[lxc-devel] [PATCH] lxc-busybox: remove unnecessary bind-mount
Bogdan Purcareata
bogdan.purcareata at freescale.com
Fri Dec 6 10:11:29 UTC 2013
Since the line immediately following will mount the entire
/sys read-only, hence /sys/kernel/security too.
Also, when installing the container template on systems with
no securityfs support, starting the container will fail.
Signed-off-by: Bogdan Purcareata <bogdan.purcareata at freescale.com>
---
templates/lxc-busybox.in | 1 -
1 file changed, 1 deletion(-)
diff --git a/templates/lxc-busybox.in b/templates/lxc-busybox.in
index 23d654e..906dc5d 100644
--- a/templates/lxc-busybox.in
+++ b/templates/lxc-busybox.in
@@ -296,7 +296,6 @@ EOF
echo "lxc.mount.entry = /$dir $dir none ro,bind 0 0" >> $path/config
fi
done
- echo "lxc.mount.entry = /sys/kernel/security sys/kernel/security none ro,bind 0 0" >>$path/config
echo "lxc.mount.auto = proc:mixed sys" >>$path/config
}
--
1.7.11.7
More information about the lxc-devel
mailing list