4 # Use this root filesystem
5 lxc.rootfs = /var/lib/lxc/template/rootfs
8 lxc.console = /var/log/lxc/template.lxc
10 # The container gets a single virtual eth0 interface with a statically assigned
11 # address (assigned by lxc-start, no need for the container to assign any
13 lxc.network.type = veth
14 lxc.network.flags = up
15 lxc.network.veth.pair = lxc-template
16 lxc.network.name = eth0
17 lxc.network.link = br-lxc
18 lxc.network.ipv4 = 10.42.0.10/24
19 lxc.network.ipv4.gateway = auto
21 # The number of ttys available (shouldn't be less than the getty's
22 # configured in the inittab).
25 # Use private pts for the container
28 # Deny all devices, except the following
29 lxc.cgroup.devices.deny = a
31 lxc.cgroup.devices.allow = c 1:3 rwm
33 lxc.cgroup.devices.allow = c 1:5 rwm
35 lxc.cgroup.devices.allow = c 5:1 rwm
37 lxc.cgroup.devices.allow = c 5:0 rwm
39 lxc.cgroup.devices.allow = c 4:0 rwm
41 lxc.cgroup.devices.allow = c 4:1 rwm
43 lxc.cgroup.devices.allow = c 1:9 rwm
44 lxc.cgroup.devices.allow = c 1:8 rwm
45 # /dev/pts/0 - /dev/pts/255
46 lxc.cgroup.devices.allow = c 136:* rwm
48 lxc.cgroup.devices.allow = c 5:2 rwm
50 lxc.cgroup.devices.allow = c 254:0 rwm
53 lxc.mount.entry=proc /var/lib/lxc/template/rootfs/proc proc nodev,noexec,nosuid 0 0
54 lxc.mount.entry=sysfs /var/lib/lxc/template/rootfs/sys sysfs defaults 0 0