lxc.include = @LXCTEMPLATECONFIG@/common.conf
# Doesn't support consoles in /dev/lxc/.
-lxc.devttydir =
+lxc.tty.dir =
# Drop another (potentially) harmful capabilities.
lxc.cap.drop = audit_write
lxc.signal.stop=SIGRTMIN+14
# Uncomment to disable creating tty devices subdirectory in /dev
-# lxc.devttydir =
+# lxc.tty.dir =
# Capabilities
# Uncomment these if you don't run anything that needs the capability, and
# Default configuration shared by all containers
# Setup the LXC devices in /dev/lxc/
-lxc.devttydir = lxc
+lxc.tty.dir = lxc
# Allow for 1024 pseudo terminals
lxc.pts = 1024
lxc.include = @LXCTEMPLATECONFIG@/common.conf
# Doesn't support consoles in /dev/lxc/
-lxc.devttydir =
+lxc.tty.dir =
# When using LXC with apparmor, the container will be confined by default.
# If you wish for it to instead run unconfined, copy the following line
# Looking for more security, see gentoo.moresecure.conf
# Doesn't support consoles in /dev/lxc/
-lxc.devttydir =
+lxc.tty.dir =
# Extra cgroup device access
## rtc
# Default console settings
-lxc.devttydir = lxc
+lxc.tty.dir = lxc
lxc.tty = 4
lxc.pts = 1024
lxc.include = @LXCTEMPLATECONFIG@/common.conf
# Doesn't support consoles in /dev/lxc/
-lxc.devttydir =
+lxc.tty.dir =
# Extra cgroup device access
## rtc
lxc.autodev = 1
# Doesn't support consoles in /dev/lxc/
-lxc.devttydir =
+lxc.tty.dir =
# CGroup whitelist
lxc.cgroup.devices.deny = a
lxc.include = @LXCTEMPLATECONFIG@/common.conf
# Doesn't support consoles in /dev/lxc/
-lxc.devttydir =
+lxc.tty.dir =
# Extra cgroup device access
## rtc
# Ubuntu 10.04 LTS doesn't have /dev/lxc/
-lxc.devttydir =
+lxc.tty.dir =
lxc.cgroup.devices.allow =
# We can't move bind-mounts, so don't use /dev/lxc/
-lxc.devttydir =
+lxc.tty.dir =
# Extra bind-mounts for userns
lxc.mount.entry = /dev/full dev/full none bind,create=file 0 0
# Uncomment to disable creating tty devices subdirectory in /dev
-# lxc.devttydir =
+# lxc.tty.dir =
# Capabilities
# Uncomment these if you don't run anything that needs the capability, and
lxc_config_define(personality);
lxc_config_define(pts);
lxc_config_define(tty);
-lxc_config_define(ttydir);
+lxc_config_define(tty_dir);
lxc_config_define(apparmor_profile);
lxc_config_define(apparmor_allow_incomplete);
lxc_config_define(selinux_context);
static struct lxc_config_t config[] = {
{ "lxc.arch", set_config_personality, get_config_personality, clr_config_personality, },
{ "lxc.pts", set_config_pts, get_config_pts, clr_config_pts, },
+ { "lxc.tty.dir", set_config_tty_dir, get_config_tty_dir, clr_config_tty_dir, },
+
+ /* REMOVE IN LXC 3.0
+ legacy devttydir key
+ */
+ { "lxc.devttydir", set_config_tty_dir, get_config_tty_dir, clr_config_tty_dir, },
+
{ "lxc.tty", set_config_tty, get_config_tty, clr_config_tty, },
- { "lxc.devttydir", set_config_ttydir, get_config_ttydir, clr_config_ttydir, },
{ "lxc.apparmor.profile", set_config_apparmor_profile, get_config_apparmor_profile, clr_config_apparmor_profile, },
{ "lxc.apparmor.allow_incomplete", set_config_apparmor_allow_incomplete, get_config_apparmor_allow_incomplete, clr_config_apparmor_allow_incomplete, },
{ "lxc.selinux.context", set_config_selinux_context, get_config_selinux_context, clr_config_selinux_context, },
return lxc_safe_uint(value, &lxc_conf->tty);
}
-static int set_config_ttydir(const char *key, const char *value,
+static int set_config_tty_dir(const char *key, const char *value,
struct lxc_conf *lxc_conf, void *data)
{
return set_config_string_item_max(&lxc_conf->ttydir, value,
return lxc_get_conf_int(c, retv, inlen, c->tty);
}
-static int get_config_ttydir(const char *key, char *retv, int inlen,
+static int get_config_tty_dir(const char *key, char *retv, int inlen,
struct lxc_conf *c, void *data)
{
return lxc_get_conf_str(retv, inlen, c->ttydir);
return 0;
}
-static inline int clr_config_ttydir(const char *key, struct lxc_conf *c,
+static inline int clr_config_tty_dir(const char *key, struct lxc_conf *c,
void *data)
{
free(c->ttydir);
goto non_test_error;
}
- /* lxc.devttydir */
+ /* REMOVE IN LXC 3.0
+ legacy devttydir keys
+ */
if (set_get_compare_clear_save_load(c, "lxc.devttydir", "not-dev", tmpf,
true) < 0) {
lxc_error("%s\n", "lxc.devttydir");
goto non_test_error;
}
+ /* lxc.tty.dir */
+ if (set_get_compare_clear_save_load(c, "lxc.tty.dir", "not-dev", tmpf,
+ true) < 0) {
+ lxc_error("%s\n", "lxc.tty.dir");
+ goto non_test_error;
+ }
+
/* REMOVE IN LXC 3.0
legacy security keys
*/
EOF
# enable getty on active ttys
local nttys=$(cat "${config_path}/config" ${shared_config} ${common_config} | grep "^lxc.tty" | head -n1 | cut -d= -f2 | tr -d "[:blank:]")
- local devttydir=$(cat "${config_path}/config" ${shared_config} ${common_config} | grep "^lxc.devttydir" | head -n1 | cut -d= -f2 | tr -d "[:blank:]")
+ local devttydir=$(cat "${config_path}/config" ${shared_config} ${common_config} | grep "^lxc.tty.dir" | head -n1 | cut -d= -f2 | tr -d "[:blank:]")
local devtty=""
- # bind getty instances to /dev/<devttydir>/tty* if lxc.devttydir is set
+ # bind getty instances to /dev/<devttydir>/tty* if lxc.tty.dir is set
[ -n "${devttydir}" ] && devtty="${devttydir}-"
if [ ${nttys:-0} -gt 1 ]; then
( cd "${rootfs_path}/etc/systemd/system/getty.target.wants"
# /dev/tty[1-4] will be symlinks to the ptys /dev/lxc/console and
# /dev/lxc/tty[1-4] so that package updates can overwrite the symlinks.
# lxc will maintain these links and bind mount ptys over /dev/lxc/*
- # since lxc.devttydir is specified in the config.
+ # since lxc.tty.dir is specified in the config.
# allow root login on console, tty[1-4], and pts/0 for libvirt
echo "# LXC (Linux Containers)" >>${rootfs_path}/etc/securetty
# /dev/tty[1-4] will be symlinks to the ptys /dev/lxc/console and
# /dev/lxc/tty[1-4] so that package updates can overwrite the symlinks.
# lxc will maintain these links and bind mount ptys over /dev/lxc/*
- # since lxc.devttydir is specified in the config.
+ # since lxc.tty.dir is specified in the config.
# allow root login on console, tty[1-4], and pts/0 for libvirt
echo "# LXC (Linux Containers)" >>${rootfs_path}/etc/securetty
# /dev/tty[1-4] will be symlinks to the ptys /dev/lxc/console and
# /dev/lxc/tty[1-4] so that package updates can overwrite the symlinks.
# lxc will maintain these links and bind mount ptys over /dev/lxc/*
- # since lxc.devttydir is specified in the config.
+ # since lxc.tty.dir is specified in the config.
# allow root login on console, tty[1-4], and pts/0 for libvirt
cat <<EOF >> "${rootfs}/etc/securetty"
# /dev/tty[1-4] will be symlinks to the ptys /dev/lxc/console and
# /dev/lxc/tty[1-4] so that package updates can overwrite the symlinks.
# lxc will maintain these links and bind mount ptys over /dev/lxc/*
- # since lxc.devttydir is specified in the config.
+ # since lxc.tty.dir is specified in the config.
# allow root login on console, tty[1-4], and pts/0 for libvirt
echo "# LXC (Linux Containers)" >>$container_rootfs/etc/securetty
# /dev/tty[1-4] will be symlinks to the ptys /dev/lxc/console and
# /dev/lxc/tty[1-4] so that package updates can overwrite the symlinks.
# lxc will maintain these links and bind mount ptys over /dev/lxc/*
- # since lxc.devttydir is specified in the config.
+ # since lxc.tty.dir is specified in the config.
# allow root login on console, tty[1-4], and pts/0 for libvirt
echo "# LXC (Linux Containers)" >>$container_rootfs/etc/securetty
projects / mirror_lxc.git / commitdiff