newspaint

Documenting Problems That Were Difficult To Find The Answer To

How Can I Access a Block Device Such as CDROM In LXC?

1 Comment Posted by on 2015-03-29

In Ubuntu Trusty Tahr 14.04.2 LTS I created a default LXC container:

lxc-create -t ubuntu -n cdlxc -- -r trusty

I wanted to be able to access my CDROM device /dev/cdrom from my container. I gleaned what I needed from this (https://wiki.archlinux.org/index.php/Linux_Containers#Cgroups_device_configuration) link.

First I needed to find out what the major and minor version numbers were of the block device I wanted to access:

# ls -al /dev/cdrom
lrwxrwxrwx 1 root root 3 Mar 29 12:32 /dev/cdrom -> sr0
# ls -al /dev/sr0
brw-rw---- 1 root cdrom 11, 0 Mar 29 12:32 /dev/sr0

Note that my CDROM device here appears to be /dev/sr0 and that the first character of the directory attributes is b indicating a block device. Next see the numbers after the user and group – 11, 0 – these are the major and minor version numbers of the device.

With this in mind I need to alter my container’s config file. So I opened up /var/lib/lxc/cdlxc/config and added the lines:

# devices - set profile to allow mounting block devices (constrained by default)
lxc.aa_profile = lxc-container-default-with-mounting

# lxc.cgroup.devices.allow = typeofdevice majornumber:minornumber rwm
lxc.cgroup.devices.allow = b 11:* rwm

The lxc.aa_profile setting controls generally what your container can get away with. If you want to be able to directly access block devices you have to give it a less strict profile than is the default.

The lxc.cgroup.devices.allow controls what devices you may access from your container. In this case I want to allow it access to block devices with major number 11 and a minor number of anything (but I could have set it to zero to match my CDROM device from above only). Major number 11 is allocated to SCSI CD-ROM devices – the minor number indicates which CDROM device.

Finally I started my container. Then inside my container, as root, I issued the command:

# mknod -m 666 /dev/cdrom b 11 0

… noting the major and minor numbers of the block device from earlier (11 0). Now I could access my CDROM drive:

# cdparanoia -vsQ
cdparanoia III release 10.2 (September 11, 2008)

Using cdda library version: 10.2
Using paranoia library version: 10.2
Checking /dev/cdrom for cdrom...
        Testing /dev/cdrom for SCSI/MMC interface
                SG_IO device: /dev/cdrom

CDROM model sensed sensed: HL-DT-ST DVDRAM GTA0N LC00

Checking for SCSI emulation...
        Drive is ATAPI (using SG_IO host adaptor emulation)

Checking for MMC style command set...
        Drive is MMC style
004: Unable to read table of contents header

Unable to open disc.  Is there an audio CD in the drive?

Success!

Linux, SysAdmin, Technology

1 responses to “How Can I Access a Block Device Such as CDROM In LXC?

  1. Anri 2016-11-16 at 09:17:46

    add cdrom device to LXD container:

    # lxc config device add cdrom unix-block path=/dev/sr0
    Reply

Leave a comment