ubuntu.userns.conf.in revision 71d3a6590fe665421d7a0026d699b0654ddfc7f6
71d3a6590fe665421d7a0026d699b0654ddfc7f6Stéphane Graber# CAP_SYS_ADMIN in init-user-ns is required for cgroup.devices
71d3a6590fe665421d7a0026d699b0654ddfc7f6Stéphane Graberlxc.cgroup.devices.deny =
71d3a6590fe665421d7a0026d699b0654ddfc7f6Stéphane Graberlxc.cgroup.devices.allow =
71d3a6590fe665421d7a0026d699b0654ddfc7f6Stéphane Graber
71d3a6590fe665421d7a0026d699b0654ddfc7f6Stéphane Graber# We can't move bind-mounts, so don't use /dev/lxc/
71d3a6590fe665421d7a0026d699b0654ddfc7f6Stéphane Graberlxc.devttydir =
71d3a6590fe665421d7a0026d699b0654ddfc7f6Stéphane Graber
71d3a6590fe665421d7a0026d699b0654ddfc7f6Stéphane Graber# Extra bind-mounts for userns
71d3a6590fe665421d7a0026d699b0654ddfc7f6Stéphane Graberlxc.mount.entry = /dev/console dev/console none bind,create=file 0 0
71d3a6590fe665421d7a0026d699b0654ddfc7f6Stéphane Graberlxc.mount.entry = /dev/null dev/null none bind,create=file 0 0
71d3a6590fe665421d7a0026d699b0654ddfc7f6Stéphane Graberlxc.mount.entry = /dev/tty dev/tty none bind,create=file 0 0
71d3a6590fe665421d7a0026d699b0654ddfc7f6Stéphane Graberlxc.mount.entry = /dev/urandom dev/urandom none bind,create=file 0 0
71d3a6590fe665421d7a0026d699b0654ddfc7f6Stéphane Graber
71d3a6590fe665421d7a0026d699b0654ddfc7f6Stéphane Graber# Extra fstab entries as mountall can't mount those by itself
71d3a6590fe665421d7a0026d699b0654ddfc7f6Stéphane Graberlxc.mount.entry = /sys/firmware/efi/efivars sys/firmware/efi/efivars none bind,optional 0 0
71d3a6590fe665421d7a0026d699b0654ddfc7f6Stéphane Graberlxc.mount.entry = /proc/sys/fs/binfmt_misc proc/sys/fs/binfmt_misc none bind,optional 0 0