From: Alessandro Astone <ales.astone@gmail.com>
Date: Wed, 14 Dec 2022 13:25:17 +0000 (+0100)
Subject: Revert "Mount proc with the hidepid=2 option"
X-Git-Tag: 1.3.4~2
X-Git-Url: https://glassweightruler.freedombox.rocks/gitweb/waydroid.git/commitdiff_plain/0ad842a015c5153880b377bf7fa5572504339df5?ds=sidebyside

Revert "Mount proc with the hidepid=2 option"

We were implicitly using proc:mixed to mount /proc/sys as read-only.
Without the automount the whole /proc was mounted as read-write which
we want to avoid.

I'm unable to replicate the proc:mixed logic with lxc.mount.entry
so revert this change until a solution is found.

This reverts commit f5543df68651277042b156f19f5b3804c297f2a7.
Fixes: #642
---

diff --git a/data/configs/config_base b/data/configs/config_base
index f36a7a9..27e070f 100644
--- a/data/configs/config_base
+++ b/data/configs/config_base
@@ -7,8 +7,7 @@ lxc.autodev = 0
 
 lxc.cap.keep = audit_control sys_nice wake_alarm setpcap setgid setuid sys_ptrace sys_admin wake_alarm block_suspend sys_time net_admin net_raw net_bind_service kill dac_override dac_read_search fsetid mknod syslog chown sys_resource fowner ipc_lock sys_chroot
 
-lxc.mount.auto = cgroup:ro sys:ro 
-lxc.mount.entry = proc proc proc nodev,nosuid,noexec,hidepid=2 0 0
+lxc.mount.auto = cgroup:ro sys:ro proc
 
 lxc.console.path = none