[lxc-devel] [PATCH] add comments about running unconfined or nesting containers back to ubuntu.common.conf

Stéphane Graber stgraber at ubuntu.com
Mon Dec 9 20:10:15 UTC 2013 

On Sat, Dec 07, 2013 at 06:04:10PM -0500, S.Çağlar Onur wrote:
> Signed-off-by: S.Çağlar Onur <caglar at 10ur.org>

I'll reword the comment a bit to let them know to copy/paste the comment
to the container's config instead of changing it in the common file
which would get overwritten on upgrade and would also affect all
containers.

Acked-by: Stéphane Graber <stgraber at ubuntu.com>

> ---
>  config/templates/ubuntu.common.conf.in | 7 +++++++
>  1 file changed, 7 insertions(+)
> 
> diff --git a/config/templates/ubuntu.common.conf.in b/config/templates/ubuntu.common.conf.in
> index 8c61033..1195175 100644
> --- a/config/templates/ubuntu.common.conf.in
> +++ b/config/templates/ubuntu.common.conf.in
> @@ -17,6 +17,13 @@ lxc.pts = 1024
>  # Default capabilities
>  lxc.cap.drop = sys_module mac_admin mac_override sys_time
>  
> +# When using LXC with apparmor, uncomment the next line to run unconfined:
> +#lxc.aa_profile = unconfined
> +
> +# To support container nesting on an Ubuntu host, uncomment next two lines:
> +#lxc.aa_profile = lxc-container-default-with-nesting
> +#lxc.hook.mount = /usr/share/lxc/hooks/mountcgroups
> +
>  # Default cgroup limits
>  lxc.cgroup.devices.deny = a
>  ## Allow any mknod (but not using the node)
> -- 
> 1.8.3.2
> 
> 
> ------------------------------------------------------------------------------
> Sponsored by Intel(R) XDK 
> Develop, test and display web and hybrid apps with a single code base.
> Download it for free now!
> http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel

-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20131209/c0b49b2a/attachment.pgp>

More information about the lxc-devel mailing list