gemian-fixes/lxc-android
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix for android container being able to access its data - fixes 'Unable to open persistent property directory "/data/property"'

Browse source
This commit is contained in:
Adam Boardman 2021-01-04 15:18:11 +00:00
parent 2ff538b544
commit 571cca9b94
1 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
var/lib/lxc/android/config
View file

@ -10,7 +10,8 @@ lxc.pty.max = 1024
lxc.arch = arm64 lxc.arch = arm64
# Drop some harmful capabilities # Drop some harmful capabilities
lxc.cap.drop = mac_admin mac_override sys_time sys_module sys_rawio #lxc.cap.drop = mac_admin mac_override sys_time sys_module sys_rawio
lxc.cap.drop = mac_admin mac_override
# Blacklist some syscalls which are not safe in privileged containers # Blacklist some syscalls which are not safe in privileged containers
lxc.seccomp.profile = /usr/share/lxc/config/common.seccomp lxc.seccomp.profile = /usr/share/lxc/config/common.seccomp
@ -34,6 +35,6 @@ lxc.mount.entry = /dev/socket dev/socket bind bind,create=dir 0 0
lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0 lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
lxc.mount.entry = sys sys sysfs nodev,noexec,nosuid 0 0 lxc.mount.entry = sys sys sysfs nodev,noexec,nosuid 0 0
#lxc.mount.entry = tmp tmp tmpfs nodev,noexec,nosuid 0 0 #lxc.mount.entry = tmp tmp tmpfs nodev,noexec,nosuid 0 0
#lxc.mount.entry = /android/data data bind bind 0 0 lxc.mount.entry = /data data bind bind 0 0
lxc.mount.entry = /vendor vendor bind rbind 0 0 lxc.mount.entry = /vendor vendor bind rbind 0 0
lxc.mount.entry = /mnt mnt bind rbind 0 0 lxc.mount.entry = /mnt mnt bind rbind 0 0