Hello all, I'm trying to run Android Studio under an lxc container. The emulator in Android Studio requires /dev/kvm support. I am passing access to this device through with:
lxc.mount.entry = /dev/kvm dev/kvm none bind,create=file 0 0 And I also have: lxc.apparmor.profile = unconfined Interestingly enough on the host I can do this: # cat /dev/kvm cat: /dev/kvm: Invalid argument But on the container I get this: # cat /dev/kvm cat: /dev/kvm: Operation not permitted No doubt because this is a device file that is owned by root and the container's notion of "root" is really some other, non-zero user ID. My questions are: (1) Is it possible to grant an lxc container access to this device? (2) If so, what am I missing from the above? (3) Is it safe to do this? I know it's not 100% safe the minute I start granting access to devices. But in this case I "trust" the Android SDK to the effect that it isn't a compromised binary. I don't know if I should trust it to not damage the host while trying to do its kvm thing. Anyone have any luck with this? Thanks in advance. -M
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
