Changes from v2: * Fixed problems pointed out by Sukadev with permissions revoke. Now we have to perform kobject re-lookup on each char device open, just like for block ones, so I think this is OK. The /proc/devices tune is still in TODO list, as I have problems with getting majors _in_a_simple_manner_ from a map, that contains a mix of major/minor pairs in arbitrary order. The second version is here: http://openvz.org/pipermail/devel/2008-January/010160.html Changes from v1: * Added the block devices support :) It turned out to be a bit simpler than the char one (or I missed something significant); * Now we can enable/disable not just individual devices, but the whole major with all its minors (see the TODO list beyond as well); * Added the ability to restrict the read/write permissions to devices, not just visible/invisible state. The first version was here: http://openvz.org/pipermail/devel/2007-September/007647.html I still don't pay much attention to split this set well, so this will most likely won't work with git-bisect, but I think this is OK for now. I will sure split it better when I send it to Andrew. The set is prepared against the 2.6.24-rc8-mm1. To play with it - run a standard procedure: # mount -t container none /cont/devs -o devices # mkdir /cont/devs/0 # echo -n $$ > /cont/devs/0/tasks and tune device permissions. Thanks, Pavel _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers
