1 # This derives from the global common config
2 lxc.include = @LXCTEMPLATECONFIG@/common.conf
4 # Default mount entries
5 lxc.mount.entry = /sys/kernel/debug sys/kernel/debug none bind,optional 0 0
6 lxc.mount.entry = /sys/kernel/security sys/kernel/security none bind,optional 0 0
7 lxc.mount.entry = /sys/fs/pstore sys/fs/pstore none bind,optional 0 0
8 lxc.mount.entry = mqueue dev/mqueue mqueue rw,relatime,create=dir,optional 0 0
10 # When using LXC with apparmor, the container will be confined by default.
11 # If you wish for it to instead run unconfined, copy the following line
12 # (uncommented) to the container's configuration file.
13 #lxc.apparmor.profile = unconfined
15 # Uncomment the following line to autodetect squid-deb-proxy configuration on the
16 # host and forward it to the guest at start time.
17 #lxc.hook.pre-start = /usr/share/lxc/hooks/squid-deb-proxy-client
19 # If you wish to allow mounting block filesystems, then use the following
20 # line instead, and make sure to grant access to the block device and/or loop
21 # devices below in lxc.cgroup.devices.allow.
22 #lxc.apparmor.profile = lxc-container-default-with-mounting
24 # Extra cgroup device access
26 lxc.cgroup.devices.allow = c 254:0 rm
28 lxc.cgroup.devices.allow = c 10:200 rwm
30 lxc.cgroup.devices.allow = c 10:228 rwm
32 lxc.cgroup.devices.allow = c 10:232 rwm
33 ## To use loop devices, copy the following line to the container's
34 ## configuration file (uncommented).
35 #lxc.cgroup.devices.allow = b 7:* rwm