Dear Michael and the Debian maintainers of LXC, I suggest to close this issue #944389. The reason is that
Addition of lxc.cgroup.devices.allow = lxc.cgroup.devices.deny = lxc.init.cmd = /lib/systemd/systemd systemd.unified_cgroup_hierarchy=1 to a container config allows normal start-up of an LXC container when /sbin/init is a recent version of systemd, and only lxc.cgroup.devices.deny = lxc.cgroup.devices.allow = are sufficient when /sbin/init is not systemd, for the latest Debian LXC package 3.1.0+really3.0.4-2 made on August 2019 running on a Debian Bullseye booted with systemd.unified_cgroup_hierarchy=1 This #944389 seems a documentation issue that should be fixed at https://wiki.debian.org/LXC or README.Debian and does not seems an issue in the Debian package or the upstream (except possible update to README.Debian). Best regards, Ryutaroh Matsumoto
