summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2016-10-21 23:00:38 -0400
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2016-10-26 20:12:52 -0400
commit4bb30aeaf8e756b20d66e13af2eac0c5a30b01fa (patch)
treec3db36e7bbfd3b65121603464e7ce9774261bd5b
parent0809d7740c5cf988e049781b4b80e14a3bbefb70 (diff)
units: disable /dev/hugepages in private user namespaces
The mount fails, even though CAP_SYS_ADMIN is granted.
-rw-r--r--units/dev-hugepages.mount1
1 files changed, 1 insertions, 0 deletions
diff --git a/units/dev-hugepages.mount b/units/dev-hugepages.mount
index 882adb4545..489cc777e4 100644
--- a/units/dev-hugepages.mount
+++ b/units/dev-hugepages.mount
@@ -13,6 +13,7 @@ DefaultDependencies=no
Before=sysinit.target
ConditionPathExists=/sys/kernel/mm/hugepages
ConditionCapability=CAP_SYS_ADMIN
+ConditionVirtualization=!private-users
[Mount]
What=hugetlbfs