1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
network,
capability,
file,
# currently blocked by apparmor bug
mount -> /usr/lib/@DEB_HOST_MULTIARCH@/lxc/{**,},
mount fstype=devpts -> /dev/pts/,
mount options=bind /dev/pts/ptmx/ -> /dev/ptmx/,
mount fstype=debugfs,
# all umounts are under the original root's /mnt, but right now we
# can't allow those umounts after pivot_root. So allow all umounts
# right now. They'll be restricted for the container at least.
umount,
#umount /mnt/{**,},
pivot_root /usr/lib/@DEB_HOST_MULTIARCH@/lxc/,
change_profile -> lxc-*,
change_profile -> unconfined,
|