108b88ce3187e08cc630e17903f8e7748a545be1Serge Hallyn# Use a profile which allows nesting

108b88ce3187e08cc630e17903f8e7748a545be1Serge Hallynlxc.aa_profile = lxc-container-default-with-nesting

108b88ce3187e08cc630e17903f8e7748a545be1Serge Hallyn

108b88ce3187e08cc630e17903f8e7748a545be1Serge Hallyn# Add uncovered mounts of proc and sys, else unprivileged users

108b88ce3187e08cc630e17903f8e7748a545be1Serge Hallyn# cannot remount those

108b88ce3187e08cc630e17903f8e7748a545be1Serge Hallyn

108b88ce3187e08cc630e17903f8e7748a545be1Serge Hallynlxc.mount.entry = proc dev/.lxc/proc proc create=dir,optional 0 0

108b88ce3187e08cc630e17903f8e7748a545be1Serge Hallynlxc.mount.entry = sys dev/.lxc/sys sysfs create=dir,optional 0 0