]>
Commit | Line | Data |
---|---|---|
f49c89ac WB |
1 | # This derives from the global common config |
2 | lxc.include = @LXCTEMPLATECONFIG@/common.conf | |
3 | ||
4 | # Default mount entries | |
5 | lxc.mount.entry = /sys/kernel/debug sys/kernel/debug none bind,optional 0 0 | |
6 | lxc.mount.entry = /sys/kernel/security sys/kernel/security none bind,optional 0 0 | |
7 | lxc.mount.entry = /sys/fs/pstore sys/fs/pstore none bind,optional 0 0 | |
8 | lxc.mount.entry = mqueue dev/mqueue mqueue rw,relatime,create=dir,optional 0 0 | |
9 | ||
10 | # When using LXC with apparmor, the container will be confined by default. | |
11 | # If you wish for it to instead run unconfined, copy the following line | |
12 | # (uncommented) to the container's configuration file. | |
13 | #lxc.apparmor.profile = unconfined | |
14 | ||
15 | # Uncomment the following line to autodetect squid-deb-proxy configuration on the | |
16 | # host and forward it to the guest at start time. | |
17 | #lxc.hook.pre-start = /usr/share/lxc/hooks/squid-deb-proxy-client | |
18 | ||
19 | # If you wish to allow mounting block filesystems, then use the following | |
20 | # line instead, and make sure to grant access to the block device and/or loop | |
21 | # devices below in lxc.cgroup.devices.allow. | |
22 | #lxc.apparmor.profile = lxc-container-default-with-mounting | |
23 | ||
24 | # Extra cgroup device access | |
25 | ## rtc | |
26 | lxc.cgroup.devices.allow = c 254:0 rm | |
27 | ## tun | |
28 | lxc.cgroup.devices.allow = c 10:200 rwm | |
29 | ## hpet | |
30 | lxc.cgroup.devices.allow = c 10:228 rwm | |
31 | ## kvm | |
32 | lxc.cgroup.devices.allow = c 10:232 rwm | |
33 | ## To use loop devices, copy the following line to the container's | |
34 | ## configuration file (uncommented). | |
35 | #lxc.cgroup.devices.allow = b 7:* rwm |