Re-enabled lxc capabilities drop
This commit is contained in:
Andrea Luzzardi
parent
f62344b750
commit
2192d3371c
1 changed files with 1 additions and 1 deletions
|
|
@ -82,7 +82,7 @@ lxc.mount.entry = /etc/resolv.conf {{$ROOTFS}}/etc/resolv.conf none bind,ro 0 0
|
|||
|
||||
|
||||
# drop linux capabilities (apply mainly to the user root in the container)
|
||||
#lxc.cap.drop = audit_control audit_write mac_admin mac_override mknod net_raw setfcap setpcap sys_admin sys_boot sys_module sys_nice sys_pacct sys_rawio sys_resource sys_time sys_tty_config
|
||||
lxc.cap.drop = audit_control audit_write mac_admin mac_override mknod net_raw setfcap setpcap sys_admin sys_boot sys_module sys_nice sys_pacct sys_rawio sys_resource sys_time sys_tty_config
|
||||
|
||||
# limits
|
||||
{{if .Config.Ram}}
|
||||
|
|
|
|||
Loading…
Reference in a new issue