gistfile1.txt

# Main
lxc.network.type = veth
lxc.network.mtu = 1462
lxc.network.flags = up
lxc.network.link = br0
lxc.rootfs = /var/lib/lxc/arch/rootfs
lxc.utsname = arch
lxc.network.hwaddr = 00:03:26:a4:a7:56
lxc.arch = amd64

# Default pivot location
lxc.pivotdir = lxc_putold

# Default console settings
lxc.devttydir = lxc
lxc.tty = 4
lxc.pts = 1024

#
lxc.aa_profile = unconfined
lxc.mount.auto = proc:rw sys:rw cgroup-full:rw
lxc.autodev = 1

# Default capabilities
lxc.cap.drop = sys_module mac_admin mac_override sys_time

# Default cgroup limits
lxc.cgroup.devices.deny = a
## Allow any mknod (but not using the node)
lxc.cgroup.devices.allow = c *:* m
lxc.cgroup.devices.allow = b *:* m
## /dev/null and zero
lxc.cgroup.devices.allow = c 1:3 rwm
lxc.cgroup.devices.allow = c 1:5 rwm
## consoles
lxc.cgroup.devices.allow = c 5:0 rwm
lxc.cgroup.devices.allow = c 5:1 rwm
## /dev/{,u}random
lxc.cgroup.devices.allow = c 1:8 rwm
lxc.cgroup.devices.allow = c 1:9 rwm
## /dev/pts/*
lxc.cgroup.devices.allow = c 5:2 rwm
lxc.cgroup.devices.allow = c 136:* rwm
## rtc
lxc.cgroup.devices.allow = c 254:0 rm
## fuse
lxc.cgroup.devices.allow = c 10:229 rwm
## tun
lxc.cgroup.devices.allow = c 10:200 rwm
## full
lxc.cgroup.devices.allow = c 1:7 rwm
## hpet
lxc.cgroup.devices.allow = c 10:228 rwm
## kvm
lxc.cgroup.devices.allow = c 10:232 rwm
## To use loop devices, copy the following line to the container's
## configuration file (uncommented).
#lxc.cgroup.devices.allow = b 7:* rwm