]> git.ipfire.org Git - thirdparty/lxc.git/commitdiff
projects / thirdparty / lxc.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9ab207c)
config: allow read-write /sys in user namespace 2319/head
authorChristian Brauner <christian.brauner@ubuntu.com>
Sun, 13 May 2018 13:02:09 +0000 (15:02 +0200)
committerChristian Brauner <christian.brauner@ubuntu.com>
Tue, 15 May 2018 13:51:58 +0000 (15:51 +0200)
Unprivileged containers can safely mount /sys as read-write. This also allows
systemd-udevd to be started in unprivileged containers.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
config/templates/userns.conf.in patch | blob | blame | history

diff --git a/config/templates/userns.conf.in b/config/templates/userns.conf.in
index 967576b4c83210a0f6601e0f77173931a58f796f..19013da5b3cecb965a7c179dfe1baa56ccbfc8ba 100644 (file)
--- a/config/templates/userns.conf.in
+++ b/config/templates/userns.conf.in
@@ -8,3 +8,6 @@ lxc.cap.keep =
 
 # We can't move bind-mounts, so don't use /dev/lxc/
 lxc.tty.dir =
+
+# Setup the default mounts
+lxc.mount.auto = sys:rw
Mirror of https://github.com/lxc/lxc.git