[libvirt-users] How automatically set group.devices.allow for libvirt-lxc container after start ?
Daniel P. Berrange
berrange at redhat.com
Thu Sep 21 14:45:50 UTC 2017
On Thu, Sep 21, 2017 at 05:14:38PM +0300, mxs kolo wrote:
> p.s.
> It would be nice specify any device in the xml domain config, for example:
> <devices>
> <device type='char' maj='108' min='0' allow='rwm' name="/dev/ppp"/>
> </devices>
> At start libvirt executes mknod and then writes the necessary rights
> to cgroups device.allow.
You can do exactly that
<hostdev mode='capabilities' type='misc'>
<source>
<char>/dev/input/event3</char>
</source>
</hostdev>
or for block devs
<hostdev mode='capabilities' type='storage'>
<source>
<block>/dev/sdf1</block>
</source>
</hostdev>
See:
http://libvirt.org/formatdomain.html#elementsHostDevCaps
The device path you've listed must exist in the host's /dev for this
to work though - we don't make it possible to create devices in the
container which don't exist in the host
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
More information about the libvirt-users
mailing list