Add base lxc config file
This commit is contained in:
parent
ba7bc580f5
commit
663ff1fc0d
1 changed files with 46 additions and 0 deletions
46
boxes/common/lxc.conf
Normal file
46
boxes/common/lxc.conf
Normal file
|
@ -0,0 +1,46 @@
|
||||||
|
lxc.network.type=veth
|
||||||
|
lxc.network.hwaddr = 00:16:3e:7f:04:b2
|
||||||
|
lxc.network.link=lxcbr0
|
||||||
|
lxc.network.flags=up
|
||||||
|
|
||||||
|
lxc.pivotdir = lxc_putold
|
||||||
|
|
||||||
|
lxc.devttydir = lxc
|
||||||
|
lxc.tty = 4
|
||||||
|
lxc.pts = 1024
|
||||||
|
|
||||||
|
lxc.arch = amd64
|
||||||
|
lxc.cap.drop = sys_module mac_admin mac_override
|
||||||
|
|
||||||
|
# When using LXC with apparmor, uncomment the next line to run unconfined:
|
||||||
|
#lxc.aa_profile = unconfined
|
||||||
|
|
||||||
|
lxc.cgroup.devices.deny = a
|
||||||
|
# Allow any mknod (but not using the node)
|
||||||
|
lxc.cgroup.devices.allow = c *:* m
|
||||||
|
lxc.cgroup.devices.allow = b *:* m
|
||||||
|
# /dev/null and zero
|
||||||
|
lxc.cgroup.devices.allow = c 1:3 rwm
|
||||||
|
lxc.cgroup.devices.allow = c 1:5 rwm
|
||||||
|
# consoles
|
||||||
|
lxc.cgroup.devices.allow = c 5:1 rwm
|
||||||
|
lxc.cgroup.devices.allow = c 5:0 rwm
|
||||||
|
#lxc.cgroup.devices.allow = c 4:0 rwm
|
||||||
|
#lxc.cgroup.devices.allow = c 4:1 rwm
|
||||||
|
# /dev/{,u}random
|
||||||
|
lxc.cgroup.devices.allow = c 1:9 rwm
|
||||||
|
lxc.cgroup.devices.allow = c 1:8 rwm
|
||||||
|
lxc.cgroup.devices.allow = c 136:* rwm
|
||||||
|
lxc.cgroup.devices.allow = c 5:2 rwm
|
||||||
|
# rtc
|
||||||
|
lxc.cgroup.devices.allow = c 254:0 rwm
|
||||||
|
#fuse
|
||||||
|
lxc.cgroup.devices.allow = c 10:229 rwm
|
||||||
|
#tun
|
||||||
|
lxc.cgroup.devices.allow = c 10:200 rwm
|
||||||
|
#full
|
||||||
|
lxc.cgroup.devices.allow = c 1:7 rwm
|
||||||
|
#hpet
|
||||||
|
lxc.cgroup.devices.allow = c 10:228 rwm
|
||||||
|
#kvm
|
||||||
|
lxc.cgroup.devices.allow = c 10:232 rwm
|
Loading…
Reference in a new issue