Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # /var/lib/lxc/myfirstcontainer/config
- ## Container
- lxc.utsname = myfirstcontainer
- lxc.rootfs = /var/lib/lxc/myfirstcontainer/rootfs
- #lxc.console = /var/log/lxc/myfirstcontainer.console
- lxc.tty = 2
- lxc.pts = 1024
- ## Capabilities
- lxc.cap.drop = mac_admin
- lxc.cap.drop = mac_override
- ## Devices
- # Allow all devices
- #lxc.cgroup.devices.allow = a
- # Deny all devices
- lxc.cgroup.devices.deny = a
- # Allow to mknod all devices (but not using them)
- lxc.cgroup.devices.allow = c *:* m
- lxc.cgroup.devices.allow = b *:* m
- # Consoles
- # /dev/console
- lxc.cgroup.devices.allow = c 5:1 rwm
- # /dev/tty0
- lxc.cgroup.devices.allow = c 4:0 rwm
- # /dev/tty1
- lxc.cgroup.devices.allow = c 4:1 rwm
- # /dev/tty2
- lxc.cgroup.devices.allow = c 4:2 rwm
- # /dev/fuse
- lxc.cgroup.devices.allow = c 10:229 rwm
- # /dev/null
- lxc.cgroup.devices.allow = c 1:3 rwm
- # /dev/ptmx
- lxc.cgroup.devices.allow = c 5:2 rwm
- # /dev/pts/*
- lxc.cgroup.devices.allow = c 136:* rwm
- # /dev/random
- lxc.cgroup.devices.allow = c 1:8 rwm
- # /dev/rtc
- lxc.cgroup.devices.allow = c 254:0 rwm
- # /dev/tty
- lxc.cgroup.devices.allow = c 5:0 rwm
- # /dev/urandom
- lxc.cgroup.devices.allow = c 1:9 rwm
- # /dev/zero
- lxc.cgroup.devices.allow = c 1:5 rwm
- ## Filesystem
- lxc.mount.entry = proc /var/lib/lxc/myfirstcontainer/rootfs/proc proc nodev,noexec,nosuid 0 0
- lxc.mount.entry = sysfs /var/lib/lxc/myfirstcontainer/rootfs/sys sysfs defaults,ro 0 0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement