Skip to content

L
lxc
Unverified Commit d5f9a018 by Christian Brauner
Options

config: start with a full capability set

Signed-off-by: 's avatarChristian Brauner <christian.brauner@ubuntu.com>
parent 13869b20
Showing with 4 additions and 0 deletions
config/templates/userns.conf.in
...@@ -2,5 +2,9 @@ ...@@ -2,5 +2,9 @@
lxc.cgroup.devices.deny = lxc.cgroup.devices.deny =
lxc.cgroup.devices.allow = lxc.cgroup.devices.allow =
# Start with a full set of capabilities in user namespaces.
lxc.cap.drop =
lxc.cap.keep =
# We can't move bind-mounts, so don't use /dev/lxc/ # We can't move bind-mounts, so don't use /dev/lxc/
lxc.devttydir = lxc.devttydir =
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment