mirror of
https://git.proxmox.com/git/mirror_lxc
synced 2025-07-14 17:38:04 +00:00
dc8114afd7
Leave the line to do it (commented out) as some users may not be using cgmanager, and may in fact still need those mounts. Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> Acked-by: Stéphane Graber <stgraber@ubuntu.com>
15 lines
588 B
Plaintext
15 lines
588 B
Plaintext
# Do not load this file. Rather, load /etc/apparmor.d/lxc-containers, which
|
|
# will source all profiles under /etc/apparmor.d/lxc
|
|
|
|
profile lxc-container-default-with-nesting flags=(attach_disconnected,mediate_deleted) {
|
|
#include <abstractions/lxc/container-base>
|
|
#include <abstractions/lxc/start-container>
|
|
|
|
# Uncomment the line below if you are not using cgmanager
|
|
# mount fstype=cgroup -> /sys/fs/cgroup/**,
|
|
|
|
mount fstype=proc -> /var/cache/lxc/**,
|
|
mount fstype=sysfs -> /var/cache/lxc/**,
|
|
mount options=(rw,bind) /var/cache/lxc/**/dev/shm/ -> /var/cache/lxc/**/run/shm/,
|
|
}
|