mir/lxc
2
0
Fork 0
mirror of git://github.com/lxc/lxc synced 2025-09-01 21:39:28 +00:00
Code Issues Releases Wiki Activity

busybox: mount sys:ro

Browse Source 
There's no udev so sys doesn't need to be read-write.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
This commit is contained in:
Christian Brauner
2021-08-17 11:07:38 +02:00
parent 803839b8b9
commit 8829829deb
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
templates/lxc-busybox.in
View File

@@ -234,7 +234,7 @@ lxc.cap.drop = sys_module mac_admin mac_override sys_time
# When using LXC with apparmor, uncomment the next line to run unconfined: # When using LXC with apparmor, uncomment the next line to run unconfined:
#lxc.apparmor.profile = unconfined #lxc.apparmor.profile = unconfined
lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed lxc.mount.auto = cgroup:mixed proc:mixed sys:ro
lxc.mount.entry = shm dev/shm tmpfs defaults,create=dir 0 0 lxc.mount.entry = shm dev/shm tmpfs defaults,create=dir 0 0
lxc.mount.entry = mqueue dev/mqueue mqueue defaults,optional,create=dir 0 0 lxc.mount.entry = mqueue dev/mqueue mqueue defaults,optional,create=dir 0 0
EOF EOF