*Empty MediaWiki Message*

LXC.mw

@@ -342,3 +342,44 @@ dann ein:
 <source lang="bash">
 apt-get remove --purge udev
 </source>
+
+== Debian 8 (Jessie) HOST mit Debian 8 (Jessie) LXC und sytemd (systemd-sysv) ==
+
+LXC Container capabilities für systemd anpassen
+
+<source lang="bash">
+### LXC - jessie/systemd hacks // ###
+lxc.autodev = 1
+lxc.kmsg = 0
+
+#!# lxc.cap.drop = sys_admin
+#!# lxc.cap.drop = mknod
+#!# lxc.cap.drop = audit_control
+#!# lxc.cap.drop = audit_write
+#!# lxc.cap.drop = setfcap
+#!# lxc.cap.drop = setpcap
+#!# lxc.cap.drop = sys_resource
+#
+lxc.cap.drop = sys_module
+lxc.cap.drop = mac_admin
+lxc.cap.drop = mac_override
+lxc.cap.drop = sys_time
+lxc.cap.drop = sys_boot
+lxc.cap.drop = sys_pacct
+lxc.cap.drop = sys_rawio
+lxc.cap.drop = sys_tty_config
+
+lxc.tty=2
+lxc.pts = 1024
+#/ lxc.mount.entry = /run/systemd/journal mnt/journal none bind,ro,create=dir 0 0
+### // LXC - jessie/systemd hacks ###
+</source>
+
+udev disablen
+
+<source lang="bash">
+ln -s /dev/null /etc/systemd/system/systemd-udevd.service
+ln -s /dev/null /etc/systemd/system/systemd-udevd-control.socket
+ln -s /dev/null /etc/systemd/system/systemd-udevd-kernel.socket
+ln -s /dev/null /etc/systemd/system/proc-sys-fs-binfmt_misc.automount
+</source>