Hi!
I’m trying to make /dev/ppp usable by xl2tpd in a container under LXD 3.0.3.
I’ve an old wheezy container under LXD 2.0.3 with this config:
config:
raw.lxc: lxc.aa_allow_incomplete=1
security.privileged: "true"
devices:
ppp:
major: "108"
minor: "0"
path: /dev/ppp
type: unix-char
tun:
path: /dev/net/tun
type: unix-char
I’ve copied it on a new container under 3.0.3 changing what have to be changed as explained in https://discuss.linuxcontainers.org/t/lxc-2-1-has-been-released/487:
config:
raw.lxc: lxc.apparmor.allow_incomplete = 1
security.privileged: "true"
devices:
ppp:
major: "108"
minor: "0"
path: /dev/ppp
type: unix-char
tun:
path: /dev/net/tun
type: unix-char
but under new container access to /dev/ppp is denied:
root@new:~# cat /dev/ppp
cat: /dev/ppp: Permission denied
root@new:~#
in constrast on the old container where it answered with:
root@old:~# cat /dev/ppp
cat: /dev/ppp: No such device or address
root@old:~#
I’ve also tryed to add lxc.raw lxc.apparmor.profile = unconfined to new config, or add lxc.raw lxc.cgroup.devices.allow = c 108:0 rwm but nothing changed.
ppp device is attached to container:
root@new:~# grep ppp /proc/modules
ppp_async 20480 0 - Live 0xffffffffc0dd6000
crc_ccitt 16384 1 ppp_async, Live 0xffffffffc0dd1000
ppp_generic 45056 1 ppp_async, Live 0xffffffffc0dc5000
slhc 16384 1 ppp_generic, Live 0xffffffffc0dc0000
root@new:~# cat /sys/fs/cgroup/devices/devices.list
b *:* m
c *:* m
c 136:* rwm
c 1:3 rwm
c 1:5 rwm
c 1:7 rwm
c 1:8 rwm
c 1:9 rwm
c 5:0 rwm
c 5:1 rwm
c 5:2 rwm
c 10:229 rwm
c 10:200 rwm
c 108:0 rwm
root@new:~#
I’m running Debian kernel 4.19.0-0.bpo.4-amd64 #1 SMP Debian 4.19.28-2~bpo9+1 on a stretch machine. I’ve compiled LXD starting from ubuntu’s package.
Something is wrong with my config, but I’m not able to solve it so i’m asking your help.
Many thanks, Micky