# /var/lib/lxc/nunatak/config ## Container lxc.utsname = nunatak lxc.rootfs = /var/lib/lxc/nunatak/rootfs lxc.arch = x86_64 #lxc.console = /var/log/lxc/nunatak.console lxc.tty = 6 lxc.pts = 1024 ## Capabilities lxc.cap.drop = mac_admin lxc.cap.drop = mac_override lxc.cap.drop = sys_admin lxc.cap.drop = sys_module ## Devices # Allow all devices #lxc.cgroup.devices.allow = a # Deny all devices lxc.cgroup.devices.deny = a # Allow to mknod all devices (but not using them) lxc.cgroup.devices.allow = c *:* m lxc.cgroup.devices.allow = b *:* m # /dev/console lxc.cgroup.devices.allow = c 5:1 rwm # /dev/fuse lxc.cgroup.devices.allow = c 10:229 rwm # /dev/null lxc.cgroup.devices.allow = c 1:3 rwm # /dev/ptmx lxc.cgroup.devices.allow = c 5:2 rwm # /dev/pts/* lxc.cgroup.devices.allow = c 136:* rwm # /dev/random lxc.cgroup.devices.allow = c 1:8 rwm # /dev/rtc lxc.cgroup.devices.allow = c 254:0 rwm # /dev/tty lxc.cgroup.devices.allow = c 5:0 rwm # /dev/urandom lxc.cgroup.devices.allow = c 1:9 rwm # /dev/zero lxc.cgroup.devices.allow = c 1:5 rwm ## Limits #lxc.cgroup.cpu.shares = 1024 #lxc.cgroup.cpuset.cpus = 0 #lxc.cgroup.memory.limit_in_bytes = 256M #lxc.cgroup.memory.memsw.limit_in_bytes = 1G ## Filesystem lxc.mount.entry = proc /var/lib/lxc/nunatak/rootfs/proc proc nodev,noexec,nosuid 0 0 lxc.mount.entry = sysfs /var/lib/lxc/nunatak/rootfs/sys sysfs defaults,ro 0 0 #lxc.mount.entry = /srv/nunatak /var/lib/lxc/nunatak/rootfs/srv/nunatak none defaults,bind 0 0 ## Network lxc.network.type = veth lxc.network.flags = up #lxc.network.hwaddr = 00:FF:00:00:00:02 lxc.network.link = br0 #lxc.network.name = eth0 lxc.network.ipv4 = 199.27.180.210/25 lxc.network.ipv4.gateway = 199.27.180.254