proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-08-04 01:22:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Allow sysfs remount by mountall

Browse Source 
Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
This commit is contained in:
Stéphane Graber 2016-02-15 20:03:50 -05:00
parent ae07a9bfda
commit 15966fd086
No known key found for this signature in database
GPG Key ID: C638974D64792D67
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config/apparmor/abstractions/container-base.in
View File

@ -87,6 +87,7 @@
deny mount fstype=debugfs -> /var/lib/ureadahead/debugfs/,
mount fstype=proc -> /proc/,
mount fstype=sysfs -> /sys/,
mount options=(rw, nosuid, nodev, noexec, remount) -> /sys/,
deny /sys/firmware/efi/efivars/** rwklx,
deny /sys/kernel/security/** rwklx,
mount options=(move) /sys/fs/cgroup/cgmanager/ -> /sys/fs/cgroup/cgmanager.lower/,