Hi all,
I'm creating a device during the prepare hook, and would like to add it to the device.allow file for the VM. The cgroup doesn't exist during the prepare hook or the start hook and will fail with an "Operation not permitted" error. I can add the expected path to qemu.conf and restart libvirtd, but this isn't very flexible since I'd have to do it for each device for each VM I create. All of the other libvirt cgroups seem to allow all devices, so I'm not seeing where the VM cgroup is getting its initial list.
Is there a way to access the cgroup for a VM before it has started? I can't even predict where it should be since it contains the domain ID.
Thanks!
I'm creating a device during the prepare hook, and would like to add it to the device.allow file for the VM. The cgroup doesn't exist during the prepare hook or the start hook and will fail with an "Operation not permitted" error. I can add the expected path to qemu.conf and restart libvirtd, but this isn't very flexible since I'd have to do it for each device for each VM I create. All of the other libvirt cgroups seem to allow all devices, so I'm not seeing where the VM cgroup is getting its initial list.
Is there a way to access the cgroup for a VM before it has started? I can't even predict where it should be since it contains the domain ID.
Thanks!