lxc.tty = 4 lxc.pts = 1024 lxc.rootfs = %(rootfs)s lxc.cap.drop = sys_module mac_admin mac_override sys_time # When using LXC with apparmor, uncomment the next line to run unconfined: #lxc.aa_profile = unconfined lxc.cgroup.devices.deny = a # /dev/null and zero lxc.cgroup.devices.allow = c 1:3 rwm lxc.cgroup.devices.allow = c 1:5 rwm # consoles lxc.cgroup.devices.allow = c 5:1 rwm lxc.cgroup.devices.allow = c 5:0 rwm lxc.cgroup.devices.allow = c 4:0 rwm lxc.cgroup.devices.allow = c 4:1 rwm # /dev/{,u}random lxc.cgroup.devices.allow = c 1:9 rwm lxc.cgroup.devices.allow = c 1:8 rwm lxc.cgroup.devices.allow = c 136:* rwm lxc.cgroup.devices.allow = c 5:2 rwm # rtc lxc.cgroup.devices.allow = c 254:0 rwm # mounts point lxc.mount.entry=proc proc proc nodev,noexec,nosuid 0 0 lxc.mount.entry=devpts dev/pts devpts defaults 0 0 lxc.mount.entry=sysfs sys sysfs defaults 0 0 # customization lxc.utsname = %(hostname)s lxc.network.type = veth lxc.network.flags = up lxc.network.link = %(networkdev)s lxc.network.hwaddr = %(hwaddr)s lxc.network.ipv4 = %(ipv4network)s lxc.network.ipv4.gateway = %(ipv4gateway)s lxc.network.ipv6 = %(ipv6network)s lxc.network.ipv6.gateway = %(ipv6gateway)s