runtime-spec icon indicating copy to clipboard operation
runtime-spec copied to clipboard

Published 20 hours ago verified publisher icon opencontainers

config-linux: Clarify where device nodes can be created

Open c3d opened this issue 3 years ago • 3 comments
trafficstars

Clarify that device nodes need not be under /dev, but that the runtime need to be informed of all the device nodes that are used by the container.

Virtual-machine based runtimes such as Kata Containers need to be able to perform adjustment on device nodes, and cannot be required to deep-scan file-systems to do so.

The proposed wording was chosen to avoid any regression for any workload mounding nodes elsewhere, while at the same time clarifying that correct behaviour cannot be guaranteed if a device node is created on the host and used by the container without being passed in the devices list.

This fixes issue #1147.

Signed-off-by: Christophe de Dinechin [email protected]

c3d avatar May 03 '22 10:05 c3d

A relevant issue in OpenShift sandboxed containers can be found here

c3d avatar May 03 '22 10:05 c3d

@TomSweeneyRedHat If this looks good to you, could you please change the status of your review to match?

c3d avatar May 23 '22 12:05 c3d

Ping? Here is a new instance of the problem

c3d avatar Jun 29 '22 13:06 c3d