configuration support to allow devices into cgroup devices device.list inside libvirt_lxc container

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

I was having trouble with losetup inside libvirt_lxc container. Then I
found that <mknod state="on"> will provide CAP_MKNOD capability.

Even after enabling CAP_MKNOD in my container, I was not able to do
'losetup' because cgroup's device.list for my container dont have 'rwm'
flags for loop devices ('b 7:* rwm' in
/sys/fs/cgroup/devices/machine.slice/machine-
lxc*.scope/user/*/c1.session/devices.list)

Currently I have to manually do echo "b 7:* rwm" into
/sys/fs/cgroup/devices/machine.slice/machine-lxc*.scope/device.allow
file before I login into the container in order to use loop devices. It
will be useful if we have a way to do this through domain xml rather
than manually doing it like what I'm doing now.

I looked into rng files, but I'm not able to find a way to define 'b
7:* rwm' in xml. I just want to check with the devs if this is possible
already. Otherwise I'll file one improvement bug.

I think lxc already have a way to do this through
lxc.cgroup.devices.allow

Thanks,
Mohan R

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list



[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux