Bludov Ivan (CM/ESO6)
2017-04-18 07:37:08 UTC
I need to provide device hot-plug for unprivileged container. I tried to use several approaches and I got some issues with different approaches. Can you make an advice about the right approach to do this?
1. "lxc-device add" + "lxc.cgroup.devices.allow = a *:* rwm" :
I can see the device inside the container (/dev/), but I can't access it at all.
2. "mount --bind" :
This doesn't work for container's /dev directory (even from /proc/(continer's PID)/rootfs/dev ). I would assume devtmpfs blocks mount events to folder /(container's rfs)/dev/.
But "mount -bind /(container's rfs)/dev-extra/" works.
3. "mknode /proc/(continer's PID)/rootfs/dev" :
The same as previous.
Can you please tell is the right approach I should follow?
Mit freundlichen Grüßen / Best regards
Engineering SW Operating Systems (CM/ESO6)
Tel. +49(5121)49-3129 | Fax +49(711)811-5053129 | ***@de.bosch.com<mailto:***@de.bosch.com>