Re: [libvirt] [PATCH RFC] LXC: don't RO mount /proc, /sys when user namespce enabled

-----Original Message----- From: libvir-list-bounces(a)redhat.com [mailto:libvir-list-bounces@redhat.com] On Behalf Of Chen Hanxiao Sent: Monday, December 22, 2014 11:57 AM To: libvir-list(a)redhat.com Subject: [libvirt] [PATCH RFC] LXC: don't RO mount /proc, /sys when user namespce enabled If we enabled user ns and provided a uid/gid map, we do not need to mount /proc, /sys as readonly. Leave it to kernel for protection. Signed-off-by: Chen Hanxiao <chenhanxiao(a)cn.fujitsu.com&gt; ---