[Lxc-users] /dev/rtc
Daniel Lezcano
daniel.lezcano at free.fr
Sun Aug 8 22:37:56 UTC 2010
On 08/08/2010 12:23 AM, Papp Tamas wrote:
> hi!
>
> I use the everywhere offered lxc configuration as:
>
> lxc.cgroup.devices.deny = a
> # /dev/null and zero
> lxc.cgroup.devices.allow = c 1:3 rwm
> lxc.cgroup.devices.allow = c 1:5 rwm
> # consoles
> lxc.cgroup.devices.allow = c 5:1 rwm
> lxc.cgroup.devices.allow = c 5:0 rwm
> lxc.cgroup.devices.allow = c 4:0 rwm
> lxc.cgroup.devices.allow = c 4:1 rwm
> # /dev/{,u}random
> lxc.cgroup.devices.allow = c 1:9 rwm
> lxc.cgroup.devices.allow = c 1:8 rwm
> # /dev/pts/* - pts namespaces are "coming soon"
> lxc.cgroup.devices.allow = c 136:* rwm
> lxc.cgroup.devices.allow = c 5:2 rwm
> # rtc
> lxc.cgroup.devices.allow = c 254:0 rwm
>
>
>
> Why does the container have write access to /dev/rtc ? Why can the
> container set the host's time and date setup.
>
Good point. I think it would be preferable to set it read only in the
/dev directory and the container configuration.
More information about the lxc-users
mailing list