Quoting Christoph Mathys ([email protected]): > On 13.05.2015 17:24, Serge Hallyn wrote: > >Quoting Christoph Mathys ([email protected]): > >>device node has a dynamic major number and the number of devices > >>depends on the hosts configuration. When the container is started, I > >>want to create the device nodes inside the container by inspecting the > >>device nodes on the host. > >> > >> ... > >> > >>How can I create device nodes and whitlelist them automatically at > >>container startup time? I use lxc 1.0.7 on Ubuntu trusty. > >> > >>Thanks, > >>Christoph > > > >lxc-cgroup tries to change it for a running container only. You > >want to edit /var/lib/lxc/$LXC_NAME/config and add > > > >lxc.cgroup.devices.allow = c 189:* rwm
Note you should also be able to use the lxc-device command: lxc-device -n container add /dev/whatever to do a few steps at once. > > Thanks for your reply. My device nodes major number will be > somewhere in the range 240-254 (sorry, bad example), the exact > number is determined by the kernel when the module gets loaded. So I > need to whitelist all of those. > > So, if I've got everything right, my two options to allow access to > devices are: > - Statically in the containers config file > - Dynamically once the container is RUNNING (e.g. *not* from hooks) Yeah, pretty sure. Adding a --persist option to lxc-device may be a good idea, paches welcome :) _______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
