[Lxc-users] /dev/rtc

Papp Tamás tompos at martos.bme.hu
Wed Aug 11 13:43:29 UTC 2010


Daniel Lezcano wrote, On 2010. 08. 09. 0:37:
> On 08/08/2010 12:23 AM, Papp Tamas wrote:
>>    hi!
>>
>> I use the everywhere offered lxc configuration as:
>>
>> lxc.cgroup.devices.deny = a
>> # /dev/null and zero
>> lxc.cgroup.devices.allow = c 1:3 rwm
>> lxc.cgroup.devices.allow = c 1:5 rwm
>> # consoles
>> lxc.cgroup.devices.allow = c 5:1 rwm
>> lxc.cgroup.devices.allow = c 5:0 rwm
>> lxc.cgroup.devices.allow = c 4:0 rwm
>> lxc.cgroup.devices.allow = c 4:1 rwm
>> # /dev/{,u}random
>> lxc.cgroup.devices.allow = c 1:9 rwm
>> lxc.cgroup.devices.allow = c 1:8 rwm
>> # /dev/pts/* - pts namespaces are "coming soon"
>> lxc.cgroup.devices.allow = c 136:* rwm
>> lxc.cgroup.devices.allow = c 5:2 rwm
>> # rtc
>> lxc.cgroup.devices.allow = c 254:0 rwm
>>
>>
>>
>> Why does the container have write access to /dev/rtc ? Why can the
>> container set the host's time and date setup.
>>    
>
> Good point. I think it would be preferable to set it read only in the 
> /dev directory and the container configuration.
>

Well, I tried it, I set up:

lxc.cgroup.devices.allow = c 254:0 r

Now I have no /dev/rtc0. Why? Does the container need it anyway?

Thank you,

tamas




More information about the lxc-users mailing list