How to grant device access to unprivileged lxc container
(too old to reply)
Yasoda Padala
2018-09-25 15:13:30 UTC
Hi All,
Apologies to re-post this query as I posted this query some time back, did
not receive any response and I still could not unriddle the issue.

I need to grant device access (both block and char type) to unprivileged
lxc container
If I run lsusb inside the container, it is not enumerating any devices
though they are connected to my system.
What I found is, if the below line is added in lxc config file, lsusb is
enumerating all the devices
lxc.mount.auto = cgroup:mixed proc:mixed sys:mixed

But we want to put some restriction on that. we want to allow only some
block/char devices to container and provide read/write permission on that
device so that the app running inside the container should only see those
devices and perform I/O on it.

Please help how to achieve this.

Thanks & Regards,

Continue reading on narkive: