[mirror_lxc.git] / config / templates / alpine.common.conf.in

# This derives from the global common config.
lxc.include = @LXCTEMPLATECONFIG@/common.conf

# Doesn't support consoles in /dev/lxc/.
lxc.tty.dir =

# Drop another (potentially) harmful capabilities.
lxc.cap.drop = audit_write
lxc.cap.drop = ipc_owner
lxc.cap.drop = mknod
lxc.cap.drop = setpcap
lxc.cap.drop = sys_nice
lxc.cap.drop = sys_pacct
lxc.cap.drop = sys_ptrace
lxc.cap.drop = sys_rawio
lxc.cap.drop = sys_resource
lxc.cap.drop = sys_tty_config
lxc.cap.drop = syslog
lxc.cap.drop = wake_alarm

# Mount /run as tmpfs.
lxc.mount.entry=run run tmpfs rw,nodev,relatime,mode=755 0 0

# Mount /dev/shm as tmpfs; needed for building python and possibly other packages.
lxc.mount.entry=shm dev/shm tmpfs rw,nodev,noexec,nosuid,relatime,mode=1777,create=dir 0 0
Commit	Line	Data
6515faa1 JJ	1	# This derives from the global common config.
	2	lxc.include = @LXCTEMPLATECONFIG@/common.conf
	3
	4	# Doesn't support consoles in /dev/lxc/.
42e53c29	5	lxc.tty.dir =
6515faa1 JJ	6
	7	# Drop another (potentially) harmful capabilities.
	8	lxc.cap.drop = audit_write
	9	lxc.cap.drop = ipc_owner
	10	lxc.cap.drop = mknod
6515faa1 JJ	11	lxc.cap.drop = setpcap
	12	lxc.cap.drop = sys_nice
	13	lxc.cap.drop = sys_pacct
	14	lxc.cap.drop = sys_ptrace
	15	lxc.cap.drop = sys_rawio
	16	lxc.cap.drop = sys_resource
	17	lxc.cap.drop = sys_tty_config
	18	lxc.cap.drop = syslog
	19	lxc.cap.drop = wake_alarm
b5caaaa5	20
48938fe7	21	# Mount /run as tmpfs.
b5caaaa5	22	lxc.mount.entry=run run tmpfs rw,nodev,relatime,mode=755 0 0
48938fe7 JJ	23
	24	# Mount /dev/shm as tmpfs; needed for building python and possibly other packages.
	25	lxc.mount.entry=shm dev/shm tmpfs rw,nodev,noexec,nosuid,relatime,mode=1777,create=dir 0 0