On Mon, Apr 28, 2014 at 1:47 PM, Serge Hallyn <[email protected]>wrote: > > Drat. just to make sure, you don't have any start hooks defined do you? > What distro/release is the guest running? My guess is that init is > running mknod, and immediately getting killed. >
I don't think I have any start hooks defined, no. I'm just using the default lxc-ubuntu template. So, black-listing mknod without 'errno 0' does allow the instance to start. Upon testing, I can confirm that the instance which is now running with the seccomp black-list is not capable of creating devices manually with mknod. Thanks, -Nels
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
