External/sysctl
1
0
Fork 0
mirror of https://github.com/k4yt3x/sysctl.git synced 2025-12-18 10:16:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Mentions kernel.yama.ptrace_scope = 3 breaks lxc v6+ procfs

Browse Source 
See <https://github.com/lxc/lxcfs/issues/636> and <https://github.com/lxc/lxcfs/issues/639>.
This commit is contained in:
Samuel FORESTIER 2024-05-02 19:01:57 +00:00 committed by GitHub
parent feeb1516bc
commit 0283efcc03
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sysctl.conf
View File

@ -42,6 +42,8 @@ kernel.kptr_restrict = 2
# - 1: only a parent process can be debugged
# - 2: only admins can use ptrace (CAP_SYS_PTRACE capability required)
# - 3: disables ptrace completely, reboot is required to re-enable ptrace
# be aware disabling ptrace completely breaks lxc v6+ procfs emulation for unprivileged containers
# (see https://github.com/lxc/lxcfs/issues/636)
kernel.yama.ptrace_scope = 3
# restrict kernel logs to root only