-
由 Daniel P. Berrange 提交于
A container should not be allowed to modify stuff in /sys or /proc/sys so make them readonly. Make /selinux readonly so that containers think that selinux is disabled. Honour the readonly flag when mounting container filesystems from the guest XML config * src/lxc/lxc_container.c: Support readonly mounts
b3ad9b9b