This is to avoid:
https://errors.ubuntu.com/problem/d640a68bf7343705899d7ca8c6bc070d477cd845
Signed-off-by: Serge Hallyn
---
src/lxc/cgroup.c | 9 -
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/src/lxc/cgroup.c b/src/lxc/cgroup.c
index b1c764f..9894fb7 100644
--- a/src/l
Quoting Wolfgang Bumiller (w.bumil...@proxmox.com):
> Not sure this is the right place to ask as I've narrowed it down to
> raw mount commands, but it also affects privileged unconfined
> containers when using bind-mounts to bind _mountpoints_ (not arbitrary
> subdirectories) into a container (and
Quoting Eric W. Biederman (ebied...@xmission.com):
> "Serge E. Hallyn" writes:
>
> > A common way for daemons to run with minimal privilege is to start as root,
> > perhaps setuid-root, choose a desired capability set, set PR_SET_KEEPCAPS,
> > then change uid to non-root. A simpler way to achiev
Not sure this is the right place to ask as I've narrowed it down to
raw mount commands, but it also affects privileged unconfined
containers when using bind-mounts to bind _mountpoints_ (not arbitrary
subdirectories) into a container (and I found it through some hooks
in my containers).
For some r
Update for commit c154af9
Signed-off-by: Sungbae Yoo
diff --git a/doc/ko/lxc.container.conf.sgml.in
b/doc/ko/lxc.container.conf.sgml.in
index 741003b..73b16a2 100644
--- a/doc/ko/lxc.container.conf.sgml.in
+++ b/doc/ko/lxc.container.conf.sgml.in
@@ -2138,7 +2138,22 @@ mknod errno 0