Very Nice. Will try that path and keep that in mind future forward! Thanks very much Regards
On Thu, Aug 18, 2016 at 2:48 AM, Daniel P. Berrange <berra...@redhat.com> wrote: > On Wed, Aug 17, 2016 at 12:38:10PM -0500, jsl6uy js16uy wrote: > > Hello all, hope all is well > > > > Issue: Any way to give granular mknod capabilities to a container? Only > > allow creation of specific device? > > > > bit of background > > > > Have a laptop running arch and libvirt > > loading an arch lxc container created from lxc-create > > Overall container is up and running, I use it for vpn connections > > > > Initially it would not setup of the tun device. Previously using just the > > lxc tool set, I can edit the lxc.conf config file for the container and > > allow device creation of just the tun device. > > > > In libvirt I can add capabilities for mknod, but seems to be blanket for > > any device creation within the container? Is this correct? > > If you know what device you want do you don't need to allow mknod at > all, just tell libvirt to create it for you eg > > <hostdev mode='capabilities' type='misc'> > <source> > <char>/dev/net/tun</char> > </source> > </hostdev> > > > Regards, > Daniel > -- > |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ > :| > |: http://libvirt.org -o- http://virt-manager.org > :| > |: http://autobuild.org -o- http://search.cpan.org/~danberr/ > :| > |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc > :| >
_______________________________________________ libvirt-users mailing list libvirt-users@redhat.com https://www.redhat.com/mailman/listinfo/libvirt-users
