diff options
author | Alessandro Puccetti <alessandro@kinvolk.io> | 2016-07-21 17:39:38 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2016-07-21 17:39:38 +0200 |
commit | 31d28eabc10967daf06ae6ac4959a59556f1e7ff (patch) | |
tree | 4feaa59f1edbd20711b2ac6c68888b3517118c59 /units | |
parent | 4d07c8d386b6f025c8834d133a54cea40fd7fc6f (diff) |
nspawn: enable major=0/minor=0 devices inside the container (#3773)
https://github.com/systemd/systemd/pull/3685 introduced
/run/systemd/inaccessible/{chr,blk} to map inacessible devices,
this patch allows systemd running inside a nspawn container to create
/run/systemd/inaccessible/{chr,blk}.
Diffstat (limited to 'units')
-rw-r--r-- | units/systemd-nspawn@.service.in | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/units/systemd-nspawn@.service.in b/units/systemd-nspawn@.service.in index ea28941507..a88774a495 100644 --- a/units/systemd-nspawn@.service.in +++ b/units/systemd-nspawn@.service.in @@ -35,6 +35,8 @@ DeviceAllow=/dev/tty rwm DeviceAllow=/dev/net/tun rwm DeviceAllow=/dev/pts/ptmx rw DeviceAllow=char-pts rw +DeviceAllow=/run/systemd/inaccessible/chr rwm +DeviceAllow=/run/systemd/inaccessible/blk rwm # nspawn itself needs access to /dev/loop-control and /dev/loop, to # implement the --image= option. Add these here, too. |