[libvirt] [PATCH] Ensure securityfs is mounted readonly in container
Eric Blake
eblake at redhat.com
Thu Aug 8 13:05:01 UTC 2013
On 08/08/2013 05:52 AM, Daniel P. Berrange wrote:
> From: Dan Walsh <dwalsh at redhat.com>
>
> If securityfs is available on the host, we should ensure to
> mount it read-only in the container. This will avoid systemd
> trying to mount it during startup causing SELinux AVCs.
>
> Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
> ---
> src/lxc/lxc_container.c | 2 ++
> 1 file changed, 2 insertions(+)
ACK.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 621 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20130808/9b143a16/attachment-0001.sig>
More information about the libvir-list
mailing list