From: Matthijs Kooijman <matthijs@stdin.nl>
Date: Sun, 14 Aug 2011 14:13:41 +0000 (+0200)
Subject: lxc: Add configuration for template container.
X-Git-Url: https://git.stderr.nl/gitweb?p=matthijs%2Fservers%2Ftika.git;a=commitdiff_plain;h=5b1acc5d8ffe291583a3c64d92b0dc16bd928fa7

lxc: Add configuration for template container.

This container will serve as a template for other containers. The
configuration is generated using lxc-create using the "debian" template.
---

diff --git a/var/lib/lxc/template/config b/var/lib/lxc/template/config
new file mode 100644
index 0000000..48899db
--- /dev/null
+++ b/var/lib/lxc/template/config
@@ -0,0 +1,23 @@
+lxc.tty = 4
+lxc.pts = 1024
+lxc.rootfs = /var/lib/lxc/template/rootfs
+lxc.cgroup.devices.deny = a
+# /dev/null and zero
+lxc.cgroup.devices.allow = c 1:3 rwm
+lxc.cgroup.devices.allow = c 1:5 rwm
+# consoles
+lxc.cgroup.devices.allow = c 5:1 rwm
+lxc.cgroup.devices.allow = c 5:0 rwm
+lxc.cgroup.devices.allow = c 4:0 rwm
+lxc.cgroup.devices.allow = c 4:1 rwm
+# /dev/{,u}random
+lxc.cgroup.devices.allow = c 1:9 rwm
+lxc.cgroup.devices.allow = c 1:8 rwm
+lxc.cgroup.devices.allow = c 136:* rwm
+lxc.cgroup.devices.allow = c 5:2 rwm
+# rtc
+lxc.cgroup.devices.allow = c 254:0 rwm
+
+# mounts point
+lxc.mount.entry=proc /var/lib/lxc/template/rootfs/proc proc nodev,noexec,nosuid 0 0
+lxc.mount.entry=sysfs /var/lib/lxc/template/rootfs/sys sysfs defaults  0 0