From 66bd623a93a3fba0ecd875a145ef9ad2c3ccec66 Mon Sep 17 00:00:00 2001 From: Pim van den Berg Date: Tue, 28 Jun 2016 11:21:04 +0200 Subject: [PATCH] conf/debian-jessie: Prevent access to pci devices See upstream commit: lxc-2.0.0.rc10-9-g4845c17 [Prevent access to pci devices] --- conf/debian-jessie | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/debian-jessie b/conf/debian-jessie index e66b5fe..77a4ef3 100644 --- a/conf/debian-jessie +++ b/conf/debian-jessie @@ -13,7 +13,7 @@ lxc.tty = 4 lxc.pts = 1024 # Default capabilities -lxc.cap.drop = sys_module mac_admin mac_override sys_time +lxc.cap.drop = sys_module mac_admin mac_override sys_time sys_rawio # When using LXC with apparmor, the container will be confined by default. # If you wish for it to instead run unconfined, copy the following line