On Wed, 1 May 2013 10:54:10 -0500 Serge Hallyn <serge.hal...@ubuntu.com> wrote:
> Quoting Stéphane Graber (stgra...@ubuntu.com): > > On 05/01/2013 06:51 AM, Serge Hallyn wrote: > > > Don't allow write to /dev/rtc0, and remove sys_time (in any > > > templates which drop any capabilities) > > > > > > Reported-by: Christoph Mitasch <cmita...@thomas-krenn.com> > > > Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com> > > > > Assuming this has been tested not to prevent boot for any of the > > update templates. > > > > Acked-by: Stéphane Graber <stgra...@ubuntu.com> > > I didn't test all of them, only ubuntu. > > If anything fails to boot because of inability to mess with host's > clock, that will be interesting :) I'll test whatever ones I can > (i.e. not sure all of them work) before pushing. Just FYI, when I removed /dev/rtc0 from the lxc-oracle template, the containers still booted but /sbin/hwclock complained which is why it got commented out from the initscripts. Other than that removing /dev/rtc0 completely hasn't seemed to have any ill side effects. ------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1 _______________________________________________ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
