<div dir="ltr">Hello.<div><br></div><div>10 236 are the device major minor for /dev/mapper devices</div><div><br></div><div><a href="http://debian-handbook.info/browse/wheezy/advanced-administration.html">http://debian-handbook.info/browse/wheezy/advanced-administration.html</a><br>
</div><div><br></div><div>252 for disk devices i think</div><div><br></div><div><span style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:13px;background-color:rgb(230,230,230)">According to the "</span><span class="" style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:13px;background-color:rgb(230,230,230)">devices.txt</span><span style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:13px;background-color:rgb(230,230,230)">" file in /usr/src/linux/Documentation, those number fall into the range, well, here's what's in the file:</span><div style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:13px;background-color:rgb(230,230,230);margin:5px 20px 20px">
<div class="" style="font-size:11px;margin-bottom:2px">Code:</div><pre class="" dir="ltr" style="background-color:rgb(207,217,255);margin-top:0px;margin-bottom:0px;padding:3px;border:1px inset;width:897.671875px;height:98px;overflow:auto">
240-254 char LOCAL/EXPERIMENTAL USE
240-254 block LOCAL/EXPERIMENTAL USE
Allocated for local/experimental use. For devices not
assigned official numbers, these ranges should be
used in order to avoid conflicting with future assignments.</pre><pre class="" dir="ltr" style="background-color:rgb(207,217,255);margin-top:0px;margin-bottom:0px;padding:3px;border:1px inset;width:897.671875px;height:98px;overflow:auto">
<br></pre></div></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Fri, Jan 17, 2014 at 8:06 AM, Jeremiah Snapp <span dir="ltr"><<a href="mailto:jeremiah.snapp@gmail.com" target="_blank">jeremiah.snapp@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Thanks again. Is there a good place to look for an explanation of the settings you gave me before?<div class="im">
<div><br></div><div><span style="font-family:arial,sans-serif;font-size:13px">lxc.cgroup.devices.allow = c 10:236 rwm</span><br style="font-family:arial,sans-serif;font-size:13px">
<span style="font-family:arial,sans-serif;font-size:13px">lxc.cgroup.devices.allow = b 252:* rwm</span><br></div></div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Jan 16, 2014 at 2:02 PM, Serge Hallyn <span dir="ltr"><<a href="mailto:serge.hallyn@ubuntu.com" target="_blank">serge.hallyn@ubuntu.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div>Quoting Jeremiah Snapp (<a href="mailto:jeremiah.snapp@gmail.com" target="_blank">jeremiah.snapp@gmail.com</a>):<br>
> Thanks Serge! I actually just found out in IRC that further in my config I<br>
> was denying access. Once I allowed access it works fine.<br>
><br>
> Yours is the second warning I've received about using LVM in a container.<br>
> I don't know the details of the concern but can you tell me if it would<br>
> require human error to cause problems?<br>
<br>
</div>Well human error would help :) But also allowing the container to have<br>
all the privileges it needs to do lvm+mounting means that anything in<br>
the continer could mess with the host.<br>
<div><br>
> I'm not using this in production by<br>
> the way. These are throw away test containers.<br>
<br>
</div>If it's also a throw away test host, then there's nothing to worry<br>
about.<br>
<div><br>
> The app installed inside<br>
> requires an LVM volume.<br>
<br>
</div>Nothing *should* go wrong :) It's just that by having access to the<br>
host disk devices, any malware/bugs in the container can easily hose<br>
your host, replace your /sbin/init, etc.<br>
<div><div><br>
-serge<br>
_______________________________________________<br>
lxc-users mailing list<br>
<a href="mailto:lxc-users@lists.linuxcontainers.org" target="_blank">lxc-users@lists.linuxcontainers.org</a><br>
<a href="http://lists.linuxcontainers.org/listinfo/lxc-users" target="_blank">http://lists.linuxcontainers.org/listinfo/lxc-users</a><br>
</div></div></blockquote></div><br></div>
</div></div><br>_______________________________________________<br>
lxc-users mailing list<br>
<a href="mailto:lxc-users@lists.linuxcontainers.org">lxc-users@lists.linuxcontainers.org</a><br>
<a href="http://lists.linuxcontainers.org/listinfo/lxc-users" target="_blank">http://lists.linuxcontainers.org/listinfo/lxc-users</a><br></blockquote></div><br></div>