<div dir="ltr"><div dir="ltr"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div dir="ltr"><br>Hi
Andrey,<div>Thank you for your response.</div><div>As you suggested, for block devices I can mount the device into container FS and can perform read/write on it.</div><div>But I have the requirement to make char devices also (eg. HID card reader/ barcode reader) accessible to unprivileged containers.</div><div><br><div>Added the following entries in container config file</div><div><div>1. lxc.cgroup.devices.allow = c 180:* rw</div><div> lxc.mount.entry = /dev/usb/ dev/usb/ none bind,create=dir 0 0</div><div><div>2. Changed device owner to 100000 </div><div>3. changed device permission to 777.on the host</div></div><div><br></div><div>when I run lsusb (usb utility) inside the container, it is not enumerating the devices attached to the system. My knowledge on working with devices and lxc containers is very limited. I am new to linux and containerized apps development and still learning. If I am missing anything, please help.</div><div><br></div><div>Thanks in advance,</div><div>Yasoda</div><div><br></div><div dir="ltr"><br><br><div class="gmail_quote"><div dir="ltr">On Tue, Sep 11, 2018 at 5:30 PM <<a href="mailto:lxc-users-request@lists.linuxcontainers.org" target="_blank">lxc-users-request@lists.linuxcontainers.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Send lxc-users mailing list submissions to<br>
<a href="mailto:lxc-users@lists.linuxcontainers.org" target="_blank">lxc-users@lists.linuxcontainers.org</a><br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
<a href="http://lists.linuxcontainers.org/listinfo/lxc-users" rel="noreferrer" target="_blank">http://lists.linuxcontainers.org/listinfo/lxc-users</a><br>
or, via email, send a message with subject or body 'help' to<br>
<a href="mailto:lxc-users-request@lists.linuxcontainers.org" target="_blank">lxc-users-request@lists.linuxcontainers.org</a><br>
<br>
You can reach the person managing the list at<br>
<a href="mailto:lxc-users-owner@lists.linuxcontainers.org" target="_blank">lxc-users-owner@lists.linuxcontainers.org</a><br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than "Re: Contents of lxc-users digest..."<br>
Today's Topics:<br>
<br>
1. How to provide device access to lxc unprivileged containers ?<br>
(Yasoda Padala)<br>
2. Re: How to provide device access to lxc unprivileged<br>
containers ? (Andrey Repin)<br>
<br><br><br>---------- Forwarded message ----------<br>From: Yasoda Padala <<a href="mailto:padala.yasoda@gmail.com" target="_blank">padala.yasoda@gmail.com</a>><br>To: <a href="mailto:lxc-users@lists.linuxcontainers.org" target="_blank">lxc-users@lists.linuxcontainers.org</a><br>Cc: <br>Bcc: <br>Date: Tue, 11 Sep 2018 14:15:32 +0530<br>Subject: [lxc-users] How to provide device access to lxc unprivileged containers ?<br><div dir="ltr"><div dir="ltr">Hi All,<div>I have a usb attached to my ubuntu machine (16.04) and trying to access that device from unprivileged lxc container.</div><div>By access I mean, enumerate and do I/O on that device.</div><div>I have written a small program using libusb library and using that libusb executable to enumerate,read/write usb device from container</div><div>Please find attached lxc config file and libusb executable.</div><div>I have found plenty of examples in various forums but nothing worked for me.</div><div><br></div><div>Tried the following:</div><div>1. Added below entries in lxc config file</div><div><div>lxc.cgroup.devices.allow = b 8:* rwm</div><div>lxc.mount.entry = /dev/bus/usb/001/ dev/bus/usb/001/ none bind,create=dir 0 0</div><div>lxc.mount.entry = /dev/sdc /home/oxpd/.local/share/lxc/Test/rootfs/dev/sdc none bind,create=file 0 0</div><div>lxc.mount.entry = /dev/sdc1 /home/oxpd/.local/share/lxc/Test/rootfs/dev/sdc1 none bind,create=file 0 0</div></div><div><br></div><div>2. Changed device owner to 100000 </div><div>3. changed device permission to 777.on the host</div><div><br></div><div>when I run the libusb executable on host, all the attached device are listed, but the same when I run inside the container it says 0 devices are attached.</div><div>Is there any other configuration I am missing. Please help.</div><div><br></div><div>Thanks & Regards,</div><div>Yasoda</div><div><br></div></div></div>
<br><br><br>---------- Forwarded message ----------<br>From: Andrey Repin <<a href="mailto:anrdaemon@yandex.ru" target="_blank">anrdaemon@yandex.ru</a>><br>To: Yasoda Padala <<a href="mailto:lxc-users@lists.linuxcontainers.org" target="_blank">lxc-users@lists.linuxcontainers.org</a>><br>Cc: <br>Bcc: <br>Date: Tue, 11 Sep 2018 12:04:45 +0300<br>Subject: Re: [lxc-users] How to provide device access to lxc unprivileged containers ?<br>Greetings, Yasoda Padala!<br>
<br>
> Hi All,<br>
> I have a usb attached to my ubuntu machine (16.04) and trying to access<br>
> that device from unprivileged lxc container.<br>
> By access I mean, enumerate and do I/O on that device.<br>
<br>
What for? If it's a block device, just mount it into container FS.<br>
<br>
> I have written a small program using libusb library and using that libusb<br>
> executable to enumerate,read/write usb device from container<br>
> Please find attached lxc config file and libusb executable.<br>
> I have found plenty of examples in various forums but nothing worked for me.<br>
<br>
<br>
> Tried the following:<br>
> 1. Added below entries in lxc config file<br>
> lxc.cgroup.devices.allow = b 8:* rwm<br>
> lxc.mount.entry = /dev/bus/usb/001/ dev/bus/usb/001/ none bind,create=dir 0 0<br>
> lxc.mount.entry = /dev/sdc /home/oxpd/.local/share/lxc/Test/rootfs/dev/sdc none bind,create=file 0 0<br>
> lxc.mount.entry = /dev/sdc1<br>
> /home/oxpd/.local/share/lxc/Test/rootfs/dev/sdc1 none bind,create=file 0 0<br>
<br>
<br>
> 2. Changed device owner to 100000 <br>
> 3. changed device permission to 777.on the host<br>
<br>
<br>
> when I run the libusb executable on host, all the attached device are<br>
> listed, but the same when I run inside the container it says 0 devices are attached.<br>
> Is there any other configuration I am missing. Please help.<br>
<br>
<br>
-- <br>
With best regards,<br>
Andrey Repin<br>
Tuesday, September 11, 2018 12:04:14<br>
<br>
Sorry for my terrible english..._______________________________________________<br>
lxc-users mailing list<br>
<a href="mailto:lxc-users@lists.linuxcontainers.org" target="_blank">lxc-users@lists.linuxcontainers.org</a><br>
<a href="http://lists.linuxcontainers.org/listinfo/lxc-users" rel="noreferrer" target="_blank">http://lists.linuxcontainers.org/listinfo/lxc-users</a></blockquote></div></div></div></div></div></div>
</blockquote></div></div></div>