From 4bb30aeaf8e756b20d66e13af2eac0c5a30b01fa Mon Sep 17 00:00:00 2001 From: =?utf8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Fri, 21 Oct 2016 23:00:38 -0400 Subject: [PATCH] units: disable /dev/hugepages in private user namespaces The mount fails, even though CAP_SYS_ADMIN is granted. --- units/dev-hugepages.mount | 1 + 1 file changed, 1 insertion(+) diff --git a/units/dev-hugepages.mount b/units/dev-hugepages.mount index 882adb4..489cc77 100644 --- a/units/dev-hugepages.mount +++ b/units/dev-hugepages.mount @@ -13,6 +13,7 @@ DefaultDependencies=no Before=sysinit.target ConditionPathExists=/sys/kernel/mm/hugepages ConditionCapability=CAP_SYS_ADMIN +ConditionVirtualization=!private-users [Mount] What=hugetlbfs -- 2.7.4