mirror of
https://git.proxmox.com/git/lxc
synced 2025-08-17 23:22:40 +00:00
39994e5496
Merge: attach: always use getent Commit message: In debian buster, some libnss plugins (if installed) can cause getpwent to segfault instead of erroring out cleanly. To avoid this, stick to always using getent. Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
44 lines
1.3 KiB
Diff
44 lines
1.3 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Wolfgang Bumiller <w.bumiller@proxmox.com>
|
|
Date: Fri, 23 Dec 2016 15:57:24 +0100
|
|
Subject: [PATCH] PVE: [Config] namespace separation
|
|
|
|
* rename cgroup namespace directory to ns
|
|
* set lxc.cgroup.protect_limits default to 'both'
|
|
|
|
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
|
|
---
|
|
src/lxc/cgroups/cgroup.h | 2 +-
|
|
src/lxc/initutils.h | 2 +-
|
|
2 files changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/src/lxc/cgroups/cgroup.h b/src/lxc/cgroups/cgroup.h
|
|
index 59445b5a5..7d6135c19 100644
|
|
--- a/src/lxc/cgroups/cgroup.h
|
|
+++ b/src/lxc/cgroups/cgroup.h
|
|
@@ -36,7 +36,7 @@
|
|
* will be moved into an additional subdirectory "cgns/" inside the cgroup in
|
|
* order to prevent it from accessing the outer limiting cgroup.
|
|
*/
|
|
-#define CGROUP_NAMESPACE_SUBDIR "cgns"
|
|
+#define CGROUP_NAMESPACE_SUBDIR "ns"
|
|
|
|
struct lxc_handler;
|
|
struct lxc_conf;
|
|
diff --git a/src/lxc/initutils.h b/src/lxc/initutils.h
|
|
index b542e6015..78d3f2b10 100644
|
|
--- a/src/lxc/initutils.h
|
|
+++ b/src/lxc/initutils.h
|
|
@@ -42,7 +42,7 @@
|
|
#define DEFAULT_THIN_POOL "lxc"
|
|
#define DEFAULT_ZFSROOT "lxc"
|
|
#define DEFAULT_RBDPOOL "lxc"
|
|
-#define DEFAULT_CGPROTECT "privileged"
|
|
+#define DEFAULT_CGPROTECT "both"
|
|
|
|
#ifndef PR_SET_MM
|
|
#define PR_SET_MM 35
|
|
--
|
|
2.20.1
|
|
|