[Devel] Re: [RFC][PATCH] Devices visibility container

Pavel Emelyanov xemul at openvz.org
Tue Sep 25 01:00:07 PDT 2007


Paul Menage wrote:
> On 9/24/07, Pavel Emelyanov <xemul at openvz.org> wrote:
>>  # /bin/echo -n '+1:5' > /cont/devs/0/devices.char
>>
>> More generally, the '+<major>:<minor>' string grants access to
>> some device, and '-<major>:<minor>' disables one.
> 
> How about a more forward-compatible API:
> 
> <major>:<minor>=<permissions>[,<remapped_major>:<remapped_minor>]

I'd rather make it look like

<major>:<mino>[:<permissions>][:<map_major>:<map_minor>]

where

<permissions>:=[r-][w-] and NULL means rw

this would keep current API compatible and allow it for extension.

> This would allow you the control the access that each cgroup has to a
> given device (permissions of 0 indicates that the device isn't even
> visible, i.e. the same as your "-<major>:<minor>" operation. For now
> specifying the (optional) remapping could just fail, but at least the
> API would be defined.
> 
> Paul
> 

_______________________________________________
Containers mailing list
Containers at lists.linux-foundation.org
https://lists.linux-foundation.org/mailman/listinfo/containers




More information about the Devel mailing list