> -----Original Message----- > From: libvir-list-bounces@xxxxxxxxxx [mailto:libvir-list-bounces@xxxxxxxxxx] On > Behalf Of Chen Hanxiao > Sent: Monday, December 22, 2014 11:57 AM > To: libvir-list@xxxxxxxxxx > Subject: [PATCH RFC] LXC: don't RO mount /proc, /sys when user namespce > enabled > > If we enabled user ns and provided a uid/gid map, > we do not need to mount /proc, /sys as readonly. > Leave it to kernel for protection. > > Signed-off-by: Chen Hanxiao <chenhanxiao@xxxxxxxxxxxxxx> > --- ping -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list