Unprivileged's incompatibility with type=none docs

Unprivileged containers are not compatible with sharing the host namespace due to an inability to mount sysfs. Add docs in lxc.container.conf to document that out. Refs #2463 Signed-off-by: Alexandros Kosiaris <akosiaris@gmail.com>

Unprivileged's incompatibility with type=none docs
84a00bd6 · Alexandros Kosiaris · Christian Brauner · a32e2752 · 84a00bd6
Unverified Commit 84a00bd6 authored Jul 30, 2018 by Alexandros Kosiaris Committed by Christian Brauner Jul 31, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 1 deletion

lxc.container.conf.sgml.in doc/lxc.container.conf.sgml.in +3 -1

No files found.
--- a/doc/lxc.container.conf.sgml.in
+++ b/doc/lxc.container.conf.sgml.in
@@ -430,7 +430,9 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
              network devices are usable in the container.  It also
              means that if both the container and host have upstart as
              init, 'halt' in a container (for instance) will shut down the
-              host.
+              host. Note that unprivileged containers do not work with this
+	      setting due to an inability to mount sysfs. An unsafe workaround
+	      would be to bind mount the host's sysfs.
            </para>

            <para>