From f5543df68651277042b156f19f5b3804c297f2a7 Mon Sep 17 00:00:00 2001
From: =?utf8?q?=D0=90=D0=B7=D0=B0=D0=BB=D0=B8=D1=8F=20=D0=A1=D0=BC=D0=B0?=
 =?utf8?q?=D1=80=D0=B0=D0=B3=D0=B4=D0=BE=D0=B2=D0=B0?=
 <charming.flurry@yandex.ru>
Date: Tue, 11 Oct 2022 19:35:25 +0500
Subject: [PATCH] Mount proc with the hidepid=2 option

---
 data/configs/config_base | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/data/configs/config_base b/data/configs/config_base
index f996bb4..16b4ced 100644
--- a/data/configs/config_base
+++ b/data/configs/config_base
@@ -7,7 +7,8 @@ lxc.autodev = 0
 
 lxc.cap.keep = audit_control sys_nice wake_alarm setpcap setgid setuid sys_ptrace sys_admin wake_alarm block_suspend sys_time net_admin net_raw net_bind_service kill dac_override dac_read_search fsetid mknod syslog chown sys_resource fowner ipc_lock sys_chroot
 
-lxc.mount.auto = cgroup:ro sys:ro proc
+lxc.mount.auto = cgroup:ro sys:ro 
+lxc.mount.entry = proc proc proc nodev,nosuid,noexec,hidepid=2 0 0
 
 lxc.console.path = none
 lxc.pty.max = 10
-- 
2.47.3