[pve-devel] [RFC container 1/3] config: whitelist new apparmor related config keys

Wolfgang Bumiller w.bumiller at proxmox.com
Tue Jul 31 14:49:58 CEST 2018


Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
---
 src/PVE/LXC/Config.pm | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/PVE/LXC/Config.pm b/src/PVE/LXC/Config.pm
index f90ac3b..a2693d7 100644
--- a/src/PVE/LXC/Config.pm
+++ b/src/PVE/LXC/Config.pm
@@ -414,6 +414,8 @@ my $confdesc = {
 my $valid_lxc_conf_keys = {
     'lxc.apparmor.profile' => 1,
     'lxc.apparmor.allow_incomplete' => 1,
+    'lxc.apparmor.allow_nesting' => 1,
+    'lxc.apparmor.raw' => 1,
     'lxc.selinux.context' => 1,
     'lxc.include' => 1,
     'lxc.arch' => 1,
-- 
2.11.0




More information about the pve-devel mailing list