[lxc-devel] [PATCH] Update lxc-archlinux template.

Serge Hallyn serge.hallyn at canonical.com
Thu Feb 7 20:43:48 UTC 2013


Quoting Alexander Vladimirov (alexander.idkfa.vladimirov at gmail.com):
> Add mknod to lxc.cap.drop since udev is conditioned on CAP_MKNOD capability.
> Update base package list.

Hm, if there is another way to tell it to not start udev, I'd go with
that, but in any case

Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>

> 
> Signed-off-by: Alexander Vladimirov <alexander.idkfa.vladimirov at gmail.com>
> ---
>  templates/lxc-archlinux.in | 6 ++----
>  1 file changed, 2 insertions(+), 4 deletions(-)
> 
> diff --git a/templates/lxc-archlinux.in b/templates/lxc-archlinux.in
> index 546369b..a542366 100644
> --- a/templates/lxc-archlinux.in
> +++ b/templates/lxc-archlinux.in
> @@ -39,12 +39,11 @@ base_packages=(
>      "systemd-sysvcompat"
>      "filesystem"
>      "coreutils"
> -    "module-init-tools"
> +    "kmod"
>      "procps"
>      "psmisc"
>      "pacman"
>      "bash"
> -    "syslog-ng"
>      "cronie"
>      "iproute2"
>      "iputils"
> @@ -57,7 +56,6 @@ base_packages=(
>      "gawk"
>      "sed"
>      "tar"
> -    "wget"
>      "gzip"
>      "which"
>  )
> @@ -129,7 +127,7 @@ lxc.tty=1
>  lxc.pts=1024
>  lxc.rootfs=${rootfs_path}
>  lxc.mount=${config_path}/fstab
> -lxc.cap.drop = sys_module mac_admin mac_override
> +lxc.cap.drop = mknod sys_module mac_admin mac_override
>  #networking
>  lxc.network.type=${lxc_network_type}
>  lxc.network.link=${lxc_network_link}
> -- 
> 1.8.1.2
> 
> 
> ------------------------------------------------------------------------------
> Free Next-Gen Firewall Hardware Offer
> Buy your Sophos next-gen firewall before the end March 2013 
> and get the hardware for free! Learn more.
> http://p.sf.net/sfu/sophos-d2d-feb
> _______________________________________________
> Lxc-devel mailing list
> Lxc-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-devel




More information about the lxc-devel mailing list