<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Yes, that’s exactly what we’ve done.<div class=""><br class=""></div><div class="">Thank you.<br class=""><div class="">
<div style="color: rgb(0, 0, 0); letter-spacing: normal; orphans: auto; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: auto; word-spacing: 0px; -webkit-text-stroke-width: 0px; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class=""><div class=""><br class=""></div></div></div><div><blockquote type="cite" class=""><div class="">On 5. Jan 2018, at 23:27, Serge E. Hallyn <<a href="mailto:serge@hallyn.com" class="">serge@hallyn.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class="">Quoting Dr. Todor Dimitrov (<a href="mailto:dimitrov@technology.de" class="">dimitrov@technology.de</a>):<br class=""><blockquote type="cite" class="">Hallo,<br class=""><br class="">accessing the /dev/ttyUSB… devices from inside an unprivileged container requires that the dev nodes are configured with world-writable permissions, i.e.<br class=""><br class="">crw-rw-rw- 1 root root 188, 0 Jan 1 1970 /dev/ttyUSB0<br class=""><br class="">Is there a way to make the subordinate user (e.g. subuid 100000) be a member of a group (e.g. dialout) such that the access to the /dev/ttyUSB… devices is somewhat restricted, e.g.<br class=""><br class="">crw-rw---- 1 root dialout 188, 0 Jan 1 1970 /dev/ttyUSB0<br class=""><br class="">I guess the reverse configuration would be possible, but not very generic:<br class=""><br class="">crw-rw---- 1 root 100000 188, 0 Jan 1 1970 /dev/ttyUSB0<br class=""><br class="">Thanks in advance,<br class="">Todor<br class=""></blockquote><br class="">Would be easier to add an acl to allow 100000 access - see setfacl.<br class="">_______________________________________________<br class="">lxc-users mailing list<br class=""><a href="mailto:lxc-users@lists.linuxcontainers.org" class="">lxc-users@lists.linuxcontainers.org</a><br class="">http://lists.linuxcontainers.org/listinfo/lxc-users</div></div></blockquote></div><br class=""></div></body></html>