On Thu, Jun 23, 2016 at 09:52:02AM +0200, Wolfgang Bumiller wrote:
> Just noticed this one of the two patches is still applied.

I meant *not* applied... sorry :\

> 
> On Mon, Nov 30, 2015 at 08:58:52AM +0100, Wolfgang Bumiller wrote:
> > The profile already contains
> >   mount options=(rw, make-slave) -> **,
> > 
> > Which allows going through all mountpoints with make-slave,
> > so it seems to make sense to also allow the directly
> > recursive variant with "make-rslave".
> > 
> > Signed-off-by: Wolfgang Bumiller <w.bumil...@proxmox.com>
> > Acked-by: Serge E. Hallyn <serge.hal...@ubuntu.com>
> > ---
> >  config/apparmor/abstractions/start-container | 1 +
> >  1 file changed, 1 insertion(+)
> > 
> > diff --git a/config/apparmor/abstractions/start-container 
> > b/config/apparmor/abstractions/start-container
> > index b06a84d..eee0c2f 100644
> > --- a/config/apparmor/abstractions/start-container
> > +++ b/config/apparmor/abstractions/start-container
> > @@ -15,6 +15,7 @@
> >    mount options=bind /dev/pts/ptmx/ -> /dev/ptmx/,
> >    mount options=bind /dev/pts/** -> /dev/**,
> >    mount options=(rw, make-slave) -> **,
> > +  mount options=(rw, make-rslave) -> **,
> >    mount fstype=debugfs,
> >    # allow pre-mount hooks to stage mounts under /var/lib/lxc/<container>/
> >    mount -> /var/lib/lxc/{**,},
> > -- 
> > 2.1.4
> > 
> > 
> > _______________________________________________
> > lxc-devel mailing list
> > lxc-devel@lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-devel
> 
> _______________________________________________
> lxc-devel mailing list
> lxc-devel@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel

_______________________________________________
lxc-devel mailing list
lxc-devel@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-devel

Reply via email to