Hi,
I was having trouble with losetup inside libvirt_lxc container. Then I
found that <mknod state="on"> will provide CAP_MKNOD capability.
Even after enabling CAP_MKNOD in my container, I was not able to do
'losetup' because cgroup's device.list for my container dont have 'rwm'
flags for loop devices ('b 7:* rwm' in
/sys/fs/cgroup/devices/machine.slice/machine-
lxc*.scope/user/*/c1.session/devices.list)
Currently I have to manually do echo "b 7:* rwm" into
/sys/fs/cgroup/devices/machine.slice/machine-lxc*.scope/device.allow
file before I login into the container in order to use loop devices. It
will be useful if we have a way to do this through domain xml rather
than manually doing it like what I'm doing now.
I looked into rng files, but I'm not able to find a way to define 'b
7:* rwm' in xml. I just want to check with the devs if this is possible
already. Otherwise I'll file one improvement bug.
I think lxc already have a way to do this through
lxc.cgroup.devices.allow
Thanks,
Mohan R
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
