lxc.tty = 4
lxc.pts = 1024
lxc.rootfs = /var/lib/lxc/template/rootfs
+
+# Deny all devices, except the following
lxc.cgroup.devices.deny = a
-# /dev/null and zero
+# /dev/null
lxc.cgroup.devices.allow = c 1:3 rwm
+# /dev/zero
lxc.cgroup.devices.allow = c 1:5 rwm
-# consoles
+# /dev/console
lxc.cgroup.devices.allow = c 5:1 rwm
+# /dev/tty
lxc.cgroup.devices.allow = c 5:0 rwm
+# /dev/tty0
lxc.cgroup.devices.allow = c 4:0 rwm
+# /dev/tty1
lxc.cgroup.devices.allow = c 4:1 rwm
# /dev/{,u}random
lxc.cgroup.devices.allow = c 1:9 rwm
lxc.cgroup.devices.allow = c 1:8 rwm
+# /dev/pts/0 - /dev/pts/255
lxc.cgroup.devices.allow = c 136:* rwm
+# /dev/ptmx
lxc.cgroup.devices.allow = c 5:2 rwm
# rtc
lxc.cgroup.devices.allow = c 254:0 rwm