[lxc-devel] LXC in the context of a grsecurity enabled kernel
Andrian Nord
nightnord at gmail.com
Sat Jan 16 07:08:13 UTC 2010
> So to put the question another way: is it recommended to use LXC
> with a grsec kernel? If so what are the guide-lines? (What should not
> be enabled?)
Enable sysctl interface and try to shutdown /proc/sys/kernel/grsecurity/chroot_*
restrictions one by one, while trying lxc-start, until it will success.
At least, you should not use chroot-capabilities restrictions and some
others, I'm not sure - I was using grsec only with openvz.
More information about the lxc-devel
mailing list