So the missing part seems to be that:
Its a major permission drama!
The selinux/apparmor config seems to be the issue… OMG
Although I can see all devices in a privileged container using
lsblk ?!?, they will only show up in /dev when I configure them using e.g.
lxc config device add centos7 mydockerdisk unix-block source=/dev/sdm
lxc config device add centos7 mydockerpartition unix-block source=/dev/sdm1
centos7$ mount | grep /dev/sdm /dev/nvme0n1p1 on /dev/sdm type ext4 (rw,relatime,errors=remount-ro,data=ordered)
this is a bit confusing… but seems to work.
I can mount the disk device and create partitions.
However, this doesnt create the device nodes in the container (I suppose this is a security feature)
Those only show when I configure the devices in the config of the container!
now things start to look better.
Just dont look at the mount table as its confusing!