conf/debian-jessie: Prevent access to pci devices
See upstream commit: lxc-2.0.0.rc10-9-g4845c17 [Prevent access to pci devices]
This commit is contained in:
Pim van den Berg
Michael Adam
parent
8fb6c1cee4
commit
66bd623a93
1 changed files with 1 additions and 1 deletions
|
|
@ -13,7 +13,7 @@ lxc.tty = 4
|
|||
lxc.pts = 1024
|
||||
|
||||
# Default capabilities
|
||||
lxc.cap.drop = sys_module mac_admin mac_override sys_time
|
||||
lxc.cap.drop = sys_module mac_admin mac_override sys_time sys_rawio
|
||||
|
||||
# When using LXC with apparmor, the container will be confined by default.
|
||||
# If you wish for it to instead run unconfined, copy the following line
|
||||
|
|
|
|||
Loading…
Reference in a new issue