]> git.ipfire.org Git - thirdparty/lxc.git/commit
projects / thirdparty / lxc.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 18d8dd1) | patch
Enable seccomp by default for unprivileged users.
authorSerge Hallyn <serge.hallyn@ubuntu.com>
Fri, 19 Dec 2014 18:23:52 +0000 (18:23 +0000)
committerStéphane Graber <stgraber@ubuntu.com>
Fri, 19 Dec 2014 18:50:45 +0000 (13:50 -0500)
commit5cb9ed613b2b3d8f3d0f1c0c4e41a74bb98fa5b1
tree294bbb1624629bf3b814abfef7b16ca5996bfb0dtree
parent18d8dd1e72354a806452df0779f132c2c069d94bcommit | diff
Enable seccomp by default for unprivileged users.

In contrast to what the comment above the line disabling it said,
it seems to work just fine.  It also is needed on current kernels
(until Eric's patch hits upstream) to prevent unprivileged containers
from hosing fuse filesystems they inherit.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
Acked-by: Stéphane Graber <stgraber@ubuntu.com>
config/templates/centos.userns.conf.in diff | blob | blame | history
config/templates/debian.userns.conf.in diff | blob | blame | history
config/templates/fedora.userns.conf.in diff | blob | blame | history
config/templates/gentoo.userns.conf.in diff | blob | blame | history
config/templates/oracle.userns.conf.in diff | blob | blame | history
config/templates/plamo.userns.conf.in diff | blob | blame | history
config/templates/ubuntu.userns.conf.in diff | blob | blame | history
Mirror of https://github.com/lxc/lxc.git