-
由 Dan Walsh 提交于
This needs to be done before the container starts. Turning off the mknod capability is noticed by systemd, which will no longer attempt to create device nodes. This eliminates SELinux AVC messages and ugly failure messages in the journal. (cherry picked from commit 2e03b08e)
9a543041