-
Notifications
You must be signed in to change notification settings - Fork 21
/
nspawn
executable file
·50 lines (46 loc) · 1.3 KB
/
nspawn
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
#!/bin/bash
DIRECTORY="$(readlink -f $(dirname "$0"))"
#variable 1 is path to systemd-nspawn
#variable 2 is filesystem to boot
#variable 3 is additional nspawn flags.
sudo "$1" -bD "$2" --volatile=no $3 \
--bind=/dev/shm \
--property="DeviceAllow=/dev/shm rwm" \
\
--bind=/dev/snd \
--property="DeviceAllow=/dev/snd rwm" \
\
--bind=/proc \
--bind=/dev/input \
--property="DeviceAllow=/dev/input rwm" \
\
--bind=/proc/asound \
--bind=/proc/device-tree \
\
--bind=/sys/block \
--bind=/sys/dev \
--bind=/sys/devices \
--bind=/sys/module \
--bind=/sys/firmware \
--bind=/dev/v4l \
--bind=/dev/vchiq \
--bind=/dev/vcio \
--bind=/dev/random \
--bind=/dev/urandom \
--property="DeviceAllow=/dev/vchiq rwm" \
--property="DeviceAllow=/dev/vcio rwm" \
\
--property="DeviceAllow=/dev/null rwm" \
--property="DeviceAllow=/dev/zero rwm" \
--property="DeviceAllow=/dev/full rwm" \
--property="DeviceAllow=/dev/random rwm" \
--property="DeviceAllow=/dev/urandom rwm" \
--property="DeviceAllow=/dev/net/tun rwm" \
\
--property="DeviceAllow=char-usb_device rwm" \
--property="DeviceAllow=char-input rwm" \
--property="DeviceAllow=char-alsa rwm" \
--property="DeviceAllow=char-drm rwm" \
\
--bind=/dev/loop-control \
--property="DeviceAllow=/dev/loop-control rwm" \