meta data for this page
This is an old revision of the document!
Device access
Search tags:
- GPU forwarding
- serial port forwarding
privileged LXCs
Only need to bind mount device node.
Example PCT config:
- 100.conf
lxc.cgroup.devices.allow = c 188:0 rwm lxc.mount.entry: /dev/ttyUSB0 dev/ttyUSB0 none bind,optional,create=file
Device major 188 is for ttyUSBx devices
unprivileged LXCs
Unprivileged LXCs has UIDs and GIDs mapped to defines subid and subgids ranges.
To get access to ttyUSB0
as dialout
group (GID=20) host needs to give permissions to access ttyUSB0
for GID=100020.
Simple but dirty method is to
chown 100000:100020 /dev/ttyUSB0
(TODO: consider using setfacl
)
Another method mentioned in Setup deCONZ on unprivileged Proxmox container
is to do not touch /dev/ttyUSB0
but create another device node with the same device major:minor. Then change owner of new device node and use it to bind mount into container.
References
- Zigbee2MQTT automated LXC setup scripts (privileged containers):