2 mount -t sysfs -o "nodev,noexec,nosuid" sysfs /sys
3 mount -t proc -o "nodev,noexec,nosuid" proc /proc
6 mount -t devpts -o "rw,noexec,nosuid,gid=5,mode=0620" devpts /dev/pts || true
7 mount -t tmpfs -o "rw,noexec,nosuid,size=10%,mode=0755" tmpfs /run
8 mount -t tmpfs -o "rw,noexec,nosuid,size=10%,mode=0755" tmpfs /tmp
9 mount -t hugetlbfs -o "rw,relatime,pagesize=2M" hugetlbfs /dev/hugepages