[lxc-users] Set specific mount options for the ROOTFS
Serge E. Hallyn
serge at hallyn.com
Mon Jun 20 14:51:11 UTC 2016
Quoting Olivier BONHOMME (obonhomme+lxc at nerim.net):
> Hello,
>
> I'm trying to set up containers using LXC and i have question about how is mounted the rootfs.
>
> I would love to start my container with some specific mount options in order to
> increase a little bit the security reducing what it is possible to do directly
> on the ROOTFS. That's why, I would love to apply some restrictions on the /
> mountpoint like ro,nosuid,nodev,noexec.
>
> I tried using the lxc.rootfs.options without success. So I wonder to know if it
lxc.rootfs.options is meant to work, fwiw. If you give more details about your
setup (is the rootfs on a device or in a file, or just a directory; what is the
whole config file; what host system do you have) someone should be able to
reproduce and hopefully fix the bug.
> is possible to apply such mount restrictions on the rootfs mount point. If yes,
> what is the procedure ?
>
> Thanks for your answers.
>
> Regards,
> Olivier Bonhomme
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
More information about the lxc-users
mailing list