Not sure which bits you are looking for an explanation for. There is lxc.conf(5), the Documentation/cgroups/ directory in the linux kernel (https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/Documentation/cgroups?id=refs/tags/v3.13-rc8) and a bit in https://help.ubuntu.com/13.04/serverguide/lxc.html
-serge Quoting Jeremiah Snapp ([email protected]): > Thanks again. Is there a good place to look for an explanation of the > settings you gave me before? > > lxc.cgroup.devices.allow = c 10:236 rwm > lxc.cgroup.devices.allow = b 252:* rwm > > > On Thu, Jan 16, 2014 at 2:02 PM, Serge Hallyn <[email protected]>wrote: > > > Quoting Jeremiah Snapp ([email protected]): > > > Thanks Serge! I actually just found out in IRC that further in my > > config I > > > was denying access. Once I allowed access it works fine. > > > > > > Yours is the second warning I've received about using LVM in a container. > > > I don't know the details of the concern but can you tell me if it would > > > require human error to cause problems? > > > > Well human error would help :) But also allowing the container to have > > all the privileges it needs to do lvm+mounting means that anything in > > the continer could mess with the host. > > > > > I'm not using this in production by > > > the way. These are throw away test containers. > > > > If it's also a throw away test host, then there's nothing to worry > > about. > > > > > The app installed inside > > > requires an LVM volume. > > > > Nothing *should* go wrong :) It's just that by having access to the > > host disk devices, any malware/bugs in the container can easily hose > > your host, replace your /sbin/init, etc. > > > > -serge > > _______________________________________________ > > lxc-users mailing list > > [email protected] > > http://lists.linuxcontainers.org/listinfo/lxc-users > > > _______________________________________________ > lxc-users mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-users _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
