From c4c6270b5049d68864abb82dc6e5549e0f3ed3a9 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Elan=20Ruusam=C3=A4e?= <glen@delfi.ee>
Date: Tue, 19 Nov 2013 00:53:34 +0200
Subject: [PATCH] Allow to mknod all devices (but no access to use them)

---
 lxc-pld.in.sh | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/lxc-pld.in.sh b/lxc-pld.in.sh
index 0d985a8..30236c1 100755
--- a/lxc-pld.in.sh
+++ b/lxc-pld.in.sh
@@ -237,8 +237,15 @@ lxc.autodev = $auto_dev
 # When using LXC with apparmor, uncomment the next line to run unconfined:
 #lxc.aa_profile = unconfined
 
-#cgroups
+## Devices
+# Allow all devices
+#lxc.cgroup.devices.allow = a
+# Deny all devices
 lxc.cgroup.devices.deny = a
+# Allow to mknod all devices (but not using them)
+lxc.cgroup.devices.allow = c *:* m
+lxc.cgroup.devices.allow = b *:* m
+
 # /dev/null and zero
 lxc.cgroup.devices.allow = c 1:3 rwm
 lxc.cgroup.devices.allow = c 1:5 rwm
-- 
2.44.0