On Di, 21.08.18 09:57, Umut Tezduyar Lindskog (umut@xxxxxxxxxxxx) wrote: > Hi, > > I am turning on PrivateDevices and as a result getting a minimal /dev > tree for my service. Then I would like to add some selected devices > with DevicePolicy=auto & DeviceAllow=/dev/cam0. As a result, I don't > see the device /dev/cam0 in the /dev tree and since the mount space is > RO, I cannot create the device node either. However, the device cgroup > has the right permissions. > > Could you please explain if this is the expected behaviour? Yupp it is. Hmm, you should be able to make this work by using BindPaths=/dev/cam0 however. IIRC we will apply this before making /dev read-only, and thus should make the device available in your /dev instance. Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: PrivateDevices= together with DevicePolicy=
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: PrivateDevices= together with DevicePolicy=
- From: Lennart Poettering <lennart@xxxxxxxxxxxxxx>
- Date: Mon, 10 Sep 2018 21:57:27 +0200
- Cc: Systemd <systemd-devel@xxxxxxxxxxxxxxxxxxxxx>
- In-reply-to: <CAFKnvs54chS=p3UbiXp=0NYJM3iBzgcrTntnpUByEdyanFbMkw@mail.gmail.com>
- References: <CAFKnvs54chS=p3UbiXp=0NYJM3iBzgcrTntnpUByEdyanFbMkw@mail.gmail.com>
- References:
- PrivateDevices= together with DevicePolicy=
- From: Umut Tezduyar Lindskog
- PrivateDevices= together with DevicePolicy=
- Prev by Date: Re: Long Running Startup Dependency
- Next by Date: Re: Touch enabled application not working
- Previous by thread: PrivateDevices= together with DevicePolicy=
- Next by thread: Returning a struct from an sd-bus method
- Index(es):
 |