config
lxc.utsname = lucid64
lxc.tty = 4
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.name = eth0
lxc.network.mtu = 1500
lxc.network.ipv4 = 192.168.10.0/24
lxc.rootfs = ./rootfs
lxc.cgroup.devices.deny = a
# /dev/null and zero
lxc.cgroup.devices.allow = c 1:3 rwm
lxc.cgroup.devices.allow = c 1:5 rwm
# consoles
lxc.cgroup.devices.allow = c 5:1 rwm
lxc.cgroup.devices.allow = c 5:0 rwm
lxc.cgroup.devices.allow = c 4:0 rwm
lxc.cgroup.devices.allow = c 4:1 rwm
# /dev/{,u}random
lxc.cgroup.devices.allow = c 1:9 rwm
lxc.cgroup.devices.allow = c 1:8 rwm
# /dev/pts/* - pts namespaces are "coming soon"
lxc.cgroup.devices.allow = c 136:* rwm
lxc.cgroup.devices.allow = c 5:2 rwm
# rtc
lxc.cgroup.devices.allow = c 254:0 rwmcat rootfs/etc/init/lxc.conf # LXC – Fix init sequence to have LXC containers boot with upstart # description “Fix LXC container - Lucid” start on startup task pre-start script mount -t proc proc /proc mount -t devpts devpts /dev/pts mount -t sysfs sys /sys mount -t tmpfs varrun /var/run mount -t tmpfs varlock /var/lock mkdir -p /var/run/network touch /var/run/utmp chmod 664 /var/run/utmp chown root.utmp /var/run/utmp if [ "$(find /etc/network/ -name upstart -type f)" ]; then chmod -x /etc/network/*/upstart || true fi end script script start networking initctl emit filesystem --no-wait initctl emit local-filesystems --no-wait initctl emit virtual-filesystems --no-wait init 2 end script The root directory is read only, inside and outside of container. ------------------------------------------------------------------------------ The Palm PDK Hot Apps Program offers developers who use the Plug-In Development Kit to bring their C/C++ apps to Palm for a share of $1 Million in cash or HP Products. Visit us here for more details: http://p.sf.net/sfu/dev2dev-palm _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
