From: Matthijs Kooijman Date: Sun, 14 Aug 2011 14:19:21 +0000 (+0200) Subject: lxc: Better document device config for the template container. X-Git-Url: https://git.stderr.nl/gitweb?a=commitdiff_plain;h=20230acbf66aeb81680937aa9f2409ab8647d64e;p=matthijs%2Fservers%2Ftika.git lxc: Better document device config for the template container. This changes only comments. --- diff --git a/var/lib/lxc/template/config b/var/lib/lxc/template/config index 48899db..829bde5 100644 --- a/var/lib/lxc/template/config +++ b/var/lib/lxc/template/config @@ -1,19 +1,27 @@ lxc.tty = 4 lxc.pts = 1024 lxc.rootfs = /var/lib/lxc/template/rootfs + +# Deny all devices, except the following lxc.cgroup.devices.deny = a -# /dev/null and zero +# /dev/null lxc.cgroup.devices.allow = c 1:3 rwm +# /dev/zero lxc.cgroup.devices.allow = c 1:5 rwm -# consoles +# /dev/console lxc.cgroup.devices.allow = c 5:1 rwm +# /dev/tty lxc.cgroup.devices.allow = c 5:0 rwm +# /dev/tty0 lxc.cgroup.devices.allow = c 4:0 rwm +# /dev/tty1 lxc.cgroup.devices.allow = c 4:1 rwm # /dev/{,u}random lxc.cgroup.devices.allow = c 1:9 rwm lxc.cgroup.devices.allow = c 1:8 rwm +# /dev/pts/0 - /dev/pts/255 lxc.cgroup.devices.allow = c 136:* rwm +# /dev/ptmx lxc.cgroup.devices.allow = c 5:2 rwm # rtc lxc.cgroup.devices.allow = c 254:0 rwm