]> xenbits.xensource.com Git - libvirt.git/commit
projects / libvirt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6d37888) | patch
Honour filesystem readonly flag & make special FS readonly
authorDaniel P. Berrange <berrange@redhat.com>
Fri, 22 Jul 2011 12:08:20 +0000 (13:08 +0100)
committerDaniel P. Berrange <berrange@redhat.com>
Fri, 22 Jul 2011 14:31:11 +0000 (15:31 +0100)
commitb3ad9b9b80004274088d3ec3057a53d141054c43
tree72ca45b9e779c7dd3b873675a2e77bc3069fb118tree
parent6d37888e6a35a37e6faf7c0a1b1b4d9a5dee1285commit | diff
Honour filesystem readonly flag & make special FS readonly

A container should not be allowed to modify stuff in /sys
or /proc/sys so make them readonly. Make /selinux readonly
so that containers think that selinux is disabled.

Honour the readonly flag when mounting container filesystems
from the guest XML config

* src/lxc/lxc_container.c: Support readonly mounts
src/lxc/lxc_container.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.