Since the line immediately following will mount the entire
/sys read-only, hence /sys/kernel/security too.
Also, when installing the container template on systems with
no securityfs support, starting the container will fail.
Signed-off-by: Bogdan Purcareata <bogdan.purcare...@freescale.com>
---
templates/lxc-busybox.in | 1 -
1 file changed, 1 deletion(-)
diff --git a/templates/lxc-busybox.in b/templates/lxc-busybox.in
index 23d654e..906dc5d 100644
--- a/templates/lxc-busybox.in
+++ b/templates/lxc-busybox.in
@@ -296,7 +296,6 @@ EOF
echo "lxc.mount.entry = /$dir $dir none ro,bind 0 0" >>
$path/config
fi
done
- echo "lxc.mount.entry = /sys/kernel/security sys/kernel/security none
ro,bind 0 0" >>$path/config
echo "lxc.mount.auto = proc:mixed sys" >>$path/config
}
--
1.7.11.7
------------------------------------------------------------------------------
Sponsored by Intel(R) XDK
Develop, test and display web and hybrid apps with a single code base.
Download it for free now!
http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk
_______________________________________________
lxc-devel mailing list
lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
