[lxc-devel] [PATCH v2] Remove a comment part from a config value

Michael H. Warfield mhw at WittsEnd.com
Fri Aug 29 01:17:52 UTC 2014 

On Fri, 2014-08-29 at 09:27 +0900, KATOH Yasufumi wrote:
> >>> On Thu, 28 Aug 2014 14:52:21 -0400
>     in message   "Re: [lxc-devel] [PATCH v2] Remove a comment part from a config value"
>                   Michael H. Warfield-san wrote:
> 
> > ???
> 
> > Just checked centos.common.conf, oracle.common.conf and
> > fedora.common.conf.  I don't see them.  I do see lines like this:
> 
> > # lxc.cap.drop = net_raw          # breaks dhcp/ping
> > # lxc.cap.drop = setgid           # breaks login (initgroups/setgroups)
> > # lxc.cap.drop = dac_read_search  # breaks login (pam unix_chkpwd)
> > # lxc.cap.drop = setuid           # breaks sshd,nfs statd
> > # lxc.cap.drop = audit_control    # breaks sshd (set_loginuid failed)
> 
> On stable-1.0, centos.common.conf and oracle.common.conf have:
> 
> lxc.cgroup.devices.allow = c 1:3 rwm	# /dev/null
> lxc.cgroup.devices.allow = c 1:5 rwm	# /dev/zero
> lxc.cgroup.devices.allow = c 1:7 rwm	# /dev/full
> lxc.cgroup.devices.allow = c 5:0 rwm	# /dev/tty
> lxc.cgroup.devices.allow = c 1:8 rwm	# /dev/random
> lxc.cgroup.devices.allow = c 1:9 rwm	# /dev/urandom
> lxc.cgroup.devices.allow = c 136:* rwm	# /dev/tty[1-4] ptys and lxc console
> lxc.cgroup.devices.allow = c 5:2 rwm	# /dev/ptmx pty master

Oh.  You said master branch.  That's where I was working.  I didn't look
in the stable-1.0 branch.  My oversight.

Stephane has already remarked that we need to clean those out.

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 978-7061 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 465 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20140828/e9451dfd/attachment-0001.sig>

More information about the lxc-devel mailing list