[lxc-devel] [PATCH] lxc-alpine: allow /dev/full
Natanael Copa
ncopa at alpinelinux.org
Tue Oct 22 11:23:31 UTC 2013
The template creates /dev/full for the container but needs also give
permission to access it.
Signed-off-by: Natanael Copa <ncopa at alpinelinux.org>
---
templates/lxc-alpine.in | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/templates/lxc-alpine.in b/templates/lxc-alpine.in
index 5fdf36f..8600a34 100644
--- a/templates/lxc-alpine.in
+++ b/templates/lxc-alpine.in
@@ -197,9 +197,10 @@ lxc.cap.drop = sys_module mac_admin mac_override sys_time
# devices
lxc.cgroup.devices.deny = a
-# /dev/null and zero
+# /dev/null, zero and full
lxc.cgroup.devices.allow = c 1:3 rwm
lxc.cgroup.devices.allow = c 1:5 rwm
+lxc.cgroup.devices.allow = c 1:7 rwm
# consoles
lxc.cgroup.devices.allow = c 5:1 rwm
lxc.cgroup.devices.allow = c 5:0 rwm
--
1.8.4.1
More information about the lxc-devel
mailing list