[lxc-users] Access /dev/mem in lxc
Peter Steele
pwsteele at gmail.com
Tue May 2 12:59:48 UTC 2017
On 04/27/2017 12:49 AM, Ganesh Sathyanarayanan wrote:
> Hi All,
>
> This is similar to a post by a John sometime in Aug-2010. He was
> trying to run Xorg in an lxc which required access to /dev/mem. Am
> trying to run a custom/proprietary application that needs the same
> (access to /dev/mem).
>
> I have a privileged container - as in I've created the container as
> root on my device and start it as root. (root is the usually only user
> on embedded devices, unlike PC)
> I have been trying to ‘expose’ the /dev/mem device to my container
> because the application I run there needs it.
> However, am unable to do so - I always end up with a “Operation not
> permitted” error when I try to open /dev/mem. The following are the
> different things I tried
> 1) lxc-cgroup.devices.allow = c 1 1 in the conf file (and doing a
> "mknod /dev/mem c 1 1" on the container)
> 2) lxc-device -n <name> -- add /dev/mem to a running container (this
> causes /dev/mem to appear in the container without having to run any
> extra commands such as mknod. But opening it still fails)
> 3) lxc.aa_profile = unconfined (along with steps 1 & 2)
>
> Please advise what I can do to make /dev/mem accessible in lxc. A
> simple test am doing prior to running my actual application, is
> something like "head /dev/mem" in the container and check that it
> displays anything (other than Operation not permitted error).
>
This is something we're interested in as well. We also are developing an
embedded device with root as the only user--everything runs in a
privileged mode. Can containers in an LXC based environment access /dev/mem?
Peter
More information about the lxc-users
mailing list