I'm new to lxc and cgroups. I'm trying to isolate an app, and building it's container with LXC.
So far I'm able to give it some resources such as /dev/tty0 or /dev/fb0. That's fine, however I'm struggling to find how the number of the /proc/*/ corresponding is found:
lxc.cgroup.devices.allow = c 4:0 rwm
lxc.mount.entry = /dev/tty0 dev/tty0 none bind,optional,create=file
lxc.cgroup.devices.allow = c 4:5 rwm
lxc.mount.entry = /dev/tty5 dev/tty5 none bind,optional,create=file
lxc.cgroup.devices.allow = c 29:0 rwm
lxc.mount.entry = /dev/fb0 dev/fb0 none bind,optional,create=file
It seems that for instance for fb0 the 29 comes from /proc/29 and the 0 comes from fb0. How can I determine for a given resources what are the number it shall be associated to?
Why is tty associated with 4 and frame buffer to 29?
cat /proc/devices
Gives part of the answer, however what about /dev/input/*? sdaX? Or /dev/mmcblk0X?
What is the way to know the cgroup belonging to a given resource? Any documentation or guides would be very welcome.
It seems that this is actually simpler than it seems.
If you want to share /dev/tty0 just look for minor and major numbers :
# ls -l /dev/tty5
crw--w---- 1 root tty 4, 5 Jan 1 01:37 /dev/tty5
If you want to share char device /dev/tty5 then you want to allow :
lxc.cgroup.devices.allow = c 4:5 rwm
lxc.mount.entry = /dev/tty5 dev/tty5 none bind,optional,create=file
c comes from char, 4 is the major number and 5 the minor number
If you want to share /dev/sda1 :
# ls -l /dev/sda1
brw-rw---- 1 root disk 8, 1 Jan 1 01:37 /dev/sda1
then add :
lxc.cgroup.devices.allow = b 8:1 rwm
where b comes for block device, 8 major number 1 minor number.