confile: rename lxc.devttydir to lxc.tty.dir

[mirror_lxc.git] / config / templates / common.conf.in

diff --git a/config/templates/common.conf.in b/config/templates/common.conf.in
index 26b322964b0934e25bf05a37ef87249f5b09f079..a0134848902f5ef86ecf3d70daa8b5abfd496bed 100644 (file)
--- a/config/templates/common.conf.in
+++ b/config/templates/common.conf.in
@@ -1,7 +1,7 @@
 # Default configuration shared by all containers
 
 # Setup the LXC devices in /dev/lxc/
-lxc.devttydir = lxc
+lxc.tty.dir = lxc
 
 # Allow for 1024 pseudo terminals
 lxc.pts = 1024
@@ -10,10 +10,7 @@ lxc.pts = 1024
 lxc.tty = 4
 
 # Drop some harmful capabilities
-lxc.cap.drop = mac_admin mac_override sys_time sys_module
-
-# Set the pivot directory
-lxc.pivotdir = lxc_putold
+lxc.cap.drop = mac_admin mac_override sys_time sys_module sys_rawio
 
 # Ensure hostname is changed on clone
 lxc.hook.clone = @LXCHOOKDIR@/clonehostname
@@ -42,9 +39,12 @@ lxc.cgroup.devices.allow = c 1:8 rwm
 lxc.cgroup.devices.allow = c 1:9 rwm
 ### /dev/pts/*
 lxc.cgroup.devices.allow = c 136:* rwm
+### fuse
+lxc.cgroup.devices.allow = c 10:229 rwm
 
 # Setup the default mounts
 lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed
+lxc.mount.entry = /sys/fs/fuse/connections sys/fs/fuse/connections none bind,optional 0 0
 
 # Blacklist some syscalls which are not safe in privileged
 # containers