[gentoo-commits] gentoo-x86 commit in app-emulation/lxc/files: lxc-1.1.2-fix-gentoo-moresecure-template.patch

Thu, 11 Jun 2015 10:07:16 -0700 

hwoarang    15/06/11 17:06:21

  Added:                lxc-1.1.2-fix-gentoo-moresecure-template.patch
  Log:
  Version bump to apply upstream patch for the gentoo-moresecure template. Bug 
#551096
  
  (Portage version: 2.2.20/cvs/Linux x86_64, signed Manifest commit with key 
09BF4F54C2BA7F3C!)

Revision  Changes    Path
1.1                  
app-emulation/lxc/files/lxc-1.1.2-fix-gentoo-moresecure-template.patch

file : 
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/lxc/files/lxc-1.1.2-fix-gentoo-moresecure-template.patch?rev=1.1&view=markup
plain: 
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/app-emulation/lxc/files/lxc-1.1.2-fix-gentoo-moresecure-template.patch?rev=1.1&content-type=text/plain

Index: lxc-1.1.2-fix-gentoo-moresecure-template.patch
===================================================================
Patch from https://github.com/lxc/lxc/pull/563 didn't make it to stable-1.1
yes so lets just include it here in case it doesn't end up in 1.1.X in the
future.

Signed-off-by: Markos Chandras <hwoar...@gentoo.org>

>From bc19636d587fbabfbc2252f1bf4887fee87bb247 Mon Sep 17 00:00:00 2001
From: Dennis Schridde <devuran...@gmx.net>
Date: Thu, 11 Jun 2015 15:21:19 +0200
Subject: [PATCH] Fix creation of dev/mqueue and dev/shm on Gentoo

The dev/mqueue and dev/shm directories do not exist when using lxc.autodev, 
thus they have to be created upon mount.

Signed-off-by: Dennis Schridde <devuran...@gmx.net>
---
 config/templates/gentoo.moresecure.conf.in | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/config/templates/gentoo.moresecure.conf.in 
b/config/templates/gentoo.moresecure.conf.in
index 270e9df..f827ad2 100644
--- a/config/templates/gentoo.moresecure.conf.in
+++ b/config/templates/gentoo.moresecure.conf.in
@@ -8,8 +8,8 @@ lxc.include = @LXCTEMPLATECONFIG@/common.conf
 # Container user ? see gentoo.common.conf
 
 # do not mount sysfs, see http://blog.bofh.it/debian/id_413
-lxc.mount.entry=mqueue dev/mqueue mqueue rw,nodev,noexec,nosuid 0 0
-lxc.mount.entry=shm dev/shm tmpfs rw,nosuid,nodev,noexec,relatime 0 0
+lxc.mount.entry=mqueue dev/mqueue mqueue rw,nodev,noexec,nosuid,create=dir 0 0
+lxc.mount.entry=shm dev/shm tmpfs rw,nosuid,nodev,noexec,relatime,create=dir 0 0
 lxc.mount.entry=run run tmpfs rw,nosuid,nodev,relatime,mode=755 0 0
 
 # this part is based on 'linux capabilities', see: man 7 capabilities

Reply via email to