5
0
mirror of git://git.proxmox.com/git/lxc.git synced 2024-12-22 17:35:53 +03:00
lxc/config/alpine.common.conf.in
Wolfgang Bumiller db69b3776d merge upstream lxc-templates configs
note that we have 1 difference to upstream,
from 612ec1f054 ("config: opensuse.common: unset lxc.tty.dir key")

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2023-06-09 08:19:14 +02:00

24 lines
713 B
Plaintext

# This derives from the global common config.
lxc.include = @LXCTEMPLATECONFIG@/common.conf
# Doesn't support consoles in /dev/lxc/.
lxc.tty.dir =
# Drop another (potentially) harmful capabilities.
lxc.cap.drop = audit_write
lxc.cap.drop = ipc_owner
lxc.cap.drop = mknod
lxc.cap.drop = sys_nice
lxc.cap.drop = sys_pacct
lxc.cap.drop = sys_rawio
lxc.cap.drop = sys_resource
lxc.cap.drop = sys_tty_config
lxc.cap.drop = syslog
lxc.cap.drop = wake_alarm
# Mount /run as tmpfs.
lxc.mount.entry=run run tmpfs rw,nodev,relatime,mode=755 0 0
# Mount /dev/shm as tmpfs; needed for building python and possibly other packages.
lxc.mount.entry=shm dev/shm tmpfs rw,nodev,noexec,nosuid,relatime,mode=1777,create=dir 0 0