Device Namespaces

Eric W. Biederman ebiederm at
Wed Oct 2 22:55:51 UTC 2013

Serge Hallyn <serge.hallyn at> writes:

>> Glossing over the details.  The general problem is some policy exists
>> outside of the container that deciedes if an when a container gets a
>> serial port and stuffs it in.
>> The expectation is that system containers will then run the udev
>> rules and send the libuevent event.  
> I thought the suggestion was that udev on the host would be given
> container-specific rules, saying "plop this device into /dev/container1/"
> (with /dev/container1 being bind-mounted to $container1_rootfs/dev).

That is what I was trying to describe.  We still need something that
lets the software in the container know it needs to do something.

I may be blind but right now short of replacing the internal udev, or
modifying the kernel I don't see a solution for letting software in a
container know there is a new device it can use.

Once we get the notification issue sorted out I think we have enough to
bring up a full desktop environment in a container and be able to say we
don't need anything else from devices unless someone discovers that
checkpoint/restart actually needs minor numbers to be preserved.


More information about the Containers mailing list