glenux/vagrant-lxc-ng
glenux/vagrant-lxc-ng
1
0
Fork 0
Code Issues 4 Pull requests Projects 1 Releases Packages Wiki Activity

Copy default lxc.cgroup.devices.allow from ubuntu template

Browse source
This commit is contained in:
Laurent Vallar 2013-05-03 14:33:50 +02:00 committed by Fabio Rehm
parent 32ff855968
commit f141443564
1 changed files with 13 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
boxes/debian/lxc-template
View file

@ -151,7 +151,6 @@ copy_configuration()
path=$1 path=$1
rootfs=$2 rootfs=$2
name=$3 name=$3
arch=$4
grep -q "^lxc.rootfs" $path/config 2>/dev/null || echo "lxc.rootfs = $rootfs" >> $path/config grep -q "^lxc.rootfs" $path/config 2>/dev/null || echo "lxc.rootfs = $rootfs" >> $path/config
cat <<EOF >> $path/config cat <<EOF >> $path/config
@ -163,6 +162,9 @@ lxc.utsname = ${name}
#lxc.aa_profile = unconfined #lxc.aa_profile = unconfined
lxc.cgroup.devices.deny = a lxc.cgroup.devices.deny = a
# Allow any mknod (but not using the node)
lxc.cgroup.devices.allow = c *:* m
lxc.cgroup.devices.allow = b *:* m
# /dev/null and zero # /dev/null and zero
lxc.cgroup.devices.allow = c 1:3 rwm lxc.cgroup.devices.allow = c 1:3 rwm
lxc.cgroup.devices.allow = c 1:5 rwm lxc.cgroup.devices.allow = c 1:5 rwm
@ -178,6 +180,16 @@ lxc.cgroup.devices.allow = c 136:* rwm
lxc.cgroup.devices.allow = c 5:2 rwm lxc.cgroup.devices.allow = c 5:2 rwm
# rtc # rtc
lxc.cgroup.devices.allow = c 254:0 rwm lxc.cgroup.devices.allow = c 254:0 rwm
#fuse
lxc.cgroup.devices.allow = c 10:229 rwm
#tun
lxc.cgroup.devices.allow = c 10:200 rwm
#full
lxc.cgroup.devices.allow = c 1:7 rwm
#hpet
lxc.cgroup.devices.allow = c 10:228 rwm
#kvm
lxc.cgroup.devices.allow = c 10:232 rwm
# mounts point # mounts point
lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0 lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0