[lxc-devel] [PATCH] Discontinue the use of in-line comments (stable)
Serge Hallyn
serge.hallyn at ubuntu.com
Fri Sep 19 23:48:23 UTC 2014
Quoting Stéphane Graber (stgraber at ubuntu.com):
> Those aren't supported, it's just a lucky coincidence that they weren't
> causing problems.
>
> Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
Acked-by: Serge E. Hallyn <serge.hallyn at ubuntu.com>
> ---
> config/templates/centos.common.conf.in | 24 ++++++++++++++++--------
> config/templates/fedora.common.conf.in | 24 ++++++++++++++++--------
> config/templates/oracle.common.conf.in | 24 ++++++++++++++++--------
> 3 files changed, 48 insertions(+), 24 deletions(-)
>
> diff --git a/config/templates/centos.common.conf.in b/config/templates/centos.common.conf.in
> index b80585f..5e880a2 100644
> --- a/config/templates/centos.common.conf.in
> +++ b/config/templates/centos.common.conf.in
> @@ -37,14 +37,22 @@ lxc.cgroup.devices.deny = a
> # Allow any mknod (but not reading/writing the node)
> lxc.cgroup.devices.allow = c *:* m
> lxc.cgroup.devices.allow = b *:* m
> -lxc.cgroup.devices.allow = c 1:3 rwm # /dev/null
> -lxc.cgroup.devices.allow = c 1:5 rwm # /dev/zero
> -lxc.cgroup.devices.allow = c 1:7 rwm # /dev/full
> -lxc.cgroup.devices.allow = c 5:0 rwm # /dev/tty
> -lxc.cgroup.devices.allow = c 1:8 rwm # /dev/random
> -lxc.cgroup.devices.allow = c 1:9 rwm # /dev/urandom
> -lxc.cgroup.devices.allow = c 136:* rwm # /dev/tty[1-4] ptys and lxc console
> -lxc.cgroup.devices.allow = c 5:2 rwm # /dev/ptmx pty master
> +## /dev/null
> +lxc.cgroup.devices.allow = c 1:3 rwm
> +## /dev/zero
> +lxc.cgroup.devices.allow = c 1:5 rwm
> +## /dev/full
> +lxc.cgroup.devices.allow = c 1:7 rwm
> +## /dev/tty
> +lxc.cgroup.devices.allow = c 5:0 rwm
> +## /dev/random
> +lxc.cgroup.devices.allow = c 1:8 rwm
> +## /dev/urandom
> +lxc.cgroup.devices.allow = c 1:9 rwm
> +## /dev/tty[1-4] ptys and lxc console
> +lxc.cgroup.devices.allow = c 136:* rwm
> +## /dev/ptmx pty master
> +lxc.cgroup.devices.allow = c 5:2 rwm
>
> # Blacklist some syscalls which are not safe in privileged
> # containers
> diff --git a/config/templates/fedora.common.conf.in b/config/templates/fedora.common.conf.in
> index add0859..49c6ac6 100644
> --- a/config/templates/fedora.common.conf.in
> +++ b/config/templates/fedora.common.conf.in
> @@ -39,14 +39,22 @@ lxc.cgroup.devices.deny = a
> # Allow any mknod (but not reading/writing the node)
> lxc.cgroup.devices.allow = c *:* m
> lxc.cgroup.devices.allow = b *:* m
> -lxc.cgroup.devices.allow = c 1:3 rwm # /dev/null
> -lxc.cgroup.devices.allow = c 1:5 rwm # /dev/zero
> -lxc.cgroup.devices.allow = c 1:7 rwm # /dev/full
> -lxc.cgroup.devices.allow = c 5:0 rwm # /dev/tty
> -lxc.cgroup.devices.allow = c 1:8 rwm # /dev/random
> -lxc.cgroup.devices.allow = c 1:9 rwm # /dev/urandom
> -lxc.cgroup.devices.allow = c 136:* rwm # /dev/tty[1-4] ptys and lxc console
> -lxc.cgroup.devices.allow = c 5:2 rwm # /dev/ptmx pty master
> +## /dev/null
> +lxc.cgroup.devices.allow = c 1:3 rwm
> +## /dev/zero
> +lxc.cgroup.devices.allow = c 1:5 rwm
> +## /dev/full
> +lxc.cgroup.devices.allow = c 1:7 rwm
> +## /dev/tty
> +lxc.cgroup.devices.allow = c 5:0 rwm
> +## /dev/random
> +lxc.cgroup.devices.allow = c 1:8 rwm
> +## /dev/urandom
> +lxc.cgroup.devices.allow = c 1:9 rwm
> +## /dev/tty[1-4] ptys and lxc console
> +lxc.cgroup.devices.allow = c 136:* rwm
> +## /dev/ptmx pty master
> +lxc.cgroup.devices.allow = c 5:2 rwm
>
> # Blacklist some syscalls which are not safe in privileged
> # containers
> diff --git a/config/templates/oracle.common.conf.in b/config/templates/oracle.common.conf.in
> index 1b30fe9..cf6ad68 100644
> --- a/config/templates/oracle.common.conf.in
> +++ b/config/templates/oracle.common.conf.in
> @@ -35,14 +35,22 @@ lxc.cgroup.devices.deny = a
> # Allow any mknod (but not reading/writing the node)
> lxc.cgroup.devices.allow = c *:* m
> lxc.cgroup.devices.allow = b *:* m
> -lxc.cgroup.devices.allow = c 1:3 rwm # /dev/null
> -lxc.cgroup.devices.allow = c 1:5 rwm # /dev/zero
> -lxc.cgroup.devices.allow = c 1:7 rwm # /dev/full
> -lxc.cgroup.devices.allow = c 5:0 rwm # /dev/tty
> -lxc.cgroup.devices.allow = c 1:8 rwm # /dev/random
> -lxc.cgroup.devices.allow = c 1:9 rwm # /dev/urandom
> -lxc.cgroup.devices.allow = c 136:* rwm # /dev/tty[1-4] ptys and lxc console
> -lxc.cgroup.devices.allow = c 5:2 rwm # /dev/ptmx pty master
> +## /dev/null
> +lxc.cgroup.devices.allow = c 1:3 rwm
> +## /dev/zero
> +lxc.cgroup.devices.allow = c 1:5 rwm
> +## /dev/full
> +lxc.cgroup.devices.allow = c 1:7 rwm
> +## /dev/tty
> +lxc.cgroup.devices.allow = c 5:0 rwm
> +## /dev/random
> +lxc.cgroup.devices.allow = c 1:8 rwm
> +## /dev/urandom
> +lxc.cgroup.devices.allow = c 1:9 rwm
> +## /dev/tty[1-4] ptys and lxc console
> +lxc.cgroup.devices.allow = c 136:* rwm
> +## /dev/ptmx pty master
> +lxc.cgroup.devices.allow = c 5:2 rwm
>
> # Blacklist some syscalls which are not safe in privileged
> # containers
> --
> 1.9.1
>
More information about the lxc-devel
mailing list