LXC version:3.2.1
1. First show my config:
# CGroup whitelist
lxc.cgroup.devices.deny = a
## Allow any mknod (but not reading/writing the node)
lxc.cgroup.devices.allow = c *:* m
lxc.cgroup.devices.allow = b *:* m
I have not give allow to device “c 248:2 rwm” --> /dev/ttyO2
2. Then I create and start my container named test2
3. after container running I add /dev/ttyO2 to test2
# lxc-device -n test2 add /dev/ttyO2
4.test2 should not allow to open /dev/ttyO2,but it can be open
5. Then i del /dev/ttyO2 to test2 from test2
# lxc-device -n test2 del /dev/ttyO2
6. Then add it again
# lxc-device -n test2 add /dev/ttyO2