I should post more often here. As soon as I do, the answer sooner or later falls into my lap. 
I finally came across the following commit: Detect and require --privileged on container start 路 rancher/rancher@b0919dd 路 GitHub
This specifically requires /dev/kmsg to exist in the Docker Host (meaning the LXC container in this situation).
An additional mount in the LXC container鈥檚 config does the job:
lxc.mount.entry = /dev/kmsg dev/kmsg none defaults,bind,create=file