summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2014-10-10 11:11:25 +0200
committerLennart Poettering <lennart@poettering.net>2014-10-10 11:11:25 +0200
commit864e17068ce9acf418d42a625141884293170952 (patch)
treec5455b21b426087c0b74a652f61c55be3538d595
parent5516ae44198b5128f2afd93c7fb7973f89e2bfd9 (diff)
nspawn: actually allow access to /dev/net/tun in the container
It's not sufficient to just copy the device node over, we need to update the policy for it too.
-rw-r--r--src/nspawn/nspawn.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index da4c116f36..f04d326131 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -1558,6 +1558,7 @@ static int register_machine(pid_t pid, int local_ifindex) {
"/dev/random", "rwm",
"/dev/urandom", "rwm",
"/dev/tty", "rwm",
+ "/dev/net/tun", "rwm",
/* Allow the container
* access to ptys. However,
* do not permit the