1 files changed, 33 insertions, 0 deletions

diff --git a/main/lxc/0001-lxc-alpine-allow-dev-full.patch b/main/lxc/0001-lxc-alpine-allow-dev-full.patch
new file mode 100644
index 0000000000..5abbf22e6b
--- /dev/null
+++ b/main/lxc/0001-lxc-alpine-allow-dev-full.patch
@@ -0,0 +1,33 @@
+From 6bd3f98c469f311f6afbffbb3586efddae3c4eb4 Mon Sep 17 00:00:00 2001
+From: Natanael Copa <ncopa@alpinelinux.org>
+Date: Tue, 22 Oct 2013 13:23:31 +0200
+Subject: [PATCH] lxc-alpine: allow /dev/full
+
+The template creates /dev/full for the container but needs also give
+permission to access it.
+
+Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
+Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
+---
+ templates/lxc-alpine.in | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/templates/lxc-alpine.in b/templates/lxc-alpine.in
+index 5fdf36f..8600a34 100644
+--- a/templates/lxc-alpine.in
++++ b/templates/lxc-alpine.in
+@@ -197,9 +197,10 @@ lxc.cap.drop = sys_module mac_admin mac_override sys_time
+ 
+ # devices
+ lxc.cgroup.devices.deny = a
+-# /dev/null and zero
++# /dev/null, zero and full
+ lxc.cgroup.devices.allow = c 1:3 rwm
+ lxc.cgroup.devices.allow = c 1:5 rwm
++lxc.cgroup.devices.allow = c 1:7 rwm
+ # consoles
+ lxc.cgroup.devices.allow = c 5:1 rwm
+ lxc.cgroup.devices.allow = c 5:0 rwm
+-- 
+1.8.4.1
+