ubuntu container configs: Add comments about other > apparmor profiles > > Signed-off-by: Serge Hallyn <[email protected]>
Acked-by: Stéphane Graber <[email protected]> > --- > config/templates/ubuntu.common.conf.in | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/config/templates/ubuntu.common.conf.in > b/config/templates/ubuntu.common.conf.in > index ef4e818..0575321 100644 > --- a/config/templates/ubuntu.common.conf.in > +++ b/config/templates/ubuntu.common.conf.in > @@ -27,6 +27,11 @@ lxc.cap.drop = sys_module mac_admin mac_override sys_time > #lxc.aa_profile = lxc-container-default-with-nesting > #lxc.hook.mount = /usr/share/lxc/hooks/mountcgroups > > +# If you wish to allow mounting block filesystems, then use the following > +# line instead, and make sure to grant access to the block device and/or loop > +# devices below in lxc.cgroup.devices.allow. > +#lxc.aa_profile = lxc-container-default-with-mounting > + > # Default cgroup limits > lxc.cgroup.devices.deny = a > ## Allow any mknod (but not using the node) > @@ -56,3 +61,6 @@ lxc.cgroup.devices.allow = c 1:7 rwm > lxc.cgroup.devices.allow = c 10:228 rwm > ## kvm > lxc.cgroup.devices.allow = c 10:232 rwm > +## To use loop devices, copy the following line to the container's > +## configuration file (uncommented). > +#lxc.cgroup.devices.allow = b 7:* rwm > -- > 1.8.5.1 > > _______________________________________________ > lxc-devel mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-devel -- Stéphane Graber Ubuntu developer http://www.ubuntu.com
signature.asc
Description: Digital signature
_______________________________________________ lxc-devel mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-devel
