Just a nitpick on the patch comment:
+ # allow printing to stdout/stderr when inside a container + # (LP: #1667016) + /dev/pts/* rw,
This is allowing rw to /etc/pts/* in *all* cases, not just when inside a container :)
Just a nitpick on the patch comment:
+ # allow printing to stdout/stderr when inside a container
+ # (LP: #1667016)
+ /dev/pts/* rw,
This is allowing rw to /etc/pts/* in *all* cases, not just when inside a container :)